I am tring to set up my Cloud9 workspace to work on a rails api projet. The repo contain 2 projects, the rails json api and the front (angular app).
As cloud9 does not provide two external ports, i cannot run them both on the same workspace.
I created 2 differents workspaces, one running the rails api and the other running the angular app (served by a small node process).
Everything is fine except that when i try to call the api (ajax call => $http), i get a cross origin request warning.
XMLHttpRequest cannot load https://workspace-user.c9.io/. The request was redirected to 'https://c9.io/api/nc/auth?response_type=token&client_id=proxy&redirect=http%3A%2F%2Fworkspace-user.c9.io%2F', which is disallowed for cross-origin requests that require preflight.
How can i prevent that?
Thank you
ps: The real url is not workspace-user, i did change it.
Lets say your domains are:
https://ws1-user.c9.io (page which performs ajax is located here)
https://ws2-user.c9.io (destination url)
In ws2-user.c9.io open the terminal and write:
sudo vim /etc/apache2/sites-enabled/001-cloud9.conf
add the following line:
Header set Access-Control-Allow-Origin "https://ws1-user.c9.io"
In the terminal write:
sudo a2enmod headers
service apache2 restart
It should work now.
You can specify which sites are allowed to connect using special CORS headers. For more information see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
Related
So I'm trying to make a website for school and I've been following this guys tutorial on how to make a website. But for some reason when I get to lesson 32 and I enter the ec2-user:~/environment/blog $ rails server -b $IP -p $PORT command, the website doesnt run and it says " somenumbersandletters.vfs.cloud9.us-east-2.amazonaws.com refused to connect " with an error. I've followed all the steps correctly (Except for the directory he runs it from, I run it straight from blog instead of environment because it tells me I need to make a new app the other way). I've tried disabling my firewall, I've enabled Cookies and searched the internet for a solution. I am very new to Servers and Coding and any help would be greatly appreciated!
This is my Terminal Log
Answer from https://www.reddit.com/r/aws/comments/cwnbt1/aws_cloud9_server_refuses_to_connect/
Once you start the rails server, click the 'preview' button. When this tells you that it refuses to connect, find the button that looks like two overlapping squares with an arrow to "pop out into a new window." Once it was in a new tab, it worked like a charm.
Hope this helps!
I ran into this issue as well. I could view my rails application when viewing it from within a new tab, but not within the Cloud 9 IDE tab.
If you look in the browser console when viewing through the tab, you will see this error:
Refused to display 'https://xxxxxxxxxxxxxxxxxxxxxxx.vfs.cloud9.xxxxxxxxxxx.amazonaws.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
This error is being caused because you are viewing the rails application through an iFrame via the Cloud 9 IDE. By default to add security and hinder Cross Site Scripting (XSS) attacks, Rails sets SAMEORIGIN for the X-Fram-Options header. This will not allow the rails app to be visible in the Cloud 9 IDE tab using the iFrame.
In order to bypass this, you will need to set this header to use ALLOWALL instead.
NOTE: Only do this within your development environment and never in a production environment. This could open your site up to XSS attacks.
Add the following configuration option to your config/environments/development.rb file:
config.action_dispatch.default_headers = {
'X-Frame-Options' => 'ALLOWALL'
}
After saving the changes, restart your rails server and the application should now be visible within the Cloud 9 IDE tab directly.
I am working with a designer and I'd like them to have access to the interactions I've implemented on the site we're working on. However this time, I have 2 issues. My localhost is configured to a subdomain:
http://store.teststore:3000/ and we're on different networks. Is there anyway to work around this?
ngrok should work for you. Download and install it following these instructions here: https://ngrok.com/download. Documentation on how it is used can be found here https://ngrok.com/docs. Once installed running the below command should work for you (depending on the hosting environment):
ngrok http -host-header=rewrite store.teststore:3000
You will need to give the URL generated by ngrok and displayed in the cmd prompt to the designer.
Update: Handling absolute redirects
Based on your comment it sounds like, after login, your site does an absolute redirect (the full URL is specified). If it is possible I would change your code to do a relative redirect where the domain is omitted. You could also make your root domain configurable in the absolute redirect and configure it to be the ngrok domain provided for now. Lastly, you could attempt to configure your DNS with a CNAME record following ngroks Tunnels to custom domains documentation. This last option, however, requires a paid for ngrok subscription.
Install ngrok if you haven't yet and CD into your project directory and invoke ngrok. Note Your application must be running locally on the same port number ngrok will be running.
I have a server / client project, both written in dart. Now my server starts on port 1337 and when I run my client with the Run in dartium, my static files are served on port 3030 which allows me to debug my client code in the Dart editor.
The problem is that this causes CORS when using AJAX calls. I have properly setup my server to accept other origins (with Access-Control-Allow-Origin) but, for example, cookies aren't sent along.
Now I'm wondering: is there a way to serve my files with my server (running on 1337) and still have the possibility to debug the client side code in the dart editor?
