Geolocation API Removed from Unsecured Origins. Is there any other way to find geoloaction from http server? need some suggestion.
You can use IP geolocation service to translate IP address to city location. It has less accuracy compare to Geolocation API. However, it is less intrusive and can be used on all web browsers.
IP Geolocation is available in database or web service format. Below is example for free service.
(a) Database: IP2Location LITE
(b) Web Service: IPInfoDB
Reference: https://www.geolocation.com
Related
I'm trying to make my network server online and link it to a system and an application that I designed. However I don't want to make a website to upload the server to. Is this possible? Can I link my server directly to my software and my application via the internet? Thanks.
You can connect to servers with out the world wide web.
Their is for example the Gropher protocol.
Most likely this is not what you are looking for.
If you want to reach your server from the outside you need a public IP address. Your internet provider has to give you one. You could get around this, if you know someone with a public IP who accepts to forward your traffic.
My server is in Sweden (DB, ruby on rails web app, nginx). Sometimes people from South Africa and Southeast Asia come to my site.
For these people, the site is very stupid. Ping from Southeast Asia about 200ms. I want to solve this problem. I have no experience with such situations.
CDN will not help because it is only for static information.
I thought I need to make three servers for each region (1 server 1 nginx 1 webapp 1 base 1 region) and configure replication between databases. But I was told it was bad. How then? Maybe Amazon Cloud with RDS?
If you're on AWS could use a Load Balancer with your service running on multiple availability zones.
This is the same on AWS or Google Cloud
There are however a few things to take into consideration, for instance:
where is your db?
is it distributed?
is your service DB hungry?
Every scenario is easy to solve on AWS just by clicking around; meaning adding your service to multiple availability zones is as easy as making your db available across multiple regions as well.
If your server provides a RESTful interface and you want to use AWS for any reason, I would recommend API Gateway, just because it already has an edge-optimization feature: https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-basic-concept.html
"Edge-optimized API endpoint: The default host name of an API Gateway API that is deployed to the specified region while using a CloudFront distribution to facilitate client access typically from across AWS regions. API requests are routed to the nearest CloudFront Point of Presence (POP) which typically improves connection time for geographically diverse clients. An API is edge-optimized if you do not explicitly specify its endpoint type when creating the API."
I am trying to build an web app, where a client logs in and wants to send some data to another website (for example he wants to upload a csv file that the application will read and send the read data to the other website).
The website does not have an official API which I can use and they block an IP Address if it is making too many requests.
So, my idea was to use the user's IP Address to send the request in his name so that the website will not block my app from making requests.
It is possible to do this from asp .net core mvc / asp.net mvc?
If not, what can I do to make this possible?
Thanks in advance
No, this is not possible. I would encourage you to actually read up on the TCP/IP protocol (HTTP, too, while you're at it, though it doesn't directly relate to this issue). Just like you would need to understand how something like iOS works before you could write apps for it, you should not how the underlying protocols of the Internet work, if you intend to write web apps.
In particular here, all communication over TCP/IP is by IP address. It is necessarily unique because the client/server needs to be able to "address" its packets there. Based on this, even if you could impersonate the user's IP address, the result would be the server sending its response directly to the user, instead of your server.
FWIW, there is a concept of "shared" IP addresses. For example, unless you have a dedicated IP from your ISP, you along with a lot of its other customers will appear as if you all have the IP address. IP addresses are traditionally limited. IPv6 is virtually limitless, but most everything still uses IPv4, which only exposes a range of ~4 trillion addresses. That may sound like a lot, until you realize that every single client needs a unique address. Just one person likely has a home computer, a work computer, a laptop, a smartphone and perhaps even a second business smartphone. Additionally they could have a range of other devices like a tablet, smart TV, connected thermostat, etc. As a result, your ISP essentially proxies your request to the destination and it then receives the response and forwards it on to you. It uses its internal IP tables to route the response back to the internal IP that requested it. So, while it's technically possible for multiple clients/servers to share the same external IP, it is not the same as what you're talking about here.
