i'm saving the remote audio files on google cloud storage.
i want to play these files in freeswitch.
when i use:
mediaLink = "http://storage.googleapis.com/myBucket/file.wav";
session:streamFile(mediaLink);
it works great.
But when i use signed urls
mediaLink = "http://storage.googleapis.com/myBucket/file.wav?GoogleAccessId=xxx-xxx#developer.gserviceaccount.com&Expires=1408903962590&Signature=xxb%2Fx%2FDfGJlrUuz0%2F6kA6ormmReW6oN%2F0xxy3%2BwWxXc%3D";
session:streamFile(mediaLink);
i get this error:
2014-08-24 20:42:48.770818 [ERR] mod_httapi.c:2696 File at url [http://storage.googleapis.com/myBucket/file.wav?GoogleAccessId=xxx-xxx#developer.gserviceaccount.com&Expires=1408903962590&Signature=xxb%2Fx%2FDfGJlrUuz0%2F6kA6ormmReW6oN%2F0xxy3%2BwWxXc%3D] is unreachable!
Thanks,
Snabel
Was able to get this to work with playback from mod_dptools and mod_shout (for mp3 support) on FreeSWITCH 1.10. The Google Storage signing algorithm is also at V4 at the moment.
Testing workflow:
$ gsutil signurl -r us service-account.json gs://the-bucket/a-song.mp3
URL
gs://the-bucket/a-song.mp3
HTTP Method
GET
Expiration
2019-08-24 19:03:02
Signed URL
https://storage.googleapis.com/the-bucket/a-song.mp3?x-goog-signature=a4d1dc28eeebfcdfd09f00cbc1bbe605590df3773fd473a9bcc961928bd0a64bc9ea6367a7c2de98cb5f397529bd82f455651b1d04fc1650c97587fb3c298ab49ee6dfc9092068a09612b30b9707595af4705d904e8a63b8fd3e4fcf3eb6767635d2ffb77f036b58e2cae39c7ac571bd520ef5e49435599b6f9871d1bbd43d4e1329a1af1274c15ff63731f058c61cdc693e4c5d85cbeca8b3c5886a9f1d86bfa196ea89300bccd103c66c4dec0000caa80cee5f5cbd748312dc1288c33800750313e9534bfbd8ecbd23bec31fa7c97dd0fcc1581c3353fa38e09c1e888fd8c07766059e63e14579fa44d25a57231ab4504265217c8a8225bdd68983bf6570dd&x-goog-algorithm=GOOG4-RSA-SHA256&x-goog-credential=name-of-the-service-account%2F20190824%2Fus%2Fstorage%2Fgoog4_request&x-goog-date=20190824T183009Z&x-goog-expires=3600&x-goog-signedheaders=host
Using playback with the FreeSWITCH Lua API's IVRMenu (examples) (here's the full application code):
-- signed URL above stripped of the URL scheme
local signed_url_without_url_scheme = "storage.googleapis..."
i.unregistered_main:bindAction(
"menu-exec-app",
"playback shout://" .. signed_url_without_url_scheme,
"3"
)
I had no luck with streamFile, but not because of the signed URLs, but because I couldn't even get it to work. The documentation is very spotty, and certain sections even contradict each other (compare mod_shout and session:streamFile for example).
Related
I installed latest voximal stack.
Calls are working.
I setup recognition to use Google Cloud Streaming for STT pasting the JSON credentials into browser, the credentials file created at /usr/share/voximal.
But when I try to test parrot.vxml with a call it fail to create the google_streaming resource and drop the call.
Any clues?
Please enable the logs (interpreter debug) and check the /var/log/voximal/debig.log...
You probably see in the root cause there.
