Perhaps you can help us to understand how I can solve my problem :
Our web application uses Street View API for custom navigation, so it needs to display panoramic pictures from Google Storage directly into the client.
These pictures are to be private, so URL should be like this :
https://storage.cloud.google.com/*bucket/panoramic_tile-zoom-x-y.jpg*
and these assets are called by the Street View API function.
This URI is not the direct link to the asset, but the response is an HMTL type, a form redirecting to a temporary URL :
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Date: Wed, 20 Nov 2013 09:16:46 GMT
Expires: Wed, 20 Nov 2013 09:16:46 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 2341
Server: GSE
Alternate-Protocol: 443:quic
<html>
<head></head>
<body>
<form method="POST" enctype="multipart/form-data" action="https://doc-15fdi-03uv6-s-googleusercontent.commondatastorage.googleapis.com/gs/a...pwZw" id="redirectForm">
<input type="hidden" name="token" value="13668820...pj1onfrc2gvdfrp">
<input type="hidden" name="a" value="AGjQbs4J...b1PUgwjq4O-B7MfcD3fVpo5WrOw">
</form>
<script language="JavaScript" type="text/javascript">
document.getElementById('redirectForm').submit();
</script>
</body>
</html>
Using AJAX again to retrieve the image asset, for each tile of the panoramic view could be performed but would likely to slow down performance of the website.
Comparatively, if assets are public, displaying the pictures is straightforward.
Do you know a way to request private GS asset with fixed URLs?
Thank you for your time.
Jeremie
Related
I simply cannot make a 302 redirect send a cookie.
I have a 302 request at https://mysite-api.azurewebsites.net/api/123456 which responds with:
{
status: 302,
headers: {
"Access-Control-Allow-Credentials": true,
"Set-Cookie": `testcookie3=abcd; Max-Age=2592000; SameSite=Lax; Secure; Path=/;`,
Location: `www.mysite.com`,
},
body: "Redirecting..."
}
I'm calling it with from my local machine, just as a html file in chrome/firefox:
<html>
<body>
<form
action="https://mysite-api.azurewebsites.net/api/123456/redirect"
method="post"
>
<label for="token">Token:</label>
<input type="text" id="token" name="token" /><br /><br />
<button type="submit">Submit this tab</button>
</form>
</body>
</html>
I can see it call the redirect request, I can see the reponse cookie is set.
However, it's not stored, and on the actual redirect it's immediately removed.
The test page simply displays Cookie: |{document.cookie}| and it's blank, no cookies are received by the redirect site.
It seems that when doing a redirect you simply must have the UI and API on the same domain.
Since this was the case in production, I had to ensure my development environment is also hosted on the same domain, and then the cookie:
Token=ABCDE; Max-Age=2592000; Path=/; Domain=subdomain.mysite.dev; HttpOnly; Secure;
Worked, for the UI at subdomain.mysite.dev and api at api.subdomain.mysite.dev.
In my Go application, I'm building and sending multi-part emails with HTML body and PDF attachments. Gmail displays my emails correctly, however the Apple iOS email app doesn't. It only shows the attachment and no text (html) at all.
My emails look like this (I've removed the content for the example):
MIME-Version: 1.0
From: Example <info#example.com>
To: example#gmail.com
Reply-to: info#example.com
Subject: Bla-bla
Content-Type: multipart/alternative;
boundary="3fca6de57f7044cd34adb5454428fd5e5d56e939f26028c745d7b130ca4fa343"
Message-ID: <010201713b392a40-fbba1c61-23e5-44f5-a26a-f83a1598c885-000000#eu-west-1.amazonses.com>
Date: Thu, 2 Apr 2020 14:08:54 +0000
X-SES-Outgoing: 2020.04.02-54.240.7.18
Feedback-ID: 1.eu-west-1.Kpg92BT/SvZS11gkp8+PRgxZ4fKdPt7sUnI7TvXld8g=:AmazonSES
--3fca6de57f7044cd34adb5454428fd5e5d56e939f26028c745d7b130ca4fa343
Content-Type: text/html; charset="UTF-8"
<!DOCTYPE html>
<html lang="en">
<head>
...
