I have tried to work with JSOUP, Below I've mentioned my code
Application.cfc as
<cfset this.name = "jsoupApp11111">
<cfset this.javasettings = { loadpaths = [#expandPath("./jsoup-1.12.1.jar")#],reloadOnchange = true}>
CFM file as
<cfset jsoupObj = createObject("java","org.jsoup.Jsoup")>
<cfset testURL = 'https://en.wikipedia.org/wiki/List_of_countries_by_population_(United_Nations)'>
<cfset connectUrlSite = jsoupObj.connect(testURL).get() >
<cfset getUrlSiteBody = connectUrlSite.body() >
<cfoutput>
#connectUrlSite.title()#"
</cfoutput>
<cfloop array="#getUrlSiteBody.select('img')#" index="i">
<cfoutput>
#i#
</cfoutput>
</cfloop>
It's working fine for above Wikipedia site URL, When I am trying to do the same for some other websites I get an error message like Received fatal alert: handshake_failur
and some other sites throws error message like PKIX path validation failed error during jsoupObj.connect(testURL) process. I'm not sure which I'm missed or which place I will get more detail about this kind of errors.
Error message After using http instead of https
Every answer is appreciable and helpful.
Thanks in Advance!
You left out some pertinent information (like your java version), but generally speaking those https errors are caused by JSoup being unable to establish a secure connection with the target server.
Received fatal alert: handshake_failure
I was able to reproduce the error with java 1.8.0_72. Enabling debugging, i.e. -Djavax.net.debug=all, confirmed it's caused by an SNI server_name extension bug. Updating the JVM used by CF to version 1.8.0_141 or later, resolved the issue.
Java 1.8.0_144 (fixed)
*** ClientHello, TLSv1.2
...
Extension signature_algorithms, signature_algorithms: ...
Extension server_name, server_name: [type=host_name (0), value=trycf.com]
***
Java 1.8.0_72 (server_name missing)
*** ClientHello, TLSv1.2
...
Extension signature_algorithms, signature_algorithms: ...
***
HTTP error fetching URL. Status=403
HTTP Status code 403 means the request is forbidden. In this case the request is being rejected because the user-agent value is empty. See the documentation on adding a user agent.
Just keep in mind some sites deliberately reject such requests to prevent screen scraping. So check the site's terms and conditions first, to see if programmatic access is prohibited.
PKIX path validation failed
You need to supply the URL causing the error for us to be more specific, but generally it indicates a problem with missing or invalid certificates. See also How to Resolve Java HTTPS Exceptions
Related
I have migrated from ColdFusion 8 to Coldfusion 2016 and specified the path under CF Admin console. See picture. One of my file (login.cfm) is under /common directory outside webroot.
When I hit application url, first it finds index.cfm and then validate.cfm in which I am calling login.cfm using cfmodule. PLs check the lines of code here from validate.cfm.
<cftry>
<cfmodule template="/common/security/login.cfm"
login="#form.login#"
password="#form.password#"
returnvar="login_result">
<cfcatch>
<cf_error_logreg error="An error occurred checking for active PO in validate.cfm. Please report this error to #request.app.admin_email# immediately.">
<cfabort>
</cfcatch>
</cftry>
So it doesn't run the cfmodule and throws out of cftry block everytime when it finds some page from /common directory and shows the error message what is specified in cfcatch block. Which means it's not accessing the mappings which I have set in CF Admin console. Any idea?
I am using IIS as a web server.
Issue resolved. The mappings we did was right, but Application was failing to set the cookies. ColdFusion was unable to add the cookie we specified to the response. This is probably because we have used it to set one of the ColdFusion Session Cookies or Authentication cookie. I have fixed that.
To fix this, I logged in to Coldfusion Admin> Memory Variables and unchecked 'Disable updating Coldfusion internal cookies using Coldfusion tags/functions.'
Save settings and restarted the website. It worked.
I have set up a private app with read access to customer details and customer groups.
My ColdFusion:
<cfhttp
url="https://[api-key]:[password]#rhein-essentials.myshopify.com/admin/customers.json"
method="get" result="httpResp" timeout="120">
<cfhttpparam type="header" name="Content-Type" value="application/json" />
</cfhttp>
<cfdump var="#httpResp#" />
Where [api-key] and [password] were copied from the data that was generated when I created the private app. The response object:
struct
Charset [empty string]
ErrorDetail I/O Exception: peer not authenticated
Filecontent Connection Failure
Header [empty string]
Mimetype Unable to determine MIME type of file.
