I'm trying to check if a symbol server is valid. According to this answer the server should serve /pingme.txt (this is also backed by the official docs here). However, the MS symbol server does not seem to adhere to this behavior (anymore?). The following query
curl -L -v http://msdl.microsoft.com/download/symbols/pingme.txt
gives me a 404. Some older, internal symbol servers we have in our company do actually have the /pingme.txt, also symbol servers backed by the local file-system seem to have it.
I've intercepted http requests done by Visual Studio and noticed they are sending User-Agent: Microsoft-Symbol-Server/10.1710.0.0. It doesn't seem to help. Note that accessing PDBs works as expected.
I'm looking for yes/no if the given URL is a symbol server.
Related
Research On Firefox Extensions Connections
I have read the FAQ's on Firefox Extensions (https://addons.mozilla.org/en-us/faq) and have looked at their community forums for information but wasn't able to find anything on how extensions actually connect and collect your data.
The closest I found was the Mozilla Wiki page on data collection (https://wiki.mozilla.org/Firefox/Data_Collection) but it only gives you the basic opt in/out data collection levels.
What I'm trying to understand:
If I'm using a manually configured anonymous proxy in Firefox, could the extension potentially send my actual IP address (not my proxy IP address) back to a third party?
Example: Translate Extension
For example, if I were to use the Google Translate for Firefox, would Google be able to see my original IP?
What I was thinking
Since the proxy is the only way for the browser to connect to the internet, the extension would have to use the proxy IP address to connect and thus, would only be able to see the proxy IP address. However, I would love to be sure that there is no back door or way of the extension revealing my original IP.
Any insight is greatly appreciated. We are not doing anything unethical, we just have to maintain separate IP usage for various clients and do not want to risk mixing their information. Thanks again.
Firefox extensions are usually not limited in what they can do, only extensions based on the WebExtensions framework are sandboxed - currently the majority of Firefox extensions is still either classic XUL-based extensions or based on the Add-on SDK, these don't have inherent restrictions. So in theory an extension can do lots of things in order to deanonymize you, for example:
Use nsIDNSService in order to retrieve your local IP address (usually, this address isn't valid outside your local network however).
Change browser settings, in particular disable your configured proxy server.
Use external command line tools in order to read out system information or send a request bypassing the browser.
Read files on your hard drive in order to find your name.
Note that Chrome also offers an API to modify browser's proxy settings extensions, and a similar API is planned for WebExtensions. So even sandboxing doesn't always protect against deanonymization, and you need to trust the extensions you are installing.
However, the extensions hosted on Addons.Mozilla.Org are usually reviewed by Mozilla (the ones that aren't reviewed yet have a yellow install button and a warning). One aspect that the reviewers look into is: does this add-on do what it claims to do or are there unexpected side-effects? Any unexpected functionality has to be strictly opt-in, with full explanation about the implications. This was introduced in 2009 as the No Surprises policy and works remarkably well. Chrome Web Store doesn't have any comparable policy.
Is there a way to convert a HTTP symbol server to HTTPS? I mean, how do I implement my existing symbols server (HTTP) to run on HTTPS instead.
Can debugger support HTTPS?
Also,
Is there some way I could implement authentication to open the link?
The IT demands as such, although I do not see any reason for it, since we are already over a VPN and the server will remain on intranet.
The symbol server can be accessed via https there is no problem doing this: https://msdn.microsoft.com/en-us/library/windows/hardware/ff537994%28v=vs.85%29.aspx
Also if authentication is required it can be controlled via a pop-up dialog: https://msdn.microsoft.com/en-us/library/windows/hardware/ff545465(v=vs.85).aspx
If necessary (it shouldn't be as the default is to allow user interaction for authentication) set the option: using !sym prompts or .symopt -0x80000.
If you want to provide symbol store access over the internet then there is a MSDN page on configuring IIS to allow access: https://msdn.microsoft.com/en-us/library/windows/hardware/ff549781(v=vs.85).aspx
I'm currently running MAMP Pro (osX 10.9.4) with several different virtual servers on my local machine, one for each of my client's projects. I've been trying to connect to the Google API use OAuth and have everything working just fine when 'REDIRECT URIS' is set to:
http://localhost:8888
However, as mentioned I've got several of these servers running,
e.g. 'https://clientname1:8890' or 'https://clientname2:8890'
Whenever I enter those into the API console I just get a 'Whoops' message telling me something has gone wrong Google's end:
"Server Error: Whoops! Our bad."
It seems as though only 'localhost' is allowed via the API for local testing, is there anyway I can set it up so I can test off any of my local servers?