I'm currently living in a country in which YouTube website is banned and you'll need a VPN or a proxy to be able to access the YouTube website and videos using a web browser, but surprisingly, I've found that sometimes (most of the times actually) I can access YouTube and watch YT videos without using any VPN or proxies by using the YouTube Android application on my phone/tablet. This is related to my ISP as far as I know.
How does the YouTube Android application can connect to YouTube servers without the need of any proxies or VPN while at the same time I have to use a proxy program like "Freegate" to be able to watch YouTube on my computer? Is there a trick to do on my computer to be able to watch YT in web browsers without using any proxies?
I used an app called "Packet Capture" which captured the following IP addresses:
74.125.173.200:443
216.58.208.42:443
172.217.22.34:443
173.194.188.70:443
When I type them into a web browser, they redirect to google.com.
Android Oreo 8.1.0 and the latest version of Youtube.
My main goal is to be able to use youtube-dl without any proxies.
My question is similar to this.
Thank you.
The censors can block in a number of ways:
By modifying the ISP's DNS server to make youtube.com resolve to an IP address of their own (or just 0.0.0.0). Due to its minimal impact on the Internet infrastructure, this tends to be the preferred way in democratic countries. It can be easily evaded by using a DNS server not under the censor's control, e.g. 8.8.8.8 or 1.1.1.1.
By blocking ranges of IP addresses, for example 172.217.0.0/16. This is very likely to overblock, especially if the target is a smaller website which shares its IP range (or even IP address with others). Even in this case, outright blocking the whole /16 subnet would prevent access to google.com as well. This involves a lot of work on the censor's part, as IP addresses are routinely and automatically changed.
By reading traffic and blocking it if specific content is included. Since everything is encrypted these days, only DNS names and SNI are in the clear. There are already ongoing works to close these loopholes. The downside for the censor is that they have to read and parse every single packet, i.e. need large equipment, although if restricting to only DNS it is far more feasible. This is also likely to introduce problems for unrelated services which may occasionally be misdiagnosed.
(There are a couple of other ways and finer distinctions I'm listing in my PhD thesis on the topic of censorship, but they don't apply here).
No matter which ways the censors choose, they must feed a list of forbidden items into their equipment. In case 1&3, that's domain names, in case 2, that's IP address (ranges).
Modern services like YouTube are internally split into multiple smaller services. For instance, YouTube may internally consist of:
The web frontend, youtube.com / 172.217.22.46
The thumbnail service, ytimg.l.google.com / 172.217.21.206
The API googlevideo.com / 172.217.22.68
The video service, in multiple subdomains like r3---sn-i5onxoxu-q0n.googlevideo.com / 92.226.0.78
All domain names and addresses are examples; in practice, every service uses many IP addresses and different domain names (for instance there's www.youtube.co.uk .
If the censors in your country block only web frontend, the Android app will continue to work. The censors may also forget some domains - i.e. block youtube.com and youtube.pk and their subdomains, but not youtube.fr.
Alternatively, the censors may have tried to block the Android app by IP address, but the IP address may have been changed by YouTube, either as part of automatic internal reassignment or by explicit censorship avoidance.
The Android app contacts the internal google API, since it wants machine-readable information. So why does youtube-dl use the web interface and not the Android API?
I can't speak for all developers, but as the long-time lead developer of youtube-dl I know why I mostly focused on the web interface: It was simply a matter of convenience, as the tools to debug and observe web applications are far better than those for Android (or iOS apps). Therefore, when I added features, I would observe how the web JavaScript app realizes them, and reimplement that in youtube-dl.
So far, mainly using the web API was sufficient, but you are very welcome to add alternative code that uses the calls the Android app makes. Beware that this relief may be temporary though, as the censors may notice that the YouTube app is unblocked, and update their domain name and IP range lists to include that service as well.
I'm implementing the Google Maps Geolocation API as explained here. https://developers.google.com/maps/documentation/business/geolocation/
The problem is my server is implemented in delphi and using https is quite complex,
is there a way to use this API in plain http?
I know there are some security issues, but this feature in particular will only exists in a cache subsystem where no sensitive data is ever send or stored.