Responseheader struct[empty]
Statuscode Connection Failure. Status code unavailable.
Text YES
As you can see, it comes back with the error "Connection Failure". The detailed error adds, "I/O Exception: peer not authenticated". At first I was inclined to think this was a problem with my ColdFusion code. But I then tried taking the same url and plugging it directly into my browser. When I'm logged into the Shopify site, the url redirects to https://rhein-essentials.myshopify.com/admin/customers.json and displays the data properly. When I'm logged out, though, the url redirects to https://rhein-essentials.myshopify.com/admin/auth/login. Isn't the point of using the api key and password so that I have access to the data remotely, without needing to be logged in?
What am I doing wrong, and how can I retrieve data from the store at all without being logged in, if not through ColdFusion?
As #RRK pointed out,
Most likely this is a TLS1.2 issue which is a known issue with CF9. Can you try adding this -Dhttps.protocols=TLSv1.2 to the JVM setting in CF administrator?
It would seem that it was indeed a CF9 issue, because after upgrading it to CF 2016 Patch 6, along with Java 8 x64 V 172, it retrieved the data fine.
I'm working on a web app that is ran nightly to retrieve a large XML file from another server. We're using ColdFusion MX7. We run a CFHTTP GET with username, pass, and url. Then we write the field with a cffileaction write to our temp location. So that it can be parsed and sorted into a database. There are a few CFHTTP calls on the page cut one of them is failing. In the CFCatch I have the system email me the catch type and the message and I'm getting this.
COM.Allaire.ColdFusion.HTTPFailure
Connection Failure: Status code unavailable
This the call an write action as is (the credentials are right):
<cfhttp method="GET"
username="#uname#"
password="#pw#"
url="#url#"
resolveurl="yes"
throwonerror="yes">
</cfhttp>
<cffile action="write" file="#getdirectoryfrompath(GetCurrentTemplatePath())#\XML_FileName.xml" output="#cfhttp.fileContent#">
Is anyone familiar with his error?
As it turns out we were getting the Cert from the other groups 'test' server and then trying to using to get things from their production server. So Peter was right! If you run into this problem check out these links:
CFHTTP Over SSL
http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:48687
We are making a cfhttp call to connect to an https web service.
We are getting the this error:
Connection Failure: Status code unavailable
I searched Google but have found no solutions.
From the production server I am able to hit the web service URL.
I am a .Net developer and I am not sure of this technology.
Any pointers will be helpful.
Here is the line of code we are using to make the connection:
<cfhttp url="#arguments.TheIP#" method="post" throwonerror="true" timeout="45">
<cfhttpparam type="header" name="SOAPACTION" value="#arguments.TheHeader#">
<cfhttpparam type="XML" value="#arguments.TheXML#">
</cfhttp>
I have faced / solved this a few times, the snippet below hopefully will work for you. I highly recommend learning about it in stead of simply trying it.
I place this in my Application.cfc, but you could put it right in your script right before the cfhttp call as well.
<!--- fix for HTTPS connection failures --->
<cfif NOT isDefined("Application.sslfix")>
<cfset objSecurity = createObject("java", "java.security.Security") />
<cfset objSecurity.removeProvider("JsafeJCE") />
<cfset Application.sslfix = true />
</cfif>enter code here
Hum... First thing that appears odd is your IP argument as mentioned by barnyr. The response you are getting makes me think you are getting NO response at all (the request is completely ignored, not just erring). So some setting is causing them to ignore your request.
As of CF9 I use cfscript to do this kind of thing via HTTP when I can't use regular webservice java object proxy stubs.
Here is a working SOAP call via http() (because of .net to cf inability to communicate complex object hash maps via regular soap I resorted to this, among other things).
This is a cf to .net service call so it might be relevant for you as they are using just the built in tools to gen their SOAP service which was not perfectly Axis 1 SOAP happy-go-lucky.
In particular I had to play with some of the extra settings and headers to get it just so and specifically add the soap action into a header (which is usually derived from the SOAP body envelope).