My understanding is that you can debug, but the real problem is that you don't get the expected data back from the server due to missing cookies.
Standard CORS requests do not send or set any cookies by default.
In order to include cookies as a part of the request, besides setting up the server, you need to specify withCredentials property, e.g.:
HttpRequest.getString(url, withCredentials:true)...
You will also need to setup server to provide Access-Control-Allow-Credentials header.
EDIT: it seems that additional issue is that you don't want to have 2 servers, each serving different part of app.
In that case, you can configure DartEditor to launch the URL, instead of files. Go to Run > Manage Launches and add create a new Dartium or Dart2JS launch with specified URL and source directory.
Another option is to select Run > Remote Connection and attach to a running instance of browser or Dart VM.
Caveat: I haven't tried these options, so I can't tell how stable they are.
I am trying to perform a load test with JMeter on my ASP.NET MVC website that I have published on IIS..
My problem is..I'm confused about what URL pattern should I include or exclude..Currently, URL is immaterial for me, so I tried with '.* ' in URL to include and nothing in URL to exclude.. But JMeter is recording only a jpg url...If I specify '.*\.jpg ' in exclude, it records nothing. I also tried '.*\.aspx ' in include and nothing in exclude, but that doesn't seem to be working either :(
Is this something MVC specific? I am not very sure how it handles urls..(I am doing all this for the first time..). I otherwise didn't have any issues recording steps on other servers like google,apache.jmeter.test etc. where there were normal html pages with my current JMeter settings:
A Thread Group called 'Users' having a
Recording Controller
HTTP request defaults pointing to localhost:9080
A Workbench with
HTTP Proxy Server pointing to localhost:9080
My connection setting is also on localhost:9080.
I'm running JMeter from behind my company's proxy server successfully.
Thanks for any help :)
Realized later that it was not about URLs as such. My browser setting was probably faulty. I was using IE8..When I switched to Firefox, got more fine-grained control on the settings..These settings before recording worked for me:
Set manual proxy configuration to localhost,8081.
Check 'Use this proxy for all protocols'
Leave 'No proxy for' field blank
No 'Automatic proxy configuration'
Click OK.
After this if you try to access your site on IIS while JMeter proxy server hasn't started yet, it wouldn't, saying the connection was refused.
After this, go to JMeter and click the Start button to record. Try acessing the site again. It should come up :) Some more details:
There was no need to specify port number in HTTP request defaults. Just specified it in HTTP proxy server (8081 in my case).
For the session information to be saved properly, you must use a cookie manager (preferably, keep it at the top)..When you record, you get a HTTP header manager under each HTTP request if you had ticked the chekcbox against "Capture HTTP headers" in HTTP Proxy Server before recording..Copy this and add it as a child under your thread group.
Hope this helps someone struggling like me :)
I'm working on implementing omniauth into a Rails project. My problem is that the authentication providers - Twitter, Google, Facebook etc all require me to create an application with a url that limits authentication requests from anywhere other than the url. I need to be able to to test locally but also run code in production, but Facebook for example doesn't allow 2 domains and doesn't allow localhost anyhow.
So what are my options?
At work, we have multiple applications setup for the different environments. On local, add an entry in /etc/hosts (assuming you are on linux) eg: 127.0.0.1 mydomain.local.
On the facebook app setup for the local environment, add this as the url. Most things, except where facebook needs to scrape your site (Like buttons) work.
Here's a blog post with my solution: http://make.bettermistak.es/2012/05/03/how-to-create-a-local-sandbox-facebook-app/
Here's the relevant bit: "Facebook verifies that all requests for your app are coming from the right domain–they don’t allow requests from localhost or 127.0.0.1–and this info can be updated in your apps settings under Hosting URL. Add “local.herokuapp.com” to your Hosting URLs and save this setting. Then edit your /etc/hosts file so that local content is under the domain local.herokuapp.com. This file is hidden, so from the command line enter sudo vi /etc/hosts. (Substitute your favorite editor for vi.) We need to use sudo, because this file is locked. Add the line “127.0.0.1 local.herokuapp.com” below “127.0.0.1 localhost” and save and quit your text editor."
As far as I know, you must sing up two apps for you app.(one for remote side, one for local side)
Fortunately, there is a way to reduce the complication(Assuming you are working on linux):
You can configure you .bash_profile (local machine and remote machine separately):
export YOURAPP_APP_ID="XXXXX"
export YOURAPP_APP_SECRET="XXXXX"
And use ENV['YOURAPP_APP_ID'] and ENV['YOURAPP_APP_SECRET'] in your code.
For example, you can code like this in rails:
config.omniauth :facebook, ENV['YOURAPP_APP_ID'], ENV['YOURAPP_APP_SECRET']
By this way, you can use the same code in both local and remote side. It will be much easier for maintaining.
If you are using Heroku to host your application, you can refer to this page to config the environment variables.
I have created two apps on Facebook one of which i run in sandbox mode for development purposes. Would that be an option for you?