I am trying the simplest example I can, pulled directly from their website. Here is my entire html file, with code taken exactly from https://peerjs.com/index.html:
<script src="https://unpkg.com/peerjs#1.3.1/dist/peerjs.min.js"></script>
<script>
var peer = new Peer();
var conn = peer.connect('another-peers-id');
// on open will be launch when you successfully connect to PeerServer
conn.on('open', function(){
// here you have conn.id
conn.send('hi!');
});
</script>
In Chrome and Edge I get this in the console:
peerjs.min.js:64 GET https://0.peerjs.com/peerjs/id?ts=15956160926060.016464029424720694 net::ERR_CONNECTION_REFUSED
In Firefox I get this:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://0.peerjs.com/peerjs/id?ts=15956162489620.8436734374800061. (Reason: CORS request did not succeed).
What am I doing wrong?
#reyad has requested "a full trace of requests and responses". Here's what I see in my network tab in Firefox:
And here's Chrome:
And a tiny bit more Chrome:
[Note: It would have been better if you could provide a full trace of requests and responses. This problem may occur for several reasons. I'll state two solutions. So, try those. If those doesn't work, provide full trace of requests and responses.]
1. First Solution:
Sometimes, this type of error occurs because of self-signed certificate. To solve this problem, open developer tools/options, then go to network tab. You'll see a list of requests. Select the request which was failed because of CORS(i.e. which gave you this Reason: CORS request did not succeed). Open it(i.e. click it). If your problem is related to cert you'll see the following error message:
AN ERROR OCCURED: SEC_ERROR_INADEQUATE_KEY_USAGE
To solve this problem, go to url that is the reason of this problem and accept the certificate manually.
2. Second solution:
Check the request(which is the reason of CORS) in the network tab of developers tools/options(same as described in 1. First Solution). You'll find a Transferred column. See, what's written in the Transferred column of the failed request. If it is written Blocked By Some Ad-Blocker, then disable the Ad-Blocker. Your request will work fine.
[P.S.]: These solutions are proposed on assumptions. Hope these works. If these two do not work, then please provide more info about requests and responses. And also check this.
3. Third and final solution:
[Note: This solution may not solve your problem directly, but it'll give you alternative solution and also insight about what your problem is and how to work around it]
Before reading the solution below, read this to understand how Access-Control-Allow-Origin works(it is the reason for CORS error).
Let me first explain how peerjs works:
PEERJS works based on PEER ID. So, you've to get some PEER ID either from the PEERJS CLOUD SERVER or you've to provide yourself one in the PEER CONSTRUCTOR i.e. new Peer("some-peer-id"). Peer id has to be unique, cause its necessary to detect all the users uniquely. And, peerjs uses this PEER ID to send and receive data from user to user.
Now, you should know that, you're using PEERJS CLOUD SERVER to get/generate unique peer id which is the default server PEERJS uses unless you specified some other server to use.
Now let me explain why you're facing this problem:
As you already know how CORS works, you may have already guessed, that https://unpkg.com/peerjs#1.3.1/dist/peerjs.min.js(the downloaded js file) is calling https://0.peerjs.com to retrieve/generate new unique PEER ID. But, this request by https://your.website.com does not have Access-Control-Allow-Origin access for some reason, it may also be a middleware problem. So, its difficult to tell where the problem is actually occuring. But one thing for sure, it's not your fault of writing code :D.
I hope all the concepts is clear to you I've stated above.
Now, to solutions:
Alternative-appraoch-1 (Using PEERJS CLOUD SERVER AND Your own provided id):
In this approach you've to generate your own unique PEER ID. So, "https://your.website.com" does not have to call "https://0.peerjs.com" for unique peer id. [Note: make your peer id large enough so that its always unique, at least 64 chars long]
In this way, you can avoid the CORS problem.
Update:
I just saw an new issue in github, which says the public peerjs cloud server is now unstable or does not work properly. It just gives error like: Firefox cannot establish a connection with the server at the address wss://0.peerjs.com/peerjs?key=peerjs&id=123222589562487856955685485555&token=ocyxworx62i and in Chrome: Error in connection establishment: net::ERR_CONNECTION_REFUSED. For details check here. So, its better, you use your own server(see the next approach).
Alternative-appraoch-2 (Using your own peerjs server):
You can host your own peerjs server instead of PEERJS CLOUD SERVER. In this way, you can allow access to anyone/any website you want. If you want know how to host a peerjs server, you may visit here.
