I'm trying to upload a file from my browser and it don't work at all.
My bucket CORS configuration is:
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>GET</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
And in my code I'm sending this:
xhr.open('PUT', "http://upload.test.s3.amazonaws.com/" + uploadFile.get("dest") +'?' + "partNumber=" + (part + 1) + "&" + "uploadId=" + uploadFile.get("uploadId"), true);
xhr.setRequestHeader("Authorization", uploadFile.get("authorization"));
xhr.setRequestHeader("x-amz-date", uploadFile.get("date"));
xhr.setRequestHeader("Content-Type", uploadFile.get("rawFile").type);
xhr.setRequestHeader("x-amz-acl", "public-read");
xhr.send(chunk);
Ps: The uploadFile has some properties like the authorization key and uploadId that comes from the server.
When the upload starts I pass trough the OPTIONS request but the Put request gets aborted after a few seconds ( usually 4-5 seconds after sending some content percentage ). Unfortunately it gets aborted with no feedback.
Does anyone knows what could be happening??
Thanks!
Edit: Basically I'm using https://github.com/LearnBoost/knox to get the UploadId from the Multipart Upload ( it works if I use the server for the whole upload operation )
It looks like the server can't use wildcards (i.e. "*") if you use CORS Authorization: check this out.
Have you tried specifying the requesting domain in the AllowedOrigin header of your bucket?
Related
I have been stuck iwht the authorization process wiht Travelport uAPI.
So far, we have been able to successesfully create a terminal session and returns a host token.
Following this, i need to Include the host token in order to the create a terminal session response.
I hit a post request to the API - (https://americas.universal-api.pp.travelport.com/B2BGateway/connect/uAPI/TerminalService) with my generated token
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header/>
<soapenv:Body>
<ter:TerminalReq AuthorizedBy="PRODSMOKETEST" TargetBranch="P1064XX" xmlns:ter="http://www.travelport.com/schema/terminal_v33_0" xmlns:com="http://www.travelport.com/schema/common_v33_0">
<com:BillingPointOfSaleInfo OriginApplication="UAPI"/>
<com:HostToken Host="1V" Key="1T">7BC47E76-49E8-436D-5061-XXXXXXXXXXXX</com:HostToken>
<ter:TerminalCommand>ADENATL</ter:TerminalCommand>
</ter:TerminalReq>
</soapenv:Body>
</soapenv:Envelope>
The respoonse is shared below:
<SOAP:Envelope xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP:Body>
<terminal:TerminalRsp TransactionId="A9D4AF0F0A0D6A81BE7458993D2C259F" ResponseTime="15" xmlns:terminal="http://www.travelport.com/schema/terminal_v33_0">
<terminal:TerminalCommandResponse>
<terminal:Text>SIGN IN </terminal:Text>
<terminal:Text>><</terminal:Text>
</terminal:TerminalCommandResponse>
</terminal:TerminalRsp>
</SOAP:Body>
</SOAP:Envelope>
The issue seems to be around the Terminal command log in wiht ADENATL .
I am not able to figure out if this is an issue with the log "ADENATL" or if I am missing out on any step?
Any help would be appreciated
I have tried the loggoin in with the terminal commands SON/ZHA, which gives me an eorror with Agent ID.
I am trying to make a site available offline and to cache images retrieved from AWS S3. I am using the workbox library:
var CACHE_VERSION = '2019-02-03'
// cf https://developers.google.com/web/tools/workbox/guides/get-started
importScripts('https://storage.googleapis.com/workbox-cdn/releases/3.6.1/workbox-sw.js')
workbox.routing.registerRoute(
// Cache image files
/https:\/\/s3\.amazonaws\.com\/myproject\/img\/.*\.(?:png|jpg|jpeg|svg)/,
// Use the cache if it's available
workbox.strategies.cacheFirst({
// Use a custom cache name
cacheName: 'image-cache-' + CACHE_VERSION,
plugins: [
new workbox.expiration.Plugin({
// Cache for a maximum of a week
maxAgeSeconds: 7 * 24 * 60 * 60,
})
],
})
)
This results in the following error message from workbox in the console:
The response for 'https://s3.amazonaws.com/myproject/img/icon.png' is an opaque response. The caching strategy that you're using will not cache opaque responses by default.