I had to add my localhost to the allowed referrers list to test locally. Without that inclusion, I get 403 Forbidden errors. You probably just need to add clientname1 and clientname2 or clientname1:8890 and clientname2:8890 to the allowed referrers list in the Google Developers Console. Mine's set under public api access, so maybe it's going to be another problem for you depending what API you're using and how you're using it. Hope it helps -
I'm currently trying to install web api project directly from vs 2013 to my local dev machine, but when I test one of my http get controllers, I get the following:
My url looks like this:
http://localhost:8081/api/Location/States?queryTerm=Ark
When I test this on my local, this url works and I get my json response.
pay no attention to the web config error in the background. If I enter anything invalid, I get an IIS error, so I know I'm hitting the right URL.
Side note: I'm using IE8 for testing.
I found out the solution, and it may be a config thing, but when I made this as an virtual application to a website, this went away, and it gave me a yellow sign of death (which is a good thing). I was able to deduce this to be an oracle issue, where it couldn't find the database connection, and then found out it couldn't resolve tns names.
So I guess Web API can not be hosted by itself on IIS? I haven't looked into it, but it seems this to be the case, unless there needs to be more tweaking involved.
i know too late for response. But i get same error when I try deploy Odata v4 Application in IIS server.
In server , i hit this error as above, i try everything config but nothing change.
At last, i try connect from client and it work.
I recognize that in Client , it download a json file from Server (in case use Odata , it seem like wsdl file in webservice) and API still work well.
For some reason, it cant download in server, but dont worry, it still work.
Hope this helps!
I am at my wits' end on this one.
FYI, I work in infrastructure, not .net development, so I know very little about WCF and next to nothing about Visual Studio as an environment, but I don't think that's where the problem lies.
We have a WCF service running on a couple of IIS 7.5 servers on our internal network. This is exposed to the outside world via reverse proxy on Apache 2.2.15 on Fedora 11. The reverse proxy handles load balancing between the IIS servers, as well as SSL.
The WCF service is configured to use transport level security, and the IIS servers have self-signed SSL certificates. The reverse proxy does not authenticate the IIS servers, and the only reason we have SSL on the IIS servers in the first place is so the WSDL will present the correct location URL.
We thought we had it working perfectly, but there's one annoying and crucial exception: the WSDL can't be added as a service reference in Visual Studio on machines running Windows Vista or later. On an XP machine, it's fine, but anything later throws the following error:
There was an error downloading
'[URL]'. The operation has timed out
Metadata contains a reference that
cannot be resolved: '[URL]'. An error
occurred while making the HTTP request
to [URL]. This could be due to the
fact that the server certificate is
not configured properly with HTTP.SYS
in the HTTPS case. This could also be
caused by a mismatch of the security
binding between the client and the
server. The underlying connection was
closed: An unexpected error occurred
on a send. Received an unexpected EOF
or 0 bytes from the transport stream.
If the service is defined in the
current solution, try building the
solution and adding the service
reference again.
The WSDL is accessible through a browser, or through regular SOAP, on any machine and without any SSL complaints. It's just Visual Studio that has an issue.
Initial Googling revealed that it might be a problem with the cipher suite that VS used, suggesting that VS on Vista or later would by default attempt to use TLS1.0 in HTTPS connections, and if an intermediary device didn't support that protocol, it would just drop the request. This is definitely not the case, though. The reverse proxy explicitly prefers TLS1.0, and even when viewing the WSDL through a browser, it flags up as using TLS1.0 for the connection.
Having pointed the proxy at other functioning WCF services on different IIS servers, the same error occurs, leading me to assume it revolves around the reverse proxy configuration. The trouble is that it seems to be identically configured to another reverse proxy carrying out the same task elsewhere.
It's presumably some transport level issue around how VS establishes HTTPS connections on different operating systems, but I simply don't know enough about it to hazard a guess about what that might be. Anyone have any suggestions?
Well, that was embarrassing.
I'm sure there's some unwritten cosmic law that results in me finding the incredibly simple solution to a problem I've been grinding away at for days about ten minutes after posting it up on StackOverflow.
The ServerName directive in the virtual host config didn't match the URL. It did match the certificate (which has a Subject Alternative Name, so it didn't throw up any SSL warnings), but that wasn't the name I was accessing it with.
I'm assuming there's some extension of TLS1.0 that VS uses which enforces this, which isn't used by browsers or SOAP clients. This is probably useful information for anyone else trying this with a certificate that has Subject Alternative Names. It wouldn't have come up otherwise.