[P.S.]: I have studied pearjs issues in github. After reading all those issues, it seems, it is better to use your own server rather than using pearjs cloud. There are a lot of various problems with each new release of peerjs. And mostly related with connection with peerjs cloud and also peerjs cloud is not stable I guess. They were hosting it in 0.peerjs.com:9000 before(not secure). But now in 0.peerjs.com:443.
I haven't use peerjs before nor set up peerjs server. If you want to set up one, I hope the community would be able help you on how to do that properly.
What I understand from your question is that there is an issue of (CORS => Cross-origin resource sharing ), Maybe what I am suggesting is not very intuitive.
First : download the "https://unpkg.com/peerjs#1.3.1/dist/peerjs.min.js" in your local directory . and then incklude the local javascript code to the html.
like: <script src="./peerjs.min.js"></script>
Second :
you are using var peer = new Peer();
but please provide an extra unique id from your side. for example, I just created a random id and provided it.
StackOverflow link: https://stackoverflow.com/questions/21216758/peerjs-set-your-own-peerid#:~:text=1%20Answer&text=Provide%20a%20peer%20id%20when,to%20under%20Create%20a%20peer.
var a_random_id = Math.random().toString(36).replace(/[^a-z]+/g, '').substr(2, 10);
var peer = new Peer(a_random_id, {key: 'myapikey'});
Third : the best option is to run PeerServer: A server for PeerJS of your own.
If you don't want to develop anything, just enter a few commands below.
Install the package globally:
$ npm install peer -g
Run the server:
$ peerjs --port 9000 --key peerjs --path /myapp
Started PeerServer on ::, port: 9000, path: /myapp (v. 0.3.2)
Check it: http://127.0.0.1:9000/myapp It should return JSON with name, description, and website fields.
details:https://github.com/peers/peerjs-server
I have online/offline project.
I need to download wav/ogg/mp3 file from Application.persistentDataPath on WebGL platform.
I tried www/webrequest.
For example - WWW("file://" + Application.persistentDataPath + filePath);
But always get error: Failed to load: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-extension, https.
Could you help me?
P.S. From remote server works fine.
You can not load local files in a browser as it's a security risk. If you could then a webpage could read your hard drive and steal all your files.
If you're just testing you can run a local server.
If you want to let the user supply a file you can let them choose a file
I set up an application with the Intuit Customer Account Data API and am running a Rails app using Aggcat gem (https://github.com/cloocher/aggcat). I had to replace my certificate and followed the instructions for OpenSSL found here. Under My Apps I uploaded the new public certificate and changed the settings on Aggcat to use the new private key file generated with it.
I can run client.scope(1) but when I try to run anything else (such as client.institutions) I get a bad request error (400). Any ideas what the problem could be? I've tried re-generating the certificate multiple times and no luck.
According IPP's site,
400 - Bad Request represents - If the URL or variables are not in the correct format this error will display.
Ref - https://developer.intuit.com/docs/0020_customeraccountdata/customer_account_data_api/0700_error_codes
I've not tried CAD calls using ruby but I use the sample JAVA app(IPP).
You can run the sample java app ( by configuring the devkit logger in debug mode) and capture the raw request/response and URL(and parameters) and compare the same which you're getting in your ruby example. That might help you to debug these issues.
Otherwise, you can also try the other two ruby examples which are available here-
https://developer.intuit.com/docs/0020_customeraccountdata/devkits
https://github.com/cheqbook/intuit_ids_aggcat
https://github.com/rewardsummit/intuit_ids_aggcat
Thanks
I have a link on my website to the standard publish page generated by Visual Studio. My concern is that if anybody finds out the URL to that page, they can download my software. Sure, I could password protect the page with the link, but it still would not be protecting the download URL. Are there any ways to secure the click once upload? I have looked around, and it seems like I am stuck in this sense.