</head>
<body>
...
</body>
</html>
--3fca6de57f7044cd34adb5454428fd5e5d56e939f26028c745d7b130ca4fa343
Content-Type: application/pdf; charset="UTF-8"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;filename="afile.pdf"
--3fca6de57f7044cd34adb5454428fd5e5d56e939f26028c745d7b130ca4fa343--
So, I get the email, it has the attachment, but not the text. This only occurs with iOS mail app. By the way, I've googled this issue and found a few topics where iPhone users complained about the same problem with their built-in mail...
Changing the content type of the email itself from multipart/alternative to multipart/mixed helped. Now my emails are displayed correctly both in Gmail and iOS Apple mail.
I've also tried to switch between plain/base64 HTML and inline/no content disposition for HTML part, but that had no effect.
Hope this helps somebody.
I'm trying to test Gmail Schemas where the sender and the recipient are the same(mine) account following the Self Testing Notes
You can easily test if your markup is working correctly end-to-end by
sending emails with schemas to your Gmail account. All emails where
the sender and the recipient are the same account ignore the
registration requirements and can be used for self-testing.
but without the expected result, the "Action" button is not displayed.
I have tried using both the JSON-LD and Microdata without results.
Here the "Show original" of the email from my Gmail Account:
Return-Path: <fake-account-email-x#gmail.com>
Received: *****
Message-ID: <fake-email-id#gmail.com>
Date: Tue, 12 Nov 2013 09:41:53 +0100
From: Cristian <fake-account-email-x#gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20130330 Thunderbird/17.0.5
MIME-Version: 1.0
To: fake-account-email-x#gmail.com
Subject: test
Content-Type: multipart/alternative;
boundary="------------090703050903040805020509"
This is a multi-part message in MIME format.
--------------090703050903040805020509
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Ciao ${FIRSTNAME}$
* punto 1
* punto 2
* punto 3
--------------090703050903040805020509
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div itemscope="" itemtype="http://schema.org/EmailMessage">
<meta itemprop="description" content="Approval request for John's
$10.13 expense for office supplies">
<div itemprop="action" itemscope=""
itemtype="http://schema.org/ConfirmAction">
<meta itemprop="name" content="Approve Registration">
<div itemprop="handler" itemscope=""
itemtype="http://schema.org/HttpActionHandler">
<link itemprop="url" href="http://www.example.com/">
</div>
</div>
</div>
<h1>Ciao ${FIRSTNAME}$</h1>
<ul>
<li>punto 1</li>
<li>punto 2</li>
<li>punto 3</li>
</ul>
</body>
</html>
--------------090703050903040805020509--
And here how it appears from the list:
And inside the message:
I have also validated my code via the Markup Tester
Where is the error in my test? I can't figure out :(
UPDATE 20131113
Sending the email via Test Gmail Schemas, as suggested Devnook, all works fine, but using my Thunderbird client(using my account via SMTP) nope.
