getting Error loading h2 console localhost:8080/h2-console showing following text
Welcome to H2
No Javascript
If you are not automatically redirected to the login page, then Javascript is currently disabled or your browser does not support Javascript. For this application to work, Javascript is essential. Please enable Javascript now, or use another web browser that supports it.
using spring boot with embedded database h2, I have added parameters
http.csrf().disable();
http.headers().frameOptions().disable();
solved it by removing following line
.headers().contentSecurityPolicy("default-src 'self';").
Related
I have hosted my Lumen(version : 5.7.8), in my apache server. The site has been accessed using https. So in App\Providers\AppServiceProvider I have added
public function boot()
{
\URL::forceScheme('https');
}
When I run swagger,which I have installed using DarkaOnline, it is showing blank page and got the following error in the console.
Uncaught ReferenceError: SwaggerUIBundle is not defined
And all swagger ui css and js files still shows its path loading from http, which ends up in following error in console.
Blocked loading mixed active content
Should I need to enable or do something more to load everything in https ?
I am using swagger 1.0.0 , OAS3
I have configured PhpStorm to debug HTTP GET - but only when I load a page directly.
When I want to debug AJAX, I take the URL which my JS would request and create a PhpStorm configuration to debug it.
Not particularly elegant, is it?
And, of course, I can't do that for POST requests (or can I?).
Ideally, I would like to load my AngularJs app in the browser (Chrome) and be able to breakpoint and debug the backend in PhpStorm.
I googled a lot, and found much that came close, but I can't find the answer :-(
Who can help?
[Update] a few years later, and I am using the excellent and free Postman to test both GET and POST.
If Xdebug and PHPStorm are configured to debug HTTP GET when loading a page normally, then simply include the GET parameter in the URL of the AJAX request in your Javascript. For example: http://example.com/script.php?XDEBUG_SESSION_START=PHPSTORM
Turn on Debug listening in PHPStorm, send the AJAX request with the new URL, and the debugger should catch it. The POST data you are looking for should appear in $_POST as usual.
I am using kind of hacking method to debug AJAX requests. My project is Laravel. You can change this code as compatible with your technology.
Basic idea is:
Grab home page debug port
Create a session
Using this session concatenate the AJAX url
When you start debugging, the port will be applied for all ajax urls which having + debug_url.
HomeController#index method
// Development purpose only
if ($request->has('XDEBUG_SESSION_START')) $request->session()->put('debug_port' , $request->get('XDEBUG_SESSION_START'));
master.blade.php
<script>
var debug_url='?XDEBUG_SESSION_START={{session('debug_port')}}';
</script>
submit.blade.php
<script>
$.ajax(url + debug_url, {
method:'post',
data:{}
});
</script>
I am getting the below JavaScript error when I'm trying to access the application.
Uncaught SyntaxError: Unexpected token < in jsf.js.faces?ln=javax.faces
The browser is loading, but page is not displayed.
How is this caused and how can I solve it?
Uncaught SyntaxError: Unexpected token < in jsf.js.faces?ln=javax.faces
This will happen when the server returned a HTML document while the browser tried to download the mentioned JavaScript file (which is necessary for a.o. the functioning of <h:commandLink> and <f:ajax> in JSF 2.x).
You probably already know that HTML documents usually begin with a < and a JavaScript file absolutely not. Inspecting the HTTP traffic monitor and the actual HTML response should give clues as to what exactly it returned. Press F12 in Chrome/Firefox23+/IE9+ to see it. Perhaps it's a HTTP 4xx error? 401 unauthorized? Or 403 forbidden?
That can in turn happen if your (homegrown) security/login framework is badly configured. This problem is in turn not related to JSF itself. Basically, you need to fix/reconfigure it allow requests on /javax.faces.resource/*.
See also:
JSF page style missing when using login filter
Exclude css & image resources in web.xml Security Constraint
HTTP Status 403 - Access to the requested resource has been denied (CSS blocked?)
The main problem about Access-Control-Allow-Origin I think. But when I configure the Web API project as defined in the given documentation, it still not working in chrome and firefox but working in IE well (it is about IE thinks localhost is not cross domain, AFAIK). I tried different ways to make it work but no result.
I put the example project to github repository. Project is very simple. There are two applications working on cross domains. It is very simple chat application like in signalr examples.
