Hello everyone,
I build a simple API and everything is working fine on my localhost. When i placed it on my server i started getting this error when i try to do a PUT or DELETE request.
I looked up the NOYB thing and i found out that i have Mod_Security enabled and that this is causing the error. I tried switching this off for the domain but either i'm doing it wrong or this is not the problem.
I hope you guys can help me out real quick here since this needs to be working before the end of the night.
Any help is appreciated.
Although it is a bit late for your needs, here is an answer which may help others in your situation.
Fist create the tools needed to test the solution, assuming a configuration using PHP:
//server-side script test-put.php
< ?php
parse_str(file_get_contents('php://input'), $vars);
print_r($vars);
//client-side script send-put-req.php
< ?php
$result = file_get_contents(
'http://www.testsite.ro/test-put.php',
false,
stream_context_create(array(
'http' => array(
'method' => 'PUT'
)
))
);
print_r($result);
Then look into the error_log file (/usr/local/apache/logs/error_log) for the line of mod_security complaning every time a request comes from the script above. In my configuration I had to change this one (/usr/local/apache/conf/modsec2.user.conf):
# allow request methods
SecRule REQUEST_METHOD "!^((?:(?:POS|GE|PU)T|OPTIONS|HEAD**|DELETE))$" \
"phase:2,t:none,log,auditlog,status:501,msg:'Method is not allowed by policy', severity:'2',id:'960032',tag:'POLICY/METHOD_NOT_ALLOWED'"
Related
The issues are when I am trying to run federated authentication with the help of amplify auth method on the browser it works fine, but when I try to run it on my mobile.
It throws error No user found when I try to use Auth.currentSession() but the same work on the browser.
tried to search about this type of issue but I found related to ionic-cordova-google-plugin not related to AWS Amplify Federated Login Issue.
Updating the question after closing the question with less debugging information without asking for any information.
This is issues raised in git hub with respect to my problem.
Issue No. 5351 amplify js it's still in open state.
https://github.com/aws-amplify/amplify-js/issues/5351
Another issue 3537 which is still in Open
These two issues has the same scenario like me, I hope its enough debugging information, if more required mention comment instead of closing without notification, it's bullying for a beginner not helping
I fixed the above problem by referring a comment or wrapped around fix.
Link that will take to that comment directly link to comment.
First read the above comment as it will give you overall idea of what exactly the issue is instead of directly jumping to the solution.
Once you read the comment you will be little unclear with respect to implementation as he has use capacitor and not every one are using capacitor.
In my implementation I ignore this part as I am not using capacitor.
App.addListener('appUrlOpen')
Now lets go to main step where we are fixing this issue, I am using deep links to redirect to my application
this.platform.ready().then(() => {
this.deeplinks
.route({
"/success.html": "success",
"/logout.html": "logout",
})
.subscribe(
(match: any) => {
const fragment = JSON.stringify(match).split('"fragment":"')[1];
// this link can be your any link based on your requirement,
// what I am doing it I am passing all the data which I get in my fragments.
// fragments consists of id_token, stage, code,response type.
// These need to be passed to Ionic in order for Amplify to run its magic.
document.location.href = `http://192.168.1.162:8100/#${fragment}`;
},
(nomatch) => {
console.log("Got a deeplink that didn't match", nomatch);
}
);
});
I got this idea by referring the issue in which the developer mentioned of sending code and state along with application deep linking URL.
I've installed phpseclib 2.0.12 with composer. I am running PHP 7.0.30.
I cannot log into an SFTP site using:
require($_SERVER["DOCUMENT_ROOT"] . "/vendor/autoload.php");
use phpseclib\Net\SFTP;
define('NET_SFTP_LOGGING', SFTP::LOG_COMPLEX);
$sftp = new SFTP($ftp_server);
echo("<pre>");
if (!$sftp->login($ftp_user_name, $ftp_user_pass)) {
print_r($sftp->getSFTPErrors());
echo $sftp->getSFTPLog();
exit('Login Failed');
} else {
echo("login worked");
}
echo("</pre>");
The output is simply:
Array
(
)
Login Failed
Why is logging not displaying anything at all? How can I see what is failing here?
You should be doing define('NET_SSH2_LOGGING', SSH2::LOG_COMPLEX); and $sftp->getLog(); instead. NET_SFTP_LOGGING only enables logging at the SFTP layer, which is only established after you've successfully authenticated.
Similarily, I'd do print_r($sftp->getErrors()); instead of print_r($sftp->getSFTPErrors());.