Additionally, I am using oasis security which I had to stuff inside the envelope/body.
Here is the code (inside a cfc) that you might try updated as you need:
//////////////////////////////////////////////////////////////////////////
// BUILD HTTP REQUEST
//////////////////////////////////////////////////////////////////////////
Local['SoapAction'] = "XYZ.Commercial.Mapping.ServiceContracts/IService/#Arguments.szMethodName#"; // THIS IS CASE SENSITIVE
var oH = new Http();
oH.setMethod('post');
oH.setCharset('utf-8');
oH.setUserAgent('Axis/1.2.1');
oH.setTimeout(30);
oH.setURL(Arguments.szURL);
// INCLUDING THE SOAPACTION AS A HEADER IS SPECIFIC TO XYZ - USUALLY THE OPERATION IS DECIPHERED FROM THE ENVELOPE BODY TAGS - XYS REQUIRES THIS PATHING TO MATCH FOR THE SOAP ACTION HEADER VALUE
oH.addParam(type="HEADER", name="SOAPAction", value='#Local.SoapAction#');
oH.addParam(type="HEADER", name="Content-Type", value='text/xml');
oH.addParam(type="body", value=Arguments.szBody);
///////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////
// EXECUTE HTTP
Local['rsHttpSend']= oH.send();
// SET RESULTS
Local.nStatusCode = val(Local.rsHttpSend.getPrefix().StatusCode);
Local.szResponse = Local.rsHttpSend.getPrefix().FileContent;
Local.szHeader = Local.rsHttpSend.getPrefix().Header;
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////
This approach was coupled with using SoapUI to verify the final soap body post was valid. So if you can do that too, you should be able to use this vector.
Let me know if you get any farther.
Here are a list of things to check:
The variable for the URL is TheIP. Make sure this actually a properly
formatted URL, not just a URL.
Check that the target server's certificate is installed in the JVM's
trust store. in Windows and I think .Net, the system's own
certificate store is used, so if your browser can get to the URL
you're ok. In Java there is a file which contains a list of Trusted
Certs. Instructions on importing those certs are in the CF docs for
CFHTTP.
Check the ColdFusion logs for evidence of failure.
c:\coldfusion9\logs\exception.log is probably a good place to start.
Make sure your cfhttp link is correct. I face this issue and it totally based on incorrect cfhttp link.
We have a dedicated server running CentOS and Coldfusion 8.
All cfmail email is routed through Google with cfmail and smtp.
Every now and then, when cfmail is used, the 'FROM' field uses an address from a totally different website.
For instance:
Use form on Site A
Get an email: "Subject: On Site A From: siteb#siteb.com"
Where the from is a completely different variable in another set of code on another part of the server- there is no reason it should see this.
On the other side, sometimes sending an email to sitea#sitea.com has email wind up in Site B inbox, a completely different Google account.
What causes this to happen? Some kind of memory/cache issue? Or is there a funky DNS record causing issue?
Example:
Application.cfm (starts with some UDF includes, and then):
<cfinvoke component="#request.componentPath#.variables" method="getGlobal" />
Variables.cfc (a lot of variables defined within, but here is the cfmail vars):
<cffunction name="getGlobal" access="public" output="false" returntype="void">
<cfscript>
request.siteEmail = "email#mysite.com";
request.siteMailServer = "smtp.gmail.com";
request.siteMailUsername = "root#mysite.com";
request.siteMailPassword = "[redacted]";
</cfscript>
</cffunction>
It sounds like it's possible it could be a var scoping issue, but we can't know for sure until you share some code...
Looks like you're running multiple sites? there's a setting in the CF caching page in admin to do with caching web server paths:
From http://help.adobe.com/en_US/ColdFusion/9.0/Admin/WSc3ff6d0ea77859461172e0811cbf3638e6-7ffc.html :
Disabling the cacheRealPath attribute To ensure that ColdFusion always returns pages from the correct server, disable Cache Web Server Paths in the Caching page of the ColdFusion Administrator. (When you use the multiserver configuration, set the cacheRealPath attribute to false for the ProxyService in the jrun_root/servers/servername/SERVER-INF/jrun.xml file.)
Might not be it, but it's at least quick to try out.