You must change the value of api host in client javascript file:
https://github.com/yusufuzun/WebApiSignalR/blob/master/ChatApp/Scripts/app/chat.js#L2
When you open the Chat page in mvc project, there will be two requests to api application
1- Regular ajax request (which is working fine)
2- Signalr negotiate request (cancelled)
And also I don't think browser disables the CORS because of if it disables there would not be an hit to server. So I think it is about browser but not about browser disables (something else).
Details are in repository
Readme: https://github.com/yusufuzun/WebApiSignalR/blob/master/README.md
Fiddler Results: https://github.com/yusufuzun/WebApiSignalR/blob/master/FiddlerResults
The bad part about it also is server returning 500 with this error:
System.InvalidOperationException: 'chat' Hub could not be resolved.
Which hub name is chat also.
https://github.com/yusufuzun/WebApiSignalR/blob/master/ChatApi/Hubs/ChatHub.cs#L10
You can enable CORS for Web Api in project with different ways for test purposes. Each one is giving different errors all about XMLHttpRequest Access-Control-Allow-Origin.
I commented them, so you can uncomment and make test for each one:
https://github.com/yusufuzun/WebApiSignalR/blob/master/ChatApi/Global.asax.cs#L24
https://github.com/yusufuzun/WebApiSignalR/blob/master/ChatApi/App_Start/WebApiConfig.cs#L14
https://github.com/yusufuzun/WebApiSignalR/blob/master/ChatApi/App_Start/WebApiConfig.cs#L16
https://github.com/yusufuzun/WebApiSignalR/blob/master/ChatApi/Controllers/ChatController.cs#L17
So what is going on here?
After I talked with David Fowler in JabbR, he mentioned the thing about using CORS with SignalR. My signalr startup code was wrong. So after changing the startup code like in his advice it worked well.
He also mentioned SignalR and Web API are working with different CORS definitions. So enabling or disabling one doesn't affect other.
Here is the new startup code:
app.Map("/signalr", map =>
{
map.UseCors(CorsOptions.AllowAll);
map.RunSignalR(new HubConfiguration()
{
EnableDetailedErrors = true,
EnableJavaScriptProxies = true
});
});
The old one:
app.MapSignalR(new HubConfiguration()
{
EnableDetailedErrors = true,
EnableJavaScriptProxies = true
}).UseCors(CorsOptions.AllowAll);
Hope it helps to somebody out there.
I use JOSSO 1.8.6. I configure all in the Tomcat lib directory file related to JOSSO, and I'm also doing all configuration in web application[spring] WEB-INF file. I got the below URL.
http://localhost:8080/TestLogin/?josso_cmd=login_optional
&josso_back_to=http://localhost:8080/TestLoginDemo/josso_security_check
&josso_partnerapp_id=TestLoginDemo
But my question is:
My parent web application is --TestLogin means this application login page is main to display all the other web application [child web application].
I have 3 child application
TestLoginDemo
jossoLogin1
JossoLoginDemo
All are spring application.
I hit in browser mean URL is http://localhost:8080/TestLoginDemo
So the below URL I see
http://localhost:8080/TestLogin/?josso_cmd=login_optional
&josso_back_to=http://localhost:8080/TestLoginDemo/josso_security_check
&josso_partnerapp_id=TestLoginDemo
But after the successful login I find the TestLogin flow means not transfer to the TestLoginDemo.
So what is the way if I have to carry on flow for TestLoginDemo?
And; after success this URL:
http://localhost:8080/TestLogin/?josso_cmd=login_optional
&josso_back_to=http://localhost:8080/TestLoginDemo/josso_security_check
&josso_partnerapp_id=TestLoginDemo
login page I got below URL in success:
http://localhost:8080/TestLogin/login.htm
instead of the below correct URL:
http://localhost:8080/TestLoginDemo/login.htm
Could anybody guide me on how to achieve this?
Why josso_cmd=login_optional, did you set it up like this ? By default this is unecessary to specify the josso_cmd argument.
In order to get back to the original application, you have to use josso_partnerapp_ctx argument (don't forget to encode URL), this will be passed to the security check page that will lead you to this page if the security check is sucessfull
Usually, URL looks like this:
https://login.domain.com/josso/signon/login.do?josso_back_to=https://site.domain.com/Josso/Check&josso_partnerapp_host=site.domain.com&josso_partnerapp_ctx=https%3a%2f%2site.domain.com%2fhome.html