I'm using AFNetworking with an iPad app to connect to a server using https with a self-signed certificate.
On my device running iOS 6.1 it all works fine but when we tested on the iOS 5.1 simulator and a 5.1 device I get a 403 response.
We've tried:
#define _AFNETWORKING_ALLOW_INVALID_SSL_CERTIFICATES_
and:
[operation setAuthenticationAgainstProtectionSpaceBlock:^BOOL(NSURLConnection *connection, NSURLProtectionSpace *protectionSpace) {
return YES;
}];
as was suggested elsewhere but these still gave the same error. This is the nslog of the error sent to the AFHTTPRequestOperation's failure block:
Error Domain=AFNetworkingErrorDomain Code=-1011 "Expected status code in (200-299), got 403" UserInfo=0x10337330 {NSLocalizedRecoverySuggestion=<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>The page cannot be displayed</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252">
<STYLE type="text/css">
BODY { font: 8pt/12pt verdana }
H1 { font: 13pt/15pt verdana }
H2 { font: 8pt/12pt verdana }
A:link { color: red }
A:visited { color: maroon }
</STYLE>
</HEAD><BODY><TABLE width=500 border=0 cellspacing=10><TR><TD>
<h1>The page cannot be displayed</h1>
You have attempted to execute a CGI, ISAPI, or other executable program from a directory that does not allow programs to be executed.
<hr>
<p>Please try the following:</p>
<ul>
<li>Contact the Web site administrator if you believe this directory should allow execute access.</li>
</ul>
<h2>HTTP Error 403.1 - Forbidden: Execute access is denied.<br>Internet Information Services (IIS)</h2>
<hr>
<p>Technical Information (for support personnel)</p>
<ul>
<li>Go to Microsoft Product Support Services and perform a title search for the words <b>HTTP</b> and <b>403</b>.</li>
<li>Open <b>IIS Help</b>, which is accessible in IIS Manager (inetmgr),
and search for topics titled <b>Configuring ISAPI Extensions</b>, <b>Configuring CGI Applications</b>, <b>Securing Your Site with Web Site Permissions</b>, and <b>About Custom Error Messages</b>.</li>
<li>In the IIS Software Development Kit (SDK) or at the MSDN Online Library, search for topics titled <b>Developing ISAPI Extensions</b>, <b>ISAPI and CGI</b>, and <b>Debugging ISAPI Extensions and Filters</b>.</li>
</ul>
</TD></TR></TABLE></BODY></HTML>
, AFNetworkingOperationFailingURLResponseErrorKey=<NSHTTPURLResponse: 0x875be10>, NSErrorFailingURLKey=..., NSLocalizedDescription=Expected status code in (200-299), got 403, AFNetworkingOperationFailingURLRequestErrorKey=<NSMutableURLRequest ...>}
I've replaced the URL with "..."
Any suggestions?
Fixed the problem, when setting the HTTP method of my NSMutableURLRequest
[request setHTTPMethod:#"POST"];
I wasn't capitalising "POST" ... apparently that's a problem on 5.x but not 6.x
Related
I am trying to create a webpage that implements Step 1 of the "Get a 3-Legged Token with Authorization Code Grant" process described in Autodesk's Forge tutorial. But when I run it I get an error: Error : 400 - Invalid redirect_uri
Here is my code:
<!DOCTYPE html>
<html lang="en">
<head>
<title>Get_a_3-Legged_Token_with_Authorization_Code_Grant.php</title>
</head>
<body>
<?php
// Derivedfrom API tutorial here:
// https://developer.autodesk.com/en/docs/oauth/v2/tutorials/get-3-legged-token/
$client_id = "HAqDtKO7VbuRgH0nL0MFJ0B02ElBEK3l";
$forge_Callback_URL_w_query_string = "http%3A%2F%2prod.sonautics.com/send_scan.php%3Fcmd%3Drefresh";
$forge_Your_WebSite_URL = "httpp%3A%2F%2prod.sonautics.com";
echo '<a href="https://developer.api.autodesk.com/authentication/v1/authorize?response_type=code'
. '&client_id=' . $client_id
. '&redirect_uri=' . forge_Callback_URL_w_query_string
. '&scope=data:read">Click here to grant access to your data!</a>'; ?>
</body>
</html>
I am receiving a page that says:
Oops
Error : 400 - Invalid redirect_uri
We're experiencing problems with the application configuration.
