In Internet Explorer 6, there is a setting to add the domains to trustred sites to overcome cross site scripting.
Is there any such setting available in Firefox browser?
Thanks.
Related
I have a basic website written in Python Django, hosted on IIS 8.5. The website is used in the company intranet with Windows Authentication.
Accessing the website through a browser gives no problems for authentication. However, making use of a simple web API to retrieve data for reporting purposes is giving problems.
I'm trying to load a URL into Excel which supplies data in CSV format (Data -> From Web). Disabling IIS Windows Authentication and using Anonymous works perfectly. However, enabling Windows Authentication does not work as Excel says 'credentials are incorrect'.
The URL response is a simple HttpResponse object with CSV data. Nothing weird or complicated happening.
Any idea where to troubleshoot this? My IIS knowledge is limited in this regard.
So I changed the API part of the website to anonymous authentication as per this answer. it did the trick for me:
IIS 8.5: Change authentification mode for url sub path
I wrote a very simple sharepoint hosted app (2013). I kept getting a lot of windows credential prompt, asking for domain user name and password when I tried to deploy to my development server.
I have a separated app domain setup. Also, from the vs2013 deploying output, it shows the app successfully deployed to my hosted web.
When I go to the site (hosted web), I can see the link of my app is appearing on the left hand nav panel, inside of the Recent section.. However, when I click on the link again, the windows security prompts and asking for my network credential. I kept entering it, but it just kept prompting...
My app url is: app-47294dea293202.appDomainName.com usually if this is my regular IIS web, I will go and check the IIS authentication and try to enable/disable the anonymous/windows login, but in this kind of url, where I can go and tweak that?
I have been trying to fix this issue for many hours, I felt really exhausted working with Sharepoint 2013..
Open Internet Explorer -> Internet Options -> Tab Security -> Local Intranet -> Click Sites -> Advanced -> Add the link http(or https) ://*.appDomainName.com.
This is append because the url is not recognize as Local Intranet and IE doesn't pass the current credentials, check also:
Internet Explorer -> Internet Options -> Tab Advanced -> Under Security Group -> Enable Integrated Windows Authentication is checked (This options pass the current credentials on Local Intranet Site).
You can try also the Disable the loopback check
I'd like to understand if there's any cookie downloaded in the Desktop/Mobile browser, while browsing the MobileFirst Platform's Mobile Site.
Is there any information written inside it ?
Thanks in advance.
Typically, yes, there will be a cookie called WL_PERSISTENT_COOKIE used for working with authentication realms - you can find out more here.
In general, it's not too hard in most browsers to see if a cookie is set by any particular site, including the MFP mobile web environment - for example, here are some instructions on how to do that in Chrome.
I have a provider hosted app (a normal asp.net web forms application) deployed on a typical web server IIS 7.5.
While launching the app from SharePoint Site in Office 365 Multi Tenant, it's throwing the below issue on App launch.
On capturing details using Fiddler, found the following when the app is launched
SPAppToken=&SPSiteUrl=https%3A%2F%2Fabc.sharepoint.com%2Fsites%2Fspdev%2Famsdev%2Famitamsdev&SPSiteTitle=amitamsdev&SPSiteLogoUrl=%2Fsites%2Fspdev%2FSiteAssets%2Flogo.gif&SPSiteLanguage=en-US&SPSiteCulture=en-US&SPRedirectMessage=EndpointAuthorityMatches&SPCorrelationId=31477a9c-2902-204a-8393-67eced1a10b8&SPErrorCorrelationId=31477a9c-2902-204a-8393-67eced1a10b8&
SPErrorInfo=The+requested+operation+requires+an+HTTPS+%28SSL%29+channel.++Ensure+that+the+target+endpoint+address+supports+SSL+and+try+again.++Target+endpoint+address
The SPErrorInfo Part is interesting. I am unable to confirm whether we really need the remote site to be configured for https?
Additional Information - Identity Provider is ACS and it is a low trust app.
Can someone suggest?
Regards,
Nitin Rastogi
In a production environment, you should always be using HTTPS. If you don't, you're exposing yourself (and your organization) to many risks.
If this is your development environment and you are confident this isn't an issue, you may want to look at the accepted answer to this question on the MSDN forums, which mentions the same error message. Their solution to bypass the HTTPS checking:
$c = Get-SPSecurityTokenServiceConfig
$c.AllowMetadataOverHttp = $true
$c.AllowOAuthOverHttp=$true
$c.Update()
When packaging the SharePoint App from Visual Studio, you must ensure that the URL you use is using HTTPS:
In IIS, add an HTTPS binding to the site to achieve this. You would have to reupload the App to SharePoint after packaging it with the new HTTPS URL.
More information here.
I am developing a mobile web app targeting Android, IOS, BB.
In order to be able to do remote debugging I have found Adobe Edge Inspect, Google Developer Tools, Web Inspector on Safari,
Is there a better way of doing remote inspection?
Thanks
I found WEINRE really helpful.
weinre is a debugger for web pages, like FireBug (for FireFox) and Web Inspector (for WebKit-based browsers), except it's designed to work remotely, and in particular, to allow you debug web pages on a mobile device such as a phone.
If you aren't familiar with FireBug or Web Inspector, weinre isn't going to make too much sense to you. weinre reuses the user interface code from the Web Inspector project at WebKit, so if you've used Safari's Web Inspector or Chrome's Developer Tools, weinre will be very familiar. If you're not familiar with Web Inspector, the links above to Google's and Apple's documentation will be useful.