In case it helps someone else, I encountered a related issue and the password had a backslash in it. We changed our variable to use single quote marks instead of double and authentication worked. I suspect somewhere it was being treated as escape character. Perhaps this will helps someone save a few hours troubleshooting.
This is a follow up of this question. At first I thought the issue was resolved after checking out the example from the Qt wiki (I use the same code without a single change). However it appears that it's the URL that is the culprit. I tried using the links provided in this answer to test my http GET request. Using the Http Requester (Firefox addon for Http requests (GET, POST etc.)) and curl shows no issues with this link^:
$~: curl --request GET --url "http://httpbin.org/ip"
For some reason Qt gets stuck and the readyRead()/finished() signals are never emitted.
As a result the request gets cancelled after some time due to socket timeout...For something that is really small and opened by Firefox in less than a second.
I'm far from an expert when it comes to Http stuff. I'd like to know why this behaviour occurs in Qt while there is no sign of it when working with other tools.
EDIT: I've also tested the problematic URLs using Python and its urllib
import urllib.request
res = urllib.request.urlopen("http://httpbin.org/ip").read().decode("utf-8")
import xml.etree.ElementTree as ET
doc = ET.fromstring(res)
and it works just fine. Clearly there is something with Qt going on and/or me missing something when using it.
EDIT2: I've also tried another test service for HTTP requests - https://postman-echo.com. With curl there is no problem:
$~: curl --request GET --url "https://postman-echo.com/get?foo1=bar1&foo2=bar2"
For my surprise though there is no problem with Qt either! The only thing that I see here as a huge difference is that postman-echo.com uses HTTPS while the other URLs I've tried were HTTP. I exclude the https://www.qt.io which was the default URL in the Qt example and worked just fine (though it didn't have any parameters).
Try executing that in an event loop. Here is something similar to what I do in a non-gui application:
QUrl req_url = QUrl(href);
QNetworkRequest request(req_url);
//request.setRawHeader("Content-Type", "application/json;utf8");
//q_nam is QNetworkAccessManager created earlier
QNetworkReply *reply = q_nam->get(request);
QEventLoop event_loop;
connect(q_nam, SIGNAL(finished(QNetworkReply * ) ), &event_loop, SLOT(quit() ) );
event_loop.exec(); // blocks stack until "finished()" has been called
event_loop.processEvents(QEventLoop::ExcludeUserInputEvents, 500 );//what events to processed and for how long
event_loop.exit();
QNetworkReply::NetworkError er = reply->error();
// ....continue handling
I forgot to mention that I'm behind. Frankly I feel rather stupid for missing this and also not checking through the guest network at work (which circumvents the stupid proxy). A colleague of mine tried using HTTPS instead of HTTP (which is the original link). The HTTPS is also something that the proxy just lets go through without any issues. And it worked.
However a more neutral solution is (as my colleagues found out) to use QNetworkProxyFactory::setUseSystemConfiguration(true) which takes the proxy configuration that I have system-wide.
I have a perplexing issue. I have Web Service A (henceforth WSA), a 3.5 .Net WCF, which I have added a call to Web Service B (henceforth WSB) which is a 3.5 .Net ASMX. When running WSA in the client (SOAPUI or WCFStorm), the WSB call times out per the client timeout setting.
In the VS event viewer I can see that the call to WSB immediately throws two error 400s:
Exception thrown: 'System.Net.WebException' in System.dll ("The remote
server returned an error: (400) Bad Request."). Exception thrown:
'System.Net.WebException' in System.dll ("The remote server returned
an error: (400) Bad Request.")
No reason is given. What is just as puzzling to me is the error doesn't go to my catch. When I debug and I hit the line of code that calls WSB, it's like a reset. No further code gets executed and no error is thrown by my WSA.
If I call WSB directly, it works. So nothing is wrong with WSB. At suggestion of a coworker, I took the code specific to my change and put it in a stand-alone service. I literally C&P the code and configs setting specific to me and adjust namespaces and class names. Lo and behold it works. My stand-alone web service called WSB just fine and get the data I expect.
A coworker and I checked the logs (IIS log for the service and the HTTPERR log) on the IIS server that WSB resides on to see if there was any mention of the 400 error. We found none.
So we are kind of perplexed at this point. The only thing we can think of is perhaps something in the web config might be interfering but have no idea what it could be.
If you have any suggestions of where else to look that would be helpful.
And it would be nice to know why it isn't falling into my error handler.
Thanks.