Connecting Application
Please try again later.
My code above is very simple:can you help me identify the source of the error and tell me how to fix it?
The redirect_uri parameter should be matched with the Callback URL like the following snapshot in your Forge app of this client id you mentioned here. Please check if they are mismatched currently.
Besides,
the oath scope for viewing models via Forge Viewer is recommended to use viewables:read instead. The scope data:read can be used to read your model files in your bucket by others once your token with this scope is exposed. Please check this announcement: https://forge.autodesk.com/blog/new-viewablesread-scope
I have a Delphi application that loads the Google Maps JavaScript API in an embedded web browser. The page it loads looks like this:
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<style>
#map {
height: 400px;
width: 100%;
}
</style>
</head>
<body>
<div id="map"></div>
<script>
function initMap() {
var map = new google.maps.Map(document.getElementById('map'), {});
}
</script>
<script async defer
src="https://maps.googleapis.com/maps/api/js?v=3.29&key=~APIKEY~&callback=initMap">
</script>
</body>
</html>
I'm displaying the page like this in a TWebBrowser:
str := StringReplace(htmlBase, '~APIKEY~', cMapsAPIKey, []);
if not Assigned(WebBrowser.Document) then
WebBrowser.Navigate('about:blank', '1', '', '', 'User-Agent: Mozilla/5.0');
doc := WebBrowser.Document;
doc.Clear;
doc.Write(str);
doc.Close;
TWebBrowser.Navigate() will use the user agent string I've provided for the main page, but it uses this to load the scripts:
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; InfoPath.3)
Starting with 3.29, the Google Maps JavaScript API seems to be checking the browser's user agent and displaying an error message: "You are using a browser that is not supported". This isn't an issue with 3.28 or below. The browser is supported (it's using IE 11), it's just sending the wrong user agent string.
On the JavaScript end, how can I override the user agent check without disabling warnings completely? And on the Delphi end, is there a way to change the user agent for AJAX calls?
Edit: Overriding TWebBrowser.Invoke() lets me change the user agent for all HTTP requests, but it looks like navigator.userAgent isn't being changed.
You appear to be using the VCL's TWebBrowser. Per Changing the UA (User Agent) of a TWebBrowser component, you can derive a new class from TWebBrowser to override its Invoke() method to return the desired UserAgent string when the DISPID_AMBIENT_USERAGENT property is requested. Then query the browser for its IOleControl interface and call its OnAmbientPropertyChange() method to signal to the browser that the DISPID_AMBIENT_USERAGENT property value has changed. The article has full code.
For good measure, in FMX's TWebBrowser, per Change User Agent for FireMonkey TWebBrowser, on Android you can use a helper class and RTTI trickery to access the browser's internal Java WebView object and call its WebSettings.setUserAgentString() method. Not sure about Windows, but on iOS you don't customize the user agent via the web browser itself (unless you hack the FMX framework to customize the requests it sends), you have to create a dictionary containing an item named UserAgent and register it with the global standardUserDefaults dictionary using its registerDefaults() method. How you do that in Delphi, I have no clue.
The problem why your Google Maps web page isn't loading fine in your TWebBrowser component is because it is working in Compatibility Mode. That is also the reason for mentioned User Agent string.
So why is this happening. Well TWebBrowser is just a wrapper for Internet Explorer browser API. And based on Microsoft decision any application that is using such API would be by default showing web pages in Compatibility mode.
You can disable this by using instructions here:
https://stackoverflow.com/a/25843958/3636228
I am working on a ruby project which involve using RESTClient to reach out to an API. The API returns a 400 HTTP Status Code for a particular result with an accompanying response message (A JSON Response).
