I'm using a JavaFX webview in my application. Inside of it I load a local html file, which itself loads some javascript library from maps.google.com and then displays a google map with some markers inside the webview.
Now according to this question if I want to use a proxy I should just do:
System.setProperty("http.proxyHost","proxy.esrf.fr");
System.setProperty("http.proxyPort","3128");
But this has no effect. I can set whatever I want as the host and port. The google map tiles are still loaded, even if the settings are no valid proxy. So apparently it is not making use of the proxy settings.
How can I make sure, that all web traffic within the WebView is going via the proxy.
I also set the https.proxyHost and https.proxyPort by the way, just in case.
Thanks!
The problem was cause by a bugfix I did earlier.
When working with proxies in java this post is quite helpful. In the end it recommends setting
ProxySelector.setDefault(null);
to avoid issue with sockets and proxies.
However, this made setting the proxy via
System.setProperty("http.proxyHost","proxy.esrf.fr");
System.setProperty("http.proxyPort","3128");
impossible. Actually, it wasn't possible to set any proxy at all except by passing a Proxy object to URL.openConnection(Proxy p);
So instead of setting the default ProxySelector to null, I recommend setting
ProxySelector.setDefault(ProxySelector.getDefault());
Related
Scratching my head over this.
Recently opened a new reverse proxy to our site via nginx to support a new domain. When you access via either old.server.com or new.server.com you hit our backend.
If you hit via old.server.com, all the url helpers work fine and produce valid absolute URLs. But if you hit via new.server.com (the new reverse proxy host) then url helpers only work correctly in views. URL helpers used in the controllers use the hostname plus the actual unicorn port -- which is incorrect for URLs we want to send out.
Even more confusing, this is only the case in the controllers. In the views, this works correctly in all cases. In order to make this work in controllers when using the new.server.com I need to override the default_url_options method in the ApplicationController.
Yes, I have both the Rails.application.routes.default_url_options[:host] and Rails.application.routes.default_url_options[:protocol] configurations setup correctly.
I feel like I probably missed forwarding some required header in the reverse proxy, but haven't figured it out. But more importantly, why are the views and controllers using different contexts for generating absolute URLs?
UPDATE:
The difference between the two hosts appeared to be the value being provided by the reverse proxy for the Host header. The "old" proxy was sending the public host for it, and the "new" proxy was sending nothing. Rails appears to use the Host header in constructing URLs in the absence of explicit data. In order to fix this I either need to set the Host header correctly or implement the default_url_options method in my controller.
So, I now have working code, but it seems like a Really Bad Idea(TM) that controllers and views are not using the exact same code/setup for creating URLs. Is this just standard rails, or did I miss some configuration?
I have two backends I want to serve from one Host. One from host.domain.com and the other from host.domain.com/path. The first frontend rule is straightforward: Host:host.domain.com.
The second is giving me some trouble. Based on the documentation I believe I should be using Host:host.domain.com;PathPrefixStrip:/path. This returns a 200 on host.domain.com/path, but when I click the link to somepage.html, it sends me to host.domain.com/somepage.html, so it returns a 404. If I go directly to host.domain.com/path/somepage.html it returns a 200. The link to somepage.html behaves correctly when I go directly to host.domain.com/path/index.html.
Are my assumptions/interpretations of the documentation incorrect or is this not an issue with Traefik at all?
This isn't really specific to traefik, any virtual path based reverse proxy that doesn't rewrite the contents of the web page returned (and few do this) have problems when the contents of that web page have absolute paths. The web page needs to either know about the "/path" and modify all the links it gives you, or use relative links, without a leading "/". This should be fixed within your website, web application, or hopefully a configuration for a web application. Depending on the application, once reconfigured, you may need to adjust the traefik rule to just "PathPrefix" instead of "PathPrefixStrip".
You should use a PathPrefix instead a PathPrefixStrip . The Strip rules remove the path before presenting it to the backend.
Since the path is stripped prior to forwarding, your backend is expected to listen on /.
I am finding that when my iOS device automatically configures a proxy, all of my NSURLSessions are using it for downloads/uploads/requests. This becomes a problem when I'm trying to make those requests from other devices on the same local network. I need to disable the proxy that the device autodetects for NSURLSession.
Every post everywhere indicates how to set the proxy dictionary, however, I can't find anywhere how to make sure the NRURLSession doesn't use a proxy.
Any help would be appreciated!
If you provide an empty proxy dictionary when creating the session configuration, NSURLSession should ignore the system-provided proxies in all sessions created with that session configuration.
If you're trying to override it for something where you didn't create the session (e.g. third-party frameworks, web views, etc.), you can usually solve that by creating and registering (globally) an NSURLProtocol that takes the requests and reissues them in your own session (adding some custom header so that you don't keep reissuing the same request in an infinite loop). There are some basic examples of writing custom protocols on Apple's website.
So we are in development of an iPhone application (iOS 9+, not 8), where we are using WKWebView and local files to start the thing up. To get data into the app we are planning to use a secure service that will also handle authentication, and were thinking that CORS was the way to do this.
Loading files from the file system, however, sets the origin in the HTTP request to null, which is not allowed when we also want to send cookies (for authentication).
So my question(s):
Can we set an origin in WKWebView to overwrite the null with something like https://acme.server.net?
What are other people (you) doing?
Should we consider doing something else other than CORS? (JSONP is not an option).
You can create a local webserver on the iPhone and load your files from that. This way origin will not be null and you can use CORS to connect to your server.
I have found GCDWebServer to be easy to work with.
Personally I would rather use HTML5 AppCache or ServiceWorkers to create a local application cache without the need for CORS, but WKWebView does not support these and to my knowledge you are forced to use the webserver approach
I'm seeking for solution how to isolate widget included by partial to main site. Issue appear when user access site with https. Ie 6,7 shows security confirmation dialog (part of website resources are not in secure zone).
First of all I download twitter widget on our side, also I download all CSS and pictures. Then I patched widget JS to point onto downloaded resources. But still has not luck with security warning :( I guess the reason of this issue is AJAX request to twitter, but there is no idea how to sole it. (Just to create some kind of proxy on our side).
Thank you for attention.
You just need to host the .js file on your server, and link to that. That is all.
The script auto detects SSL and will make requests to https://twitter-widgets.s3.amazonaws.com/ instead of http//widgets.twimg.com/ dynamically depending on your scenario.
Hope that helps!
geedubb
I got the Twitter Widget to work over HTTPS (SSL) by doing the following:
Save every image, css, and javescript file on my local webserver
Changed every "http" to "https" in the javascript AND in the css
The last piece was tricky. https://twitter.com/statuses/user_timeline.json brings back data that already includes "http"; namely avatars and the profile image. So, I found about four places in widjet.js that used the user_timeline.json data. I hardcoded an image url where ever that "http" data was used. Searching "src" will located all of those places.
It's an ugly fix, but it worked.
You can use a sniffer like HttpWatch to debug this--watch the requests going by and see which ones start with http instead of https. It may be possible to just change the urls you use to point to https://twitter.com, not sure about how your widget works.
thanks Keshar, worked for me. I came to the same conclusion that all http requests had to be https to prevent the IE security warning and also display the twitter feed. I used the live HTTP headers firefox plugin which helps for showing any non-secure http requests, such as the JSON requests.
Jon
If you look through the script there are calls to a https site. If you simply replace the protocol/domain with
https://twitter-widgets.s3.amazonaws.com/
instead of
http//widgets.twimg.com/
it works and you don't have to do anything else.