What's wrong with my Shibboleth PathRegex config? - shibboleth

I'm using Shibboleth SP 3.2.3 on Windows Server 2019 with IIS. It has been in production for quite a long time and working fine. I noticed at some point that it was protecting a path that shouldn't be protected so I added a rule for it like so:
<Host name="xx.xxxxx.com" authType="shibboleth" requireSession="true">
<Path name="api" authType="shibboleth" requireSession="false"/>
<Path name="images" authType="shibboleth" requireSession="false"/>
<Path name="Framework/EmailSimple.aspx" authType="shibboleth" requireSession="false"/>
<Path name="Framework/Help.aspx" authType="shibboleth" requireSession="false"/>
</Host>
It's the "EmailSimple.aspx" that I wanted to unprotect. But it turns out that there are several pages that all begin "Email" that also shouldn't be protected, so I decided to try to use PathRegex to cover them all like so:
<Host name="xx.xxxxx.com" authType="shibboleth" requireSession="true">
<Path name="api" authType="shibboleth" requireSession="false"/>
<Path name="images" authType="shibboleth" requireSession="false"/>
<Path name="Framework/EmailSimple.aspx" authType="shibboleth" requireSession="false"/>
<PathRegex regex="framework/email.*.aspx" authType="shibboleth" requireSession="false" />
<Path name="Framework/Help.aspx" authType="shibboleth" requireSession="false"/>
</Host>
I've tried every variation of this I can imagine, but I haven't gotten anything to work. Any ideas of what I might be doing wrong or how to go about debugging it?

Related

Outlook add-in ribbon icon doesn't show up only on Outlook app for Windows

I'm developing an add-in for Outlook to be used on the Appointments tabs. My issue is that the ribbon icon that initializes the add-in doesn't display the proper icon (ends up falling back to the default blue hexagon from Microsoft) but only on Windows Outlook apps.
The icon shows up properly on Outlook for Mac and on the Outlook web clients.
Tried already resizing the icons to 64x64 and 128x128 (high res), removing and reinstalling the add-in, and validating through the manifest validator. All seems fine but the issue persists.
These are parts of the manifest (URL's replaced with localhost) that I judge relevant to the issue (Please feel free to ask for other sections if I missed anything.
<IconUrl DefaultValue="https://localhost:8080/assets/icon-dark-64.png" />
<HighResolutionIconUrl DefaultValue="https://localhost:8080/assets/icon-dark-128.png" />
<DesktopFormFactor>
<FunctionFile resid="functionFile" />
<ExtensionPoint xsi:type="AppointmentOrganizerCommandSurface">
<OfficeTab id="TabDefault">
<Group id="meetingGroup">
<Label resid="groupLabel" />
<Control xsi:type="Button" id="meetingOpenPaneButton">
<Label resid="paneMeetingButtonLabel" />
<Supertip>
<Title resid="paneMeetingSuperTipTitle" />
<Description resid="paneMeetingSuperTipDescription" />
</Supertip>
<Icon>
<bt:Image size="16" resid="icon16" />
<bt:Image size="32" resid="icon32" />
<bt:Image size="64" resid="icon64" />
<bt:Image size="80" resid="icon80" />
</Icon>
<Action xsi:type="ShowTaskpane">
<SourceLocation resid="messageMeetingTaskPaneUrl" />
</Action>
</Control>
</Group>
</OfficeTab>
</ExtensionPoint>
</DesktopFormFactor>
<Resources>
<bt:Images>
<bt:Image id="icon16" DefaultValue="https://localhost:8080/assets/icon-dark-16.png" />
<bt:Image id="icon32" DefaultValue="https://localhost:8080/assets/icon-dark-32.png" />
<bt:Image id="icon64" DefaultValue="https://localhost:8080/assets/icon-dark-64.png" />
<bt:Image id="icon80" DefaultValue="https://localhost:8080/assets/icon-dark-80.png" />
</bt:Images>
... <!-- Other resources -->
</Resources>
All image URIs, such as those used for add-in commands, must support caching. The server hosting the image should not return a Cache-Control header specifying no-cache, no-store, or similar options in the HTTP response. Find more details here.

