In my Ionic 4 Angular project I get the following error when requesting a json file from a server in my iOS simulator.
XMLHttpRequest cannot load https://myServer.com/api due to access control checks.
cordova.js:1540
Failed to load resource: Origin ionic://localhost is not allowed by Access-Control-Allow-Origin.
In the Chrome Browser with Access-Controls-origin plugin I do not get the error. How can I fix this issue?
You need to add ("Access-Control-Allow-Origin", '*') header at the requested resource.
Follow this link - 3 Ways to Fix the CORS Error — and How the Access-Control-Allow-Origin Header Works. The first option (install the moesif CORS extension) worked for me.
CORS errors are common in web apps when a cross-origin request is made but the server doesn't return the required headers in the response (is not CORS-enabled). It only happens when you're running the app from your localhost for testing purposes.
Related
during pentesting SOME site I have faced with file upload errors. It is 403 error Forbidden but the most interesting thing lies in the fact it is happening ONLY when I use burp proxy.
When I am uploading passport/id document as a usual way(withou Burp Suite) - No error. 200 OK.
When I am uploading with Burp Suite - 403 Error.
P.S.: Other site functionality/APIs work properly when I use Burp Suite
I have no idea why this 403 error occurs. Is this a bug or a kind of "protection"?
Then you don't have the authorization to set up a proxy in your OS.
I guess you are using your corporate laptop. Try to change you network settings in your browser. If they are grey out then your organization has blocked that for you ( Bgroup rules).
I faced the same issue exactly and this was the problem.
Hope that helps.
I'm trying to implement Huawei Analytics Kit in the app, but unfortunately I faced with a problem, when in debug mode my custom event's are not displaying on the web in App debugging. In logs I can see the following error, that is saying that I have no network or no Internet permission which is NOT true in my case.
W/HiAnalyticsSDK: HttpClient=> When Response Content From Connection inputStream operation exception! 401
W/HiAnalyticsSDK: StreamUtil=> closeQuietly(): Exception when connHttp.getInputStream()!,There may be no network, or no INTERNET permission
I/HiAnalyticsSDK: ReportInstance=> response code : 401
I/HiAnalyticsSDK: SendTask=> events PostRequest sendevent TYPE : oper, TAG : _openness_config_tag, resultCode: 401 ,reqID:530a86a50e7643cb83ec1328b5332fbf
I/HiAnalyticsSDK: SendTask=> is debug mode
Could you suggest me please the source of this kind of problem, because I've already made a full research of documentation and didn't find the solution of this problem. Thanks.
Would you mind provide some further info for further check?
-The version number for Huawei Analytics SDK
-Data storage area selected when analysis service is enabled
-A complete Huawei Analytics SDK log, from initialization to error occured
Error code 401 means unauthorized access or invalid login credential. Please make sure that you have include your agconnect-services.json in your app directory, enable and configure Analytics API correctly in your developer console.
You can refer to this FAQ - https://developer.huawei.com/consumer/en/doc/development/HMSCore-Guides-V5/environment-faq-0000001050162062-V5.
Please go over this doc and make sure that you don’t miss any step - https://developer.huawei.com/consumer/en/doc/development/HMSCore-Guides-V5/android-dev-process-0000001050163813-V5.
This seems to be on a very new topic because the "stitch" or "mongodb-stitch" tags do not exist yet.
I have a mongodb altas cluster on cloud.mongodb.com. The page https://docs.mongodb.com/stitch/auth/email-auth/ only teaches how to do things with JS but I don't have server side JS on hand. Instead I tried to figure out how to do things with the StitchClient on the Android API.
I was able to register an email/password pair using StitchClient.register(email,pwd) and got an email from no-reply+stitch#mongodb.com with the token/tokenId. I copied them and used StitchClient.emailConfirm(token, tokenId) but failed. The error was:
Unexpected response code 404 for https://stitch.mongodb.com/api/client/v1.0/app/APP-ID/auth/local/userpass/confirm
which sounds strange! I opened a browser and paste that in the URL and got 404 too. I even did
curl --data "token=432...345&tokenId=435..334" https://stitch.mongodb.com/api/client/v1.0/app/APP-ID/auth/local/userpass/confirm
and still got 404.
Is this a bug or an outage of the stitch.mongodb.com server?
Inside our company's VPN I can call the web service (which is a REST service) fine, on FF and Chrome. I need to connect to it from Angular 2 though. Now, I tried to call the REST service(which is inside VPN) from Angular 2, in several ways, and I am always getting the message about CORS("No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:4200' is therefore not allowed access. The response had HTTP status code 401." in Chrome and "Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://webwassvc-test.servizi.gr-u.it/essigEAIM/rest/monitoring/integrations/all?pag=1. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing)." in Firefox). I tried setting the about:config:security.fileuri.strict_origin_policy to false, and it didn't help. The sysadmin on the REST server end told me he opened the server for CORS (cross domain) calls, so I think the problem is on my end, but I don't know what can it be. Any advice, please?
UPDATE: I can access the REST service and get the data from it, through PHP as middleware (localhost/angular2_site/file.php), but not from angular directly (localhost:4200).
Another option it's to manage it with a proxy or load balancer.
If you are developing with anuglar-cli you can use the Proxy To Backend support of the angular-cli. --proxy-config
from the angular-cli readme:
Say we have a api server running on http://localhost:3000/api and we want
all calls to http://localhost:4200/api to go to that server.
We create a file next to projects package.json called proxy.conf.json
with the content
{
"/api": {
"target": "http://localhost:3000",
"secure": false
}
}
You can read more about what options are available here
webpack-dev-server proxy settings
and then we edit the package.json file's start script to be
"start": "ng serve --proxy-config proxy.conf.json", now run it with
npm start
So at the end you can call your services as:
getUsers() : Observable<any>{
return this.http.get('/api/users').map(res => res.json());
}
I'm trying to get the latest version of an artifact.
going to http://archiva:8080/restServices shows me the Available RESTful services: clicking on http://archiva:8080/restServices/archivaServices?_wadl leads to an empty(all white) page fore me. Opening the Development tools in my browser I get this output in the javascript-console
Failed to load resource: the server responded with a status of 404 (Not Found)
and
GET http://archiva:8080/restServices/archivaServices?_wadl 404 (Not Found)
I also read here that there should be a application.wadl but for me there isn't!
I use the latest(2.2.1) Standalone version from here
the request for a certain artifact looks like that
http://archiva:8080/restServices/archivaServices/searchService/artifact?g=eu.test&a=test&v=LATEST
Maybe you miss the contextPath in the url. For example, if you want to access the ping service. The url could be:
http://localhost:8080/archiva/restServices/archivaServices/pingService/ping.
Please notice that maybe you will get 403 due to by default archiva does not allow csrf access.
The configruation detail is: http://archiva.apache.org/docs/2.2.3/adminguide/customising-security.html