I have added the crossorigin='anonymous' attribute for those images, and I have this CORS configuration on AWS S3:
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>DELETE</AllowedMethod>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>HEAD</AllowedMethod>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
Am I not using CORS properly? How to make the response a normal one and not an opaque one?
Okay this was a stupid mistake. I was doing the right thing, but the crossorigin="anonymous" attribute was set on some of the images and not on the others. Properly setting it on all the images fixes the problem.
The site I'm working on uses a combination of background images in an unusual way, which made it harder to debug. The image on top properly had the crossorigin attribute, but the other images hidden under it did not have it, and were causing everything to fail, including the display of the image on top, which was properly cached in offline mode. Stupid mistake.
i am using third party Exigo Api request for my app. the service says to send 2 more requests array in the body of main Soap service. Though i tried sending the 2 request in string form in the Body of the main request but i received Empty String . Help me out how should i do this . i got no solution in the manual or on any other site after googling this issue for a week i am posting this question
Exigo Api (Process Transaction Service)
POST /3.0/ExigoApi.asmx HTTP/1.1
Host: api.exigo.com
Content-Type: text/xml; charset=utf-8
Content-Length: length
SOAPAction: "http://api.exigo.com/ProcessTransaction"
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<ApiAuthentication xmlns="http://api.exigo.com/">
<LoginName>string</LoginName>
<Password>string</Password>
<Company>string</Company>
</ApiAuthentication>
</soap:Header>
<soap:Body>
<TransactionalRequest xmlns="http://api.exigo.com/">
<TransactionRequests>
<ApiRequest />
</TransactionRequests>
</TransactionalRequest>
</soap:Body>
</soap:Envelope>
This is the Soap request i have to process and Send Api Request Array in the body of the main request using iOS.
Thanks in Advance
Please check below link, like
let body = envelope.addChild(name: "soap:Body")
let header = body.addChild(name: "soap:Header" , attributes: ["xmlns:m" : "http://www.w3schools.com/transaction/"])
https://github.com/tadija/AEXML
We have tackle same type of issue for our mobile app. We have have implemented adapter that accepts JSON request from Mobile and then translate that into API request which is inculded in MVC Application as wsdl. Can't find any other way to do that.
I'm attempting to set the content type of a file when uploading to s3 directory with jQuery and Rails. I've successfully implemented Ryan Bate's solution without issue.
The problem is the content type does not get set and defaults to binary/octet-stream. I've added into Ryan's solution the following:
uploader_helper.rb
def fields
{
# ...
:content_type => nil,
# ...
}
end
paintings.js.coffee
$("#fileupload").fileupload
add: (e, data) ->
# ...
if types.test(file.type) || types.test(file.name)
# ...
data.form.find('#content_type').attr('name','Content-Type')
data.form.find('#content_type').val(file.type)
data.submit()
# ...
In addition, my CORS config looks like this:
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>http://localhost:3000</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
I receive a 403 (Forbidden) error when I try adding these fields.
I've tried adding a bucket policy, but it didn't help.
Following Ryan's tutorial, a policy on content type needs to be added to the policy_data method.
For example, if we want to allow any content-type, then this line should be added:
["starts-with", "$Content-Type", ""]
I am attempting to consume a web service using Delphi 2010 and Indy. To establish a usable SOAP stream to compare to the one created by my program, I am testing in SOAPUI. I am using a SOAP stream provided by the web service provider which also matches the SOAP stream specified in the WSDL file. I am getting an HTTP 400 (bad request) error from the service.
From what I can find online, it appears that receiving an HTTP 400 error indicates that your SOAP request is malformed and can not be read by the web service. I have tested my SOAP stream using XMLPad and the XML seems to be well formed. I suppose this may mean that something does not match its schema requirement. I will first check the schema description for the password in case that is expected to not be sent as plain text. What else should I be checking to eliminate an HTTP 400 error?