Phonegap access user location Info.plist

I have an app that uses the user's location to find landmarks they are near. After submitting my Phonegap app to the iOS store, it is getting rejected for the following reason:
"We noticed that your app requests the user’s consent to access their location but does not clarify the use of the location in the applicable purpose string. Please revise the relevant purpose string in your app’s Info.plist file to specify why the app is requesting access to the user's location. You can modify your app's Info.plist file using the property list editor in Xcode."
I thought I had addressed this issue by adding the following to my config.xml file:
<edit-config target="NSLocationWhenInUseUsageDescription" file="*-Info.plist" mode="merge">
<string>The user's location is used to find the distance they are from certain landmarks.</string>
</edit-config>
config.xml:
<?xml version='1.0' encoding='utf-8'?>
<widget id="com.phonegap.myapp" version="1.0.10" xmlns="http://www.w3.org/ns/widgets" xmlns:gap="http://phonegap.com/ns/1.0">
<name>MyApp</name>
<preference name="android-targetSdkVersion" value="26"/>
<description>
A blank PhoneGap app.
</description>
<plugin name="cordova-plugin-whitelist" source="npm" spec="~1.2.1" />
<plugin name="cordova-plugin-geolocation" spec="2.4.3" />
<plugin name="cordova-plugin-x-socialsharing" spec="5.4.0" />
<edit-config target="NSLocationWhenInUseUsageDescription" file="*-Info.plist" mode="merge">
<string>The user's location is used to find the distance they are from landmarks.</string>
</edit-config>
<icon src="images/icon.png" />
<icon height="40" platform="ios" src="images/icon40.png" width="40" />
<icon height="76" platform="ios" src="images/icon76.png" width="76" />
<icon height="120" platform="ios" src="images/icon120.png" width="120" />
<icon height="152" platform="ios" src="images/icon152.png" width="152" />
<icon height="1024" platform="ios" src="images/icon1024.png" width="1024" />
<author email="support#phonegap.com" href="http://phonegap.com">
PhoneGap Team
</author>
<content src="index.html" />
<access origin="*" />
</widget>
However, it is still getting rejected for this reason. How could I modify the config.xml or anything else to not get rejected for this reason on the iOS store?
I removed this part:
<edit-config target="NSLocationWhenInUseUsageDescription" file="*-Info.plist" mode="merge">
<string>The user's location is used to find the distance they are from certain landmarks.</string>
</edit-config>
and added this part:
<plugin name="cordova-custom-config" version="*"/>
<config-file overwrite="true" parent="NSLocationAlwaysUsageDescription" platform="ios" target="*-Info.plist"> <string>Your location is used to find how far you are from landmarks.</string> </config-file>
<config-file overwrite="true" parent="NSLocationWhenInUseUsageDescription" platform="ios" target="*-Info.plist"> <string>Your location is used to find how far you are from landmarks.</string> </config-file>
Now it's working as expected.