Update: It was requested I add config and code. I don't think it will help honestly and it is pretty straightforward. I can't put the real code due to company reasons but it is basically this:
In web config:
<configuration>
<appSettings>
<add key="endpointUrl" value = "someurl" />
</appSettings>
.
.
.
<applicationSettings>
<MyService.Properties.Settings>
<setting name="MyService_TheirService"
serializeAs="String">
<value>someurl</value>
</setting>
</MyService.Properties.Settings>
</applicationSettings>
Even though the data is super small I did try making large reader settings and such:
<binding name="CustomHtttpBinding" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647" closeTimeout="01:50:00" openTimeout="01:50:00" sendTimeout="01:50:00" receiveTimeout="01:50:00" >
<readerQuotas maxDepth="128"
maxStringContentLength="8388608"
maxArrayLength="2147483646"
maxBytesPerRead="4096"
maxNameTableCharCount="16384" />
</binding>
Code:
using MyService.TheirService
.
.
.
var theirURL = ConfigurationManager.AppSettings["endpointUrl"];
var oSvc = new TheirServiceObject
{
Url = theirURL
};
int numberIneed = oSvc.SomeMethod();
That last line is where it throws the 400.
UPDATE 2:
A colleague show me how to use Fiddler. And I can now see that the request to WSB is absolute garbage.
xڭ s 6 mr!!u \ .3 5'3 G QOH>Iп kX M3 ~vY ) X e Z
w ~ :jv -ݴwڽHb Yqv A :(Q Z; >9W O0g 6 .ɖVlU Ţ 8Z
< ( t eSv U]r R $N \
Some odd encoding? At least it's another clue.
Wanted to let you know this problem was solved. Another Dev that had worked on this service before but no longer just happened to walk by and I said "Hey! Look at this!"
They saw the garbage request data and said "That looks like compression. Look up compression in the project."
Turn out there was a custom compression component that was compressing the outgoing data of the service and you needed to add 2 lines of code to decompress. After adding those lines to the top of my method everything immediately worked.
The lesson here is if your project is doing some weird stuff that defies reason, try and find as many people as you can that worked on it before even if they aren't working on it anymore.
Folks, I have found what seems to be a problem with / (bug in ?) MSF4J as including an #MatrixParam annotated variable in a URI causes the affected (micro)service to either 'hang' indefinitely, or if accessed via a browser, to give a "404 Not Found" message for the path/endpoint, even when correct.
Here is a code fragment that illustrates the problem - it compiles ok (eclipse/maven) and deploys without errors using microservicesrunner() in the usual way.
package org.test.service;
import javax.ws.rs.GET;
import javax.ws.rs.MatrixParam;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Response;
#Path("books")
public class MPTest { // MatrixParam Test
#GET
#Produces(MediaType.TEXT_PLAIN)
#Path("/query")
// method to respond to 'GET' requests
public Response getListOfBooks(#MatrixParam("Author") String author) {
// do something in here to get book data from DB and sort by titles
List<String> titles = .......;
return Response.status(200) .entity("List of Books by " +author+ "ordered by title " + titles).build();
}
}
With this code fragment, accessing the URL "(host:8080)/books/query;Author=MickeyMouse" should cause a list of books by that author to be retrieved from the DB (I have omitted the actual code that does so for clarity, as it is not relevant to this post).
However, it does not get there, so that code isnt executed. As far as I can tell with a debugger, no #MatricParam value is retrieved - it remains null until the process times out. Things like curl and wget just hang until they time out, and from a browser, the best I can get is a 404 not found error for the URI, even though it is valid.
However, if I replace the #MatrixParam with a #PathParam it works perfectly, and can I get the URL string retrieved in its entirity. The URI that I get is as expected - no odd hex characters, no typos, and so forth. The URI entered is what you get back. So, no problem there.
Behaviour is also consistent across platforms (couple of flavours of Linux, and three versions of Windoze), so it is not anything to do with the OS itself. Similarly, I get the same behavior with multiple clients and tools, so it isnt a problem there either.
So, it appears to be a problem within the MSF4J framework / domain, and I could use some support / help / suggestions here as I've reached the point of tearing my hair out..... Any ideas, folks?
The only reference I can find to a similar problem was closed as 'off topic' without a reply (see Rest API Matrix param annotation) so I think that this needs re-opening as it seems to be a genuine problem....
Regards, and thanks in advance for any help,
Rick
#MatrixParam is not supported with MSF4J at the moment. You can create a GitHub issue. So we can implement that support in future releases.