Public URL is a security issue in ClickOnce Deployment. However, there is a solution for your problem if your web server has windows and .NET installed. Tell me if you have one ? I will have to come up with another workaround for Linux web server in case you have that.
Brief
Firstly, a bit of information about ClickOnce deployment. When you deploy the application, the GET requests on the server made are (assuming WebDir is the publish directory on the server)
G-1. GET /WebDir/setup.exe (Initial download)
G-2. GET /WebDir/MyApp.Application (setup.exe -url request)
G-3. GET /WebDir/MyApp.Application (.application deployment provider URL request)
G-4. GET /WebDir/Application Files/MyApp_1_0_0_0/MyApp.exe.manifest (Application manifest request)
G-5. GET /WebDir/Application Files/MyApp_1_0_0_0/MyApp.exe.deployand other .deploy files ... (Application file requests)
Implementation
Now, the solution is to intercept these file requests on the server. On IIS, you can attach a custom HTTPHandler and handle the request. On Apache, you can redirect requests to a PHP code using .htaccess files. Apart from this, you will have to generate unique identifier uid for client instances downloaded from the server (can be your license key) and put that in the deployment provider URL query parameters.
Directory Structure
Create an "Application" folder inside your WebDir and restrict access to /WebDir/Application/. Rest everything can be there inside /WebDir/
File Requests
So here's what you do on a Apache web server hosted on a windows machine:
Create a custom download page or use the one created from publishing the application using Visual Studio (but you will have to edit it manually!). Let's assume that page is /WebDir/Download.php
After authenticating user from Download.php, you have to send setup.exe from your code (can do it with readfile() in PHP) to the user. However, the catch is bootstrapper (setup.exe) after installing will do a GET request [G-2]. Don't forget now, that you have to validate this file request. So basically you change the "setup.exe -url" property to include uid before returning the file. For eg: change it to /WebDir/uid/MyApp.Application [G-2]. You can use MsiStuff.exe to change the URL property for the bootstrapper.
Using a .htaccess file, rewrite [G-2] to /WebDir/Handler.php?user=uid. From Handler.php, you can check if it is a valid uid. If it is valid, you will have to include the uid in the deployment provider URL and "Dependent Assemblies Path" in deployment manifest so that if an upgrade request comes (It essentially requests the deployment manifest), you can validate the user there too. Add uid to query string parameters. For eg: change it to /WebDir/MyApp.application?user=uid [G-3]. Don't forget that you will have to resign the manifests once you modify them. Use Mage or write your own code to do that.
So finally, the GET requests on the server will be (assuming uid=1f3rd)
G-1. GET /WebDir/Download.phpAction: return setup.exe with the -url changed
G-2. GET /WebDir/Application/setup.exe/1f3rd/MyApp.ApplicationAction: redirect, validate user, change URL, re-sign and return file
G-3. GET /WebDir/Application/setup.exe/MyApp.Application?user=1f3rdAction: redirect, validate user and return file
G-4. GET /WebDir/Application/1f3rd/Application Files/MyApp_1_0_0_0/MyApp.exe.manifestAction: redirect, validate user and return file
G-5. GET /WebDir/Application/1f3rd/Application Files/MyApp_1_0_0_0/MyApp.exe.deployand other .deploy files ...Action: redirect, validate user and return file
Pros
Application is successfully deployed and upgraded only if all the requests have a valid uid in the URL present.
You can now identify different instances of application on client systems. You can track the update history, do a selective version upgrade/downgrade and much more !
Cons
You will need a windows server to implement the above since you need mage.exe | your-own-.NET-code-signing-application and Msistuff.exe.
You may have minor performance issues since you are performing validation on every file request. You can choose to skip validation on .manifest and .deploy file requests.
You will have to ensure proper security for companies certificate which will be present on the web server for signing (You can store it on the server local file-system if you have the full server to yourself. In that case, it is fine unless somebody breaks into machine itself !)
If you want me to make something clear or explain in detail, feel free to ask. In case you have suggestions for modification to the above, post that too.
I will write a detailed CodeProject article if I have spare time someday.