Websocket trouble with windows application build with cordova

I have a major trouble with my application.
I have an application angular 2. I packaged this app with Cordova. And then with visual studio, I have built a windows application.
In my app I use WebSocket, my app uses WebSockets to send a message to a local server WS. This server is running in local through a windows service.
My problem is that I can't connect my app with the WS server. In the on error event, I don't have anything.
If I build my app on my computer and install it in this same computer it works, but if I install this app in another computer or tablet it doesn't work.
All devices are on windows 10.
Here are my config.xml from my cordova project
<?xml version="1.0" encoding="utf-8"?>
<widget defaultlocale="fr-FR" id="toto" version="1.0.0" windows-packageVersion="1.0.0.1" xmlns="http://www.w3.org/ns/widgets" xmlns:cdv="http://cordova.apache.org/ns/1.0" xmlns:vs="http://schemas.microsoft.com/appx/2014/htmlapps">
<content src="index.html" />
<access origin="*" />
<vs:features />
<preference name="SplashScreen" value="screen" />
<preference name="windows-target-version" value="10.0" />
<preference name="windows-phone-target-version" value="10.0" />
<preference name="WindowsDefaultUriPrefix" value="ms-appx://" />
<plugin name="cordova-plugin-whitelist" version="1" />
<allow-intent href="http://*/*" />
<allow-intent href="https://*/*" />
<allow-intent href="tel:*" />
<allow-intent href="sms:*" />
<allow-intent href="mailto:*" />
<allow-intent href="geo:*" />
<platform name="wp8">
<splash height="1280" src="res/screens/wp8/SplashScreenImage.png" width="768" />
</platform>
<plugin name="cordova-windows-capability-localnetwork" src="https://github.com/dilhan2013/cordova-windows-capability-localnetwork.git" version="0.1.0" />
<vs:platformSpecificValues>
<vs:platformSpecificWidget platformName="windows">
</vs:platformSpecificWidget>
</vs:platformSpecificValues>
<preference name="DisallowOverscroll" value="true" />
<preference name="KeyboardDisplayRequiresUserAction" value="false" />
<plugin name="cordova-plugin-console" version="1.0.7" />
</widget>
Thank you for your help.
Sorry in advance for my English
The problem in this particular situation comes from the fact that the app is trying to reach the Web Socket running on localhost.
Like it is mentioned as an answer to this post : Cannot connect to localhost in windows store application, developed windows store app can be isolated from loopback for security reasons.
The solution consists first in finding the installed app PackageFamilyName (this can also be done with the SID from regedit, like in the post mentioned above). For this, run this Power Shell command:
Get-AppxPackage | ? { $_.Name -like 'APP_NAME' }
APP_NAME can be part of the name you know your app has.
Once the description of the package is displayed, add the app to the NetIsolation exemption list by entering the PackageFamilyName in the following Power Shell command:
CheckNetIsolation LoopbackExempt -a -n="PackageFamilyName"
The app should now be part of the exemption list displayed with:
CheckNetIsolation LoopbackExempt -s
And it should be allowed to access the localhost.
Check your WS server, does it accept incoming requests from hosts other than localhost?

Umbraco Image Processor not cropping images

Having same issue as many others in regards to Umbraco ImageProcessor not cropper. I am currently using Version 7.4 but 7.3 also does not crop image at all.
I am using Azure Blob storage, with CDN have followed configuration setup to the a tee.
Full image is getting uploaded into Azure Storage via Umbraco Back Office but have tried various formatted URL requests to pull and crop image but none have worked whether JPG or PNG file. No cropping occurs at all, always full image is returned.
Using fiddler, I can see that the request is going to Azure Blob to retrieve image, but no matter the crop size, always returns full image size.
http://localhost:10876/media/1022/grower.jpg?center=0.70666666666666667,0.505&mode=crop&width=100&height=50&rnd=130950810990000000
Packages Config ...
<package id="ImageProcessor" version="2.3.1.0" targetFramework="net452" />
<package id="ImageProcessor.Web" version="4.4.1.0" targetFramework="net452" />
<package id="ImageProcessor.Web.Config" version="2.2.4.0" targetFramework="net452" />
<package id="ImageProcessor.Web.Plugins.AzureBlobCache" version="1.0.5.0" targetFramework="net452" />
<package id="UmbracoFileSystemProviders.Azure" version="0.5.0-beta" targetFramework="net452" />
Web Config ...
<modules runAllManagedModulesForAllRequests="true">
<remove name="WebDAVModule" />
<remove name="UrlRewriteModule" />
<add name="UrlRewriteModule" type="UrlRewritingNet.Web.UrlRewriteModule, UrlRewritingNet.UrlRewriter" />
<remove name="UmbracoModule" />
<add name="UmbracoModule" type="Umbraco.Web.UmbracoModule,umbraco" />
<remove name="ImageProcessorModule" />
<add name="ImageProcessorModule" type="ImageProcessor.Web.HttpModules.ImageProcessingModule, ImageProcessor.Web" />
<remove name="ScriptModule" />
<add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<remove name="ClientDependencyModule" />
<add name="ClientDependencyModule" type="ClientDependency.Core.Module.ClientDependencyModule, ClientDependency.Core" />
<!-- Needed for login/membership to work on homepage (as per http://stackoverflow.com/questions/218057/httpcontext-current-session-is-null-when-routing-requests) -->
<remove name="FormsAuthentication" />
<add name="FormsAuthentication" type="System.Web.Security.FormsAuthenticationModule" />
</modules>
<httpModules>
<add name="UrlRewriteModule" type="UrlRewritingNet.Web.UrlRewriteModule, UrlRewritingNet.UrlRewriter" />
<add name="ScriptModule" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add name="UmbracoModule" type="Umbraco.Web.UmbracoModule,umbraco" />
<add name="ImageProcessorModule" type="ImageProcessor.Web.HttpModules.ImageProcessingModule, ImageProcessor.Web" />
<add name="ClientDependencyModule" type="ClientDependency.Core.Module.ClientDependencyModule, ClientDependency.Core" />
</httpModules>
The issue I was having was due to a miss-understanding on how to setup the CloudImageService within the security.config file. As mentioned I found when I stepped through the code, that although I had remote image service configured, it was not using it. The key was the prefix attribute within CloudImageService must be set to Media/ so that it aligns to the image URL path startswith .. http://localhost:1234/media/image.png...
Once I had that setup correctly I am now able to see changes when I request different width/height etc. That only took me a week to resolve.
I had a similar issue, however none of the solutions I read online worked, or my config was already set as suggested, and I manually checked all dll versions and all were fine.
What finally resolved the issue for me is I changed the .NET Version from 4.5.2 to 4.6 This essentially broke my build, and the project would not work, so I reverted back to 4.5.2, the project built and ran again, and the cropping now worked!
I suspect the .NET versions are immaterial, but the act of changing versions flushed out the error.

