Enable http2 on Azure Web App MVC application requests - asp.net-mvc

I am trying to enable http2 protocol on a Azure Web app, MVC application without any luck. The tutorial is simple just activate the 2.0 in Application settings of the portal, Http2 online tests states that the http2 protocol is enabled, no requests is on http2.
Https is enabled, minimum tls version set to 1.2... any ideas on what can go wrong?

It seems that an antivirus on my computer was the root cause for all the requests still being on the http. After i disabled it the requests were, as expected on http2.

Related

How to protect the app against code injection which bypasses SSL pinning?

While applying an iOS app developed by me to FUT. They were able to intercept, view and modify all traffic between the app and the server even though the traffic was sent over SSL.
A selfsigned certificate was installed on the phone prior to testing. The app traffic was then redirected to a proxy server which presents the self-signed certificate.
In order to bypass the SSL Pinning, the team has hooked on the runtime of the application (process) and have injected code on runtime, which has disabled the function which checks for the SSL Pinning to be made with the corresponding server.
In case this help. I am using Alamofire 4.7.2, Moya 11.0.2
I have no idea about how to do the ssl pinning, please help.

iOS: Shipping apps using HTTPS where HTTP used in development

In production we will use a REST web service secured with SSL (HTTPS) while in development we're not using SSL (HTTP).
To allow HTTP communication we've configured our development hosts with NSTemporaryExceptionAllowsInsecureHTTPLoads set to true.
Is it considered acceptable to ship apps with this setting or is there a better way to do this? We weren't sure if Apple would object to this configuration.
Went with Roman's suggested approach and enabled ATS for debug but disabled it for all release builds. https://stackoverflow.com/a/32704702/47281

Azure Scheduler TLS 1.0 calling MVC app

We are using Azure Scheduler (AS) to make calls to an HTTPS URL. This has been working with no issues until now. We have disabled TLS 1.0 on there hosting server due to a security requirement and now AS now logs "ConnectFailure Unable to connect to the remote server"
I would have thought that AS would negotiate the connection. Is anyone aware of any issue or is there anything I can do in my MVC app force AS to use TLS 1.1 or 1.2?
I spoke to Azure support and it turns out that Azure Scheduler currently requires a TLS 1.0 for https endpoint. There was no timescale given by Microsoft for any change to this.

Figure Twitter API Callback to HTTPS

I am using ASP .NET MVC 3 to develop a site running on IIS express server. The site has to run on https protocol.
I would like to add Twitter OAuth support to the site. Twitter requires a callback url and it should not be https://localhost:44300/. Normally, for http, I know the solution is to use http://127.0.0.1 instead. However, I have tried https://127.0.0.1:44300, it did not work for me and I got a HTTP 503 error.
Is there something I can do to get the callback working with https?
Follow these steps:
1- For IIS :
1-1 make sure that application pool is not paused or disabled
check here Solve HTTP Error 503
1-2 Make sure that SSL is enabled for IIS enabling SSL for IIS
2- Make sure that port 44300 is not used with anyother application, to check that run command:
"Netstat -a"
3- review Twitter Errors code
if everything is Okay on your machine,you might need to check twitter API errors code
For example error 503 means :
The Twitter servers are up, but overloaded with requests. Try again later.

Does iOS send HTTPS requests through the HTTP proxy?

I am trying to write up an HTTP proxy server in node.js, and I have successfully managed to route unsecure HTTP connections through it. But when applications (on my iOS device) use HTTPS for APIs 'n such, it always throws an error, and the attempted HTTPS connection never hits the server. So there are a few explanations of what could possibly be happening:
iOS chooses not to send HTTPS connections over the proxy for security reasons
iOS is looking for an HTTPS connection at the server on a different port, but can't find one
Basically what I am asking is: What does iOS do with HTTPS connections when an HTTP proxy is configured?
Please ask for any details or further questions in the comments. Thanks.

Resources