Here the source from the test via "Test Gmail Schema"
Delivered-To: fake-account-email-x#gmail.com
Received: by 10.224.58.135 with SMTP id g7csp190326qah;
Tue, 12 Nov 2013 22:48:43 -0800 (PST)
X-Google-DKIM-Signature: *********
X-Original-Authentication-Results: ********
Return-Path: <3yyCDUg0JErIYeSad-SUlagfkYeSad.UgeUjaklaSf.hgjlS.UjpYeSad.Uge#2UIX4H7XYGSZ66WEERLQ.apphosting.bounces.google.com>
Received-SPF: pass ********
Authentication-Results: mr.google.com;
spf=pass ********
X-Received: from mr.google.com ([10.224.24.65])
by 10.224.24.65 with SMTP id u1mr35599473qab.6.1384325323511 (num_hops = 1);
Tue, 12 Nov 2013 22:48:43 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.224.24.65 with SMTP id u1mr25556165qab.6.1384325323474; Tue,
12 Nov 2013 22:48:43 -0800 (PST)
X-Google-Appengine-App-Id: s~gmail-actions
X-Google-Appengine-App-Id-Alias: gmail-actions
Message-ID: <fake-email-id#google.com>
Date: Wed, 13 Nov 2013 06:48:43 +0000
Subject: Testing Gmail Actions 2013-11-13 06:48
From: fake-account-email-x#gmail.com
To: fake-account-email-x#gmail.com
Content-Type: multipart/alternative; boundary=001a11c2c63a28cf0504eb095b6e
--001a11c2c63a28cf0504eb095b6e
Content-Type: text/plain; charset=ISO-8859-1; format=flowed; delsp=yes
Ciao ${FIRSTNAME}$
punto 1
punto 2
punto 3
--001a11c2c63a28cf0504eb095b6e
Content-Type: text/html; charset=ISO-8859-1
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div itemscope="" itemtype="http://schema.org/EmailMessage">
<meta itemprop="description" content="Approval request for John's
$10.13 expense for office supplies">
<div itemprop="action" itemscope=""
itemtype="http://schema.org/ConfirmAction">
<meta itemprop="name" content="Approve Registration">
<div itemprop="handler" itemscope=""
itemtype="http://schema.org/HttpActionHandler">
<link itemprop="url" href="http://www.example.com/">
</div>
</div>
</div>
<h1>Ciao ${FIRSTNAME}$</h1>
<ul>
<li>punto 1</li>
<li>punto 2</li>
<li>punto 3</li>
</ul>
</body>
</html>
--001a11c2c63a28cf0504eb095b6e--
The "big" difference are that the headers of this email contains the DKIM-Signature and SPF but in theory emails where the sender and the recipient are the same account ignore the registration requirements
Here how it appear the "correct" email
I tested your email (sent it to myself using http://gmail-actions.appspot.com/) and I got the action appearing in my inbox. So your markup is fine... Are you sure you are not forwarding your email to another account?
Maybe try if other sample emails from gmail-actions.appspot.com work. If not, maybe you have some lab enabled in your inbox or a theme that is blocking the button to appear?
Also, this works only on a desktop afaik.
When I attempt to DKIM sign the message myself, checkmyauth#auth.returnpath.net returns:
WARNING: The From domain 'gmail.com' does NOT match the DKIM domain
and gmail omits the headers (and my email remains unsigned).
Yahoo says DKIM passed by the way.
This sucks, no way to programatically test gmail actions if self signed emails to self are considered spam.
Mirza
when A posts a link on Facebook, and then B clicks that link in Chrome (not in Firefox, and haven't tested others), B sees the Facebook white "f" on blue background icon (favicon.ico) shown on the tab of the linked page. sometimes, presumably when the page has its own favicon, refreshing that tab will replace the icon with the correct one; but most often the Facebook favicon remains. at first I believed Facebook was using frames in some tricky way, but using View Source, that appears not to be the case. how would one program an href or redirect in such a way as to preload one's own favicon onto a linked page as Facebook does?
here's what I've tried without success, my icon gets replaced with nothing (and only shows in both the tab and navbar in Firefox, only in the tab in Chromium, but that's beside the point):
http://unixshell.jcomeau.com/tmp/linktest/index.html
jcomeau#unixshell:~/www/www/tmp/linktest$ cat index.html
<html>
<head>
<link rel="shortcut icon" href="favicon.ico" />
</head>
<body>
homesteadingsurvivalism.myshopify.com
</body>
</html>
jcomeau#unixshell:~/www/www/tmp/linktest$ cat redirect.html
<html>
<head>
<link rel="shortcut icon" href="favicon.ico" />
<script language="javascript" type="text/javascript">
var newpage = window.location.search.substring(5);