But when I check the response of my call:
response = RESTClient.post(...) {
logger.info response.to_s
}
I am getting a Proxy Server 400 page html:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
</p>
</body></html>
which is not what I'm expecting.
Please what could be wrong?
Also, the behaviour is different with DEV and TEST Environment. On DEV Environment, it's giving the JSON while on TEST, I'm getting this issue.
Thanks.
If this is your API you can enable response in JSON format to any request. Just add this to your base API controller:
before_filter :default_request_format
private
def default_request_format
request.format = :json
end
If this is not your API you should specify Accept header with JSON content type.
I am trying to connect quickbooks web connector with my php website. I have successfully integrated QWC file with it.
Here is the QWC file:
<QBWCXML>
<AppName>QuickBooks Integrator</AppName>
<AppID></AppID>
<AppURL>https://domain.com/quick1/docs/example_web_connector.php</AppURL>
<AppDescription>Test desktop quickbook</AppDescription>
<AppSupport>http://domain.com/file.html</AppSupport>
<UserName>mudit</UserName>
<OwnerID>{90A44FB7-33D9-4815-AC85-AC86A7E7D1EB}</OwnerID>
<FileID>{57F3B9B6-86F1-4FCC-B1FF-967DE1813D20}</FileID>
<QBType>QBFS</QBType>
<Scheduler>
<RunEveryNMinutes>2</RunEveryNMinutes>
</Scheduler>
<IsReadOnly>false</IsReadOnly>
</QBWCXML>
When I run this from web connector I get error Last result: authentication failed.
Below is a small snippet of error log:
For backward compatibility of all webservers, QBWC will catch all errors under app-not-supporting-serverVersion.
20130628.20:14:55 UTC : QBWebConnector.SOAPWebService.do_serverVersion() : This application does not contain support for serverVersion. Allowing update operation for backward compatibility.
20130628.20:14:55 UTC : QBWebConnector.SOAPWebService.do_clientVersion() : *** Calling clientVersion() with following parameter:<productVersion="2.0.0.139">
20130628.20:14:56 UTC : QBWebConnector.SOAPWebService.updateWS() : Actual error received from web service for clientVersion call: <The request failed with the error message:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
The logs are indicating that your AppURL is incorrect:
20130628.20:14:56 UTC : QBWebConnector.SOAPWebService.updateWS() : Actual error received from web service for clientVersion call: <The request failed with the error message:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
The Web Connector is hitting your server, and your server is returning a "301 Moved Permanently" response instead of a "200 OK" response like it should be.
Are you 100% positive that your AppURL is correct?
Can you actually post your AppURL, so that we can verify that it's correct?
I'm rather new to Django and have poured over similar questions here as well as pages and pages of Google results, but have yet to find the cure!
I have a login form on my website that uses CSRF verification. While I haven't had any problems on PC/Windows nor Android phones and tablets, I receive the following error when attempting to login on iPhones and Mac computers:
Forbidden (403)
CSRF verification failed. Request aborted.
More information is available with DEBUG=True.
Although there seems to be some common issues that provide for quick fixes, I believe I have all the bases covered. Then again, as I mentioned before, I'm no Django expert. My settings are as follows:
settings.py
MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
views.py
def default(request):
if request.user.is_anonymous():
return HttpResponseRedirect(reverse('auth_login'))
try:
request.user.voter
except Voter.DoesNotExist:
return render_to_response('main/profile.html', {'form': form},
context_instance=RequestContext(request))
return render_to_response('main/ballot.html', {'form': form},
context_instance=RequestContext(request))
login.html
<form action="" method="post" id="authentication_form" class="uniForm">
{% csrf_token %}
{{ form|as_uni_form }}
<div class="buttonHolder">
<input type="submit" value="Log in" class="primaryAction" />
</div>
</form>
As a side note, adding 'django.middleware.csrf.CsrfResponseMiddleware' to my setting.py breaks my server and causes a 500 error. Not sure what that means but I figured I'd mention it.