phonegap build is not working for me?

<widget xmlns="http://www.w3.org/ns/widgets" xmlns:gap="http://phonegap.com/ns/1.0" id="com.fornextit.southplus" version="1.0.0">
<name>South Plus</name>
<description>South Plus application that responds to the deviceready event.</description>
<author href="http://phonegap.com" email="support#phonegap.com">PhoneGap Team</author>
<content src="index.html"/>
<feature name="Notification">
<param name="android-package" value="org.apache.cordova.dialogs.Notification" />
</feature>
<feature name="Vibration">
<param name="android-package" value="org.apache.cordova.vibration.Vibration" />
</feature>
<preference name="phonegap-version" value="cli-5.2.0" />
<preference name="permissions" value="none"/>
<preference name="orientation" value="default"/>
<preference name="target-device" value="universal"/>
<preference name="fullscreen" value="true"/>
<preference name="webviewbounce" value="true"/>
<preference name="prerendered-icon" value="true"/>
<preference name="stay-in-webview" value="false"/>
<preference name="ios-statusbarstyle" value="black-opaque"/>
<preference name="detect-data-types" value="true"/>
<preference name="exit-on-suspend" value="false"/>
<preference name="show-splash-screen-spinner" value="true"/>
<preference name="auto-hide-splash-screen" value="true"/>
<preference name="disable-cursor" value="false"/>
<preference name="android-minSdkVersion" value="7"/>
<preference name="android-installLocation" value="auto"/>
<gap:plugin name="org.apache.cordova.battery-status"/>
<gap:plugin name="org.apache.cordova.camera"/>
<gap:plugin name="org.apache.cordova.media-capture"/>
<gap:plugin name="org.apache.cordova.console"/>
<gap:plugin name="org.apache.cordova.contacts"/>
<gap:plugin name="org.apache.cordova.device"/>
<gap:plugin name="org.apache.cordova.device-motion"/>
<gap:plugin name="org.apache.cordova.device-orientation"/>
<gap:plugin name="org.apache.cordova.dialogs"/>
<gap:plugin name="org.apache.cordova.file"/>
<gap:plugin name="org.apache.cordova.file-transfer"/>
<gap:plugin name="org.apache.cordova.geolocation"/>
<gap:plugin name="org.apache.cordova.globalization"/>
<gap:plugin name="org.apache.cordova.inappbrowser"/>
<gap:plugin name="org.apache.cordova.media"/>
<gap:plugin name="org.apache.cordova.network-information"/>
<gap:plugin name="org.apache.cordova.splashscreen"/>
<gap:plugin name="org.apache.cordova.vibration"/>
<plugin name="Notification" value="org.apache.cordova.Notification"/>
<icon src="icon.png"/>
<icon src="www/res/icon/android/icon-36-ldpi.png" gap:platform="android" gap:qualifier="ldpi"/>
<icon src="www/res/icon/android/icon-48-mdpi.png" gap:platform="android" gap:qualifier="mdpi"/>
<icon src="www/res/icon/android/icon-72-hdpi.png" gap:platform="android" gap:qualifier="hdpi"/>
<icon src="www/res/icon/android/icon-96-xhdpi.png" gap:platform="android" gap:qualifier="xhdpi"/>
<icon src="www/res/icon/blackberry/icon-80.png" gap:platform="blackberry"/>
<icon src="www/res/icon/blackberry/icon-80.png" gap:platform="blackberry" gap:state="hover"/>
<icon src="www/res/icon/ios/icon-57.png" gap:platform="ios" width="57" height="57"/>
<icon src="www/res/icon/ios/icon-72.png" gap:platform="ios" width="72" height="72"/>
<icon src="www/res/icon/ios/icon-57-2x.png" gap:platform="ios" width="114" height="114"/>
<icon src="www/res/icon/ios/icon-72-2x.png" gap:platform="ios" width="144" height="144"/>