Here is my request (less username and password) in case it helps:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:xop="http://www.w3.org/2004/08/xop/include"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://wwww3.org/2001/XMLSchema-instance">
<soap:Header>
<wsa:Action>http://edd.ca.gov/SendTransmission</wsa:Action>
<wsa:MessageID>urn:uuid:5aa788dc-86e1-448b-b085-2d2743cf9f26</wsa:MessageID>
<wsa:ReplyTo>
<wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address>
</wsa:ReplyTo>
<wsa:To>http://fsettestversion.edd.ca.gov/fsetproxy/fsetservice.asmx</wsa:To>
<wsse:Security soap:mustUnderstand="1">
<wsse:UsernameToken wsu:Id="UsernameToken">
<wsse:Username>#USERNAME#</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">#PASSWORD#/wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">O5QWht1bslLCX6KnlEypAA==</wsse:Nonce>
<wsu:Created>2012-02-29T22:32:38.250Z</wsu:Created>
</wsse:UsernameToken>
<wsu:Timestamp wsu:Id="Timestamp-805a7373-335c-43b6-ba21-6596c4848dbf">
<wsu:Created>2012-02-22T15:41:42Z</wsu:Created>
<wsu:Expires>2012-02-22T15:46:42Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</soap:Header>
<soap:Body>
<SendTransmission xmlns="http://edd.ca.gov/">
<SendTransmissionRequest xmlns="http://www.irs.gov/a2a/mef/MeFTransmitterServiceWse.xsd">
<TransmissionDataList>
<Count>1</Count>
<TransmissionData>
<TransmissionId>123456789</TransmissionId>
<ElectronicPostmark>2012-02-22T07:41:42.2502206-08:00</ElectronicPostmark>
</TransmissionData>
</TransmissionDataList>
</SendTransmissionRequest>
<fileBytes>
<xop:Include href="cid:1.634654933022658454#example.org"/>
</fileBytes>
</SendTransmission>
</soap:Body>
</soap:Envelope>
There may be something else, but at the moment, I am suspicious of the wsse:UsernameToken. I downloaded the document at http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0.pdf and read it last night. It's written in fairly plain language and I feel like I understand what it is saying but it leaves me with a smaller question than the one I asked originally. This document proposes that you can use a plain text password in this format:
<S11:Envelope xmlns:S11="..." xmlns:wsse="...">
<S11:Header>
...
<wsse:Security>
<wsse:UsernameToken>
<wsse:Username>Zoe</wsse:Username>
<wsse:Password>IloveDogs</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
...
</S11:Header>
...
</S11:Envelope>
Or you can use a password digest. It defines a password digest like this:
Password_Digest = Base64 ( SHA-1 ( nonce + created + password ) )
According to the reference, the format for a password digest would look like this:
<S11:Envelope xmlns:S11="..." xmlns:wsse="..." xmlns:wsu= "...">
<S11:Header>
...
<wsse:Security>
<wsse:UsernameToken>
<wsse:Username>NNK</wsse:Username>
<wsse:Password Type="...#PasswordDigest">
weYI3nXd8LjMNVksCKFV8t3rgHh3Rw==
</wsse:Password>
<wsse:Nonce>WScqanjCEAC4mQoBE07sAQ==</wsse:Nonce>
<wsu:Created>2003-07-16T01:24:32Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
...
</S11:Header>
...
</S11:Envelope>
This is not the format used in the example provided by the web service publisher. The plain text version in the reference does not use a nonce. The example message uses a nonce but calls for a plain text password. It appears to me that the use of a nonce without a password digest does not add any security to the message. It could be any random string of characters if there is no agreement for how it is to be created. Am I missing the point?
I know this must seem like a tedious undertaking, but I am hoping that by providing this here, maybe we can provide a little help to the next person coming along.
I too have come across this issue. The web service publisher (edd.ca.gov) responded by stating that the " value is required by the SOAP 1.2 standards" yet I find no valid support for that. It looks like we both are heading down the same path (FSET) and maybe we should team up and work together, two heads are better than one. I have found many mistakes within the example code and I too have yet get it to work.