I have heard that HTTPS communication is required for service workers used in extension manifest V3, but where exactly is HTTPS communication required?
・When I download extensions to my PC
・Sites that run extensions
Related
I've created a service inside minikube (expressjs API) running on my local machine,
so when I launch the service using minikube service wedeliverapi --url I can access it from my browser with localhost:port/api
But I also want to access that service from another device so I can use my API from a flutter mobile application. How can I achieve this goal?
Due to small amount of information and to clarify everything- I am posting a general Community wiki answer.
The solution to solve this problem was to use reverse proxy server. In this documentation is definiton what exactly is reverse proxy server .
A proxy server is a go‑between or intermediary server that forwards requests for content from multiple clients to different servers across the Internet. A reverse proxy server is a type of proxy server that typically sits behind the firewall in a private network and directs client requests to the appropriate backend server. A reverse proxy provides an additional level of abstraction and control to ensure the smooth flow of network traffic between clients and servers
Common uses for a reverse proxy server include:
Load balancing
Web acceleration
Security and anonymity
This is the guide where one can find basic configuration of a proxy server.
See also this article.
I'm currently struggling with docker and SSL. Let me give you an overview on what I'm trying to do.
I built a microservice-based architecture which is composed by a react web application and some "backend" services written in python and exposed with gunicorn on docker containers. I need to serve it over SSL because of Auth0 which needs the https communication. So, I built the server, bought a domain and got the SSL certificate for the domain with let's encrypt.
Now, here are the troubles, since mi services communicates to each other with a docker network, say services-network. For this reason they refer each other with the url `service:port/example.
At the moment I'm able to successfully connect to my web app with https but whenever this tries to contact the "backend" services the connection is refused because of it came from a non-secure resource (I used http://service:port/endpoint).
I tried to use the let's encrypt certificate generated for the webapp but the communication is blocked with message requests.exceptions.SSLError: HTTPSConnectionPool(host='service', port=8081): Max retries exceeded with url: /endpoint (Caused by SSLError(CertificateError("hostname 'service' doesn't match 'domain.com'",),))
I understand that a possible workaround for this error is to make the services communicate each other without using the docker network but the external one. Anyway I think that is not a good practice and that the communication among containers needs to be done through the docker network.
Finally, my question is: which is the best way to make the containers communicate through https over the docker network?
I personally like to use nginx as a reverse proxy. You would configure it normally and set it to proxy_pass <dockerIp:port>.
Many people like to use traefik.io which has many features including Let's Encrypt integration.
Is it possible to run a gRPC server on iOS?
Let’s say we want to use the gRPC framework to define APIs etc. And now we want to deploy a gRPC server in the same process with the application using it — connection via an InprocessChannel.
Is there a gRPC port for iOS that allows to do that?
Yes, unlike with the Objective-C bindings for gRPC, it's possible to run a gRPC server on iOS using Swift GRPC:
APIs and generated code is provided for both gRPC clients and servers,
and can be built either with Xcode or the Swift Package Manager.
Support is provided for all four gRPC API styles (Unary, Server
Streaming, Client Streaming, and Bidirectional Streaming) and
connections can be made either over secure (TLS) or insecure channels.
The Echo example contains a Mac app that demonstrates both server and client code. The Swift gRPC parts should be similar in an iOS app.
It is not officially supported by gRPC, but you have a couple of options to do this on your own:
You can wrap gRPC C++ and use their server feature. Someone tried this before and seems worked.
You can use the gRPC Swift repo which has gRPC server feature on iOS client.
Is JIRA supported in GCE? If so, how to make it work?
We have installed 64-bit .bin of JIRA(6.4.1), and opened necessary custom http ports under Networks.
Started JIRA as service, but unable to see it work via browser. No error message than, timed out error!
Any help would be highly appreciated.
Note: We are new to Google Cloud Platform.
Did you enable the http and https services on your instance ? By default the GCE instance does not allow Http and Https traffic, you have to do it manually.
The Jira configuration for Google Compute Engine can be tricky. You need to make sure that:
The firewall rules under Netowrking allows a connection to Jira HTTP port or the HTTP enables in VM properties
The global Networking rules allow TCP traffic on this port
The virtual network have routes configured
If you use Apache as proxy for Jira (recommended) then make sure Apache is configured to point to the Tomcat port
Your Tomcat is configured
You have enabled port allocation using setcap utility
Your local machine firewall enables the connection (in Red Hat ipconfig is enabled by default and blocks the connections)
As you can see it may be tricky to install Jira on Google Cloud. It may be a good idea to use a deployment service like Deploy4Me to do this quickly and automatically.
I have one application says "app1"(main application support login) which is deploy some different machine tomcat server and another application says "app2" which also deployed in another machine tomcat server. So, should i need to install siteminder web agent to both the machine or it is on only in "appl2"?
Depends on what kind of agent you are using- if you're using a web agent for a web server (IIS, Apache), you could just install it on that box assuming it handles requests to both app servers. If you are installing the agent for the app server, Siteminder could log the user into the app on the "app1" server, and then the app/app server token could be passed to "app2"
You can use a traditional reverse proxy (apache with mod_proxy) or SiteMinder Secure Proxy Server to handle the Web Agent work and forward traffic to the destination web/app servers.
Secure Proxy Server enables your Single Sign-On environment to have "agentless" capabilities. You will still have 1 or more SiteMinder Web Agents (depending on the number of proxies that are deployed), but the web and application servers will not need to have any agents installed. The web/app servers only need to be able to consume the HTTP Headers provided by SiteMinder.