window.setTimeout('window.location = newpage; ', 3000);
</script>
</head>
<body>
<p>Redirecting to selected site, please wait...</p>
</body>
after Yan's comment I also tried with no success redirect.cgi:
jcomeau#unixshell:~/www/www/tmp/linktest$ cat redirect.cgi; QUERY_STRING=url=http://this.is.a.test/ ./redirect.cgi
#!/bin/bash
echo -ne "Content-type: text/html\r\n"
echo -ne "Location: ${QUERY_STRING:4}\r\n"
echo -ne "\r\n"
cat <<-EOF
<html>
<head>
<link rel="shortcut icon" href="favicon.ico" />
</head>
<body>
Redirecting to ${QUERY_STRING:4}
</body>
</html>
EOF
Content-type: text/html
Location: http://this.is.a.test/
<html>
<head>
<link rel="shortcut icon" href="favicon.ico" />
</head>
<body>
Redirecting to http://this.is.a.test/
</body>
</html>
When I do a GET request to http://www.facebook.com/l.php?u=http%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DBwCjI4mWPFI&h=yAQG6-ic8AQF_aOjn3QCJxdul6VnDN1Ho_ltT2gX90NF-vQ, I get the following response (I added some line breaks in the HTML for readability):
HTTP/1.1 200
Content-Length: 349
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma: no-cache
Refresh: 1;URL=http://www.youtube.com/watch?v=BwCjI4mWPFI
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Set-Cookie: ***removed***
Content-Type: text/html; charset=utf-8
X-FB-Debug: ***removed***
Date: Fri, 27 Apr 2012 00:49:25 GMT
Connection: close
<html>
<head></head>
<body>
<script type="text/javascript">
document.location.replace("http:\/\/www.youtube.com\/watch?v=BwCjI4mWPFI");
</script>
<script type="text/javascript">
setTimeout("(new Image()).src=\"\\\/laudit.php?r=JS&u=http\\u00253A\\u00252F\\u00252Fwww.youtube.com\\u00252Fwatch\\u00253Fv\\u00253DBwCjI4mWPFI\";",5000);
</script>
</body>
</html>
A short trial learns that the Refresh header is enough to let this work. This is a simple implementation in PHP:
<?php
header("Refresh: 1;URL=http://www.a-website-without-favicon.com/");
?>
But, as stated earlier: this only works if the website you're referring to doesn't have a favicon.
Although I am not entirely sure how Facebook is doing it, you may try using a proxy PHP script and AJAX content load as suggested here.
/* proxy.php */
<?php echo file_get_contents($_GET['url']);?>
<html><body><div id="contentArea"></div></body></html>
$("#contentArea").load('proxy.php?url=http://example.com');
First, you'll load your own blank page with your preferred favicon.ico. Then using AJAX, you'll load the preferred content keeping the old favicon.ico.
I'm trying to get a simple Lift example running and I'm having a strange issue. I am using the Sonatype sample list project here. I modified the HTML slightly, but it wasn't working originally either. The issue I'm having is that when I run the local jetty server and try to access http://localhost:8080 it displays as XML in Firefox 3.6.10 rather than HTML. Note, it displays fine in IE8 but the Content-Type in IE8 is "text/html". I assume Firefox doesn't like the Content-Type "application/xhtml+xml" for some reason. The message in Firefox says:
This XML file does not appear to have
any style information associated with
it. The document tree is shown below.
Below are the response headers from Firebug:
Expires Thu, 16 Sep 2010 03:55:04 UTC
Content-Length 558
Cache-Control no-cache; private; no-store
Content-Type application/xhtml+xml; charset=utf-8
Pragma no-cache
Date Thu, 16 Sep 2010 03:55:04 UTC
X-Lift-Version 2.0-scala280-SNAPSHOT
Server Jetty(6.1.22)
..and the actual response:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Lift Test</title>
</head>
<body>
<h2>Welcome to your project!</h2>
<p>
<span>Welcome to toto01 at Wed Sep 15 20:55:04 PDT 2010</span>
</p>
<script type="text/javascript" src="/ajax_request/liftAjax.js"></script>
<script type="text/javascript">
// <![CDATA[
var lift_page = "F586508075515C1K";
// ]]>
</script>
</body>
</html>
Any ideas as to what is going wrong? How would I change the Content-Type in Lift for Firefox if that is the issue?
Alright, it looks like the problem is related to the element not having an xmlns attribute. After changing the XHTML to below it worked fine with the content type as "application/xhtml+xml":
<html xmlns="http://www.w3.org/1999/xhtml">
The problem should be in the use of both application/xhtml+xml content type and XHTML transitional dtd.
https://developer.mozilla.org/en/Mozilla_Web_Developer_FAQ