<icon src="www/res/icon/webos/icon-64.png" gap:platform="webos"/>
<icon src="www/res/icon/windows-phone/icon-48.png" gap:platform="winphone"/>
<icon src="www/res/icon/windows-phone/icon-173-tile.png" gap:platform="winphone" gap:role="background"/>
<gap:splash src="www/res/screen/android/screen-ldpi-portrait.png" gap:platform="android" gap:qualifier="port-ldpi"/>
<gap:splash src="www/res/screen/android/screen-mdpi-portrait.png" gap:platform="android" gap:qualifier="port-mdpi"/>
<gap:splash src="www/res/screen/android/screen-hdpi-portrait.png" gap:platform="android" gap:qualifier="port-hdpi"/>
<gap:splash src="www/res/screen/android/screen-xhdpi-portrait.png" gap:platform="android" gap:qualifier="port-xhdpi"/>
<gap:splash src="www/res/screen/blackberry/screen-225.png" gap:platform="blackberry"/>
<gap:splash src="www/res/screen/ios/screen-iphone-portrait.png" gap:platform="ios" width="320" height="480"/>
<gap:splash src="www/res/screen/ios/screen-iphone-portrait-2x.png" gap:platform="ios" width="640" height="960"/>
<gap:splash src="www/res/screen/ios/screen-iphone-portrait-568h-2x.png" gap:platform="ios" width="640" height="1136"/>
<gap:splash src="www/res/screen/ios/screen-ipad-portrait.png" gap:platform="ios" width="768" height="1024"/>
<gap:splash src="www/res/screen/ios/screen-ipad-landscape.png" gap:platform="ios" width="1024" height="768"/>
<gap:splash src="www/res/screen/windows-phone/screen-portrait.jpg" gap:platform="winphone"/>
<access origin="*"/>
<access origin="127.0.0.1*"/>
<plugin name="cordova-plugin-whitelist" version="1"/>
<allow-intent href="http://*/*"/>
<allow-intent href="https://*/*"/>
<allow-intent href="tel:*"/>
<allow-intent href="sms:*"/>
<allow-intent href="mailto:*"/>
<allow-intent href="geo:*"/>
<platform name="android">
<allow-intent href="market:*"/>
</platform>
<platform name="ios">
<allow-intent href="itms:*"/>
<allow-intent href="itms-apps:*"/>
</platform>
</widget>
this is my config.xml
phonegap build isnt accepting simplest of simple single index file. it worked before. dont know what change they bought over. now its not working. please somebody suggest.
i am getting this error: Error - Some official plugins have to be updated if using PhoneGap >= 4.0.0. Please upgrade the version of any plugins that may include the following file: FileTransfer.java - You can fix this here
#amar,
last weekend an unannounced change was made to Phonegap Build, if you do not set the version of your compiler, you now get cli-5.2.0. This has broken many, many programs. Input your error string in the search, and you will see it.
Here is what you need to know:
From the Phonegap Build Forum, Petra Adds:
I would add: without announcement, PGB changed the default PGB-version from 3.7.0 to cli-5.2.0. This causes all those who have not set 'phonegap-version' in config.xml to be confronted with the sudden need of splashscreen and whitelist plugins and additional whitelisting specifications in config and html.
Also, several plugins seem not to build correctly with cli-5.2.0, causing log file error messages about "Class ***.java".
FWIW: Phonegap Build admitted to as much in this tweet
QUICK FIX Add this to your config.xml
<preference name="phonegap-version" value="3.7.0" />
From Top Mistakes by Developers new to Cordova/Phonegap you have hit:
#6 Not setting the "phonegap version" for your compiler
#7 Not setting "version" for you plugins
#10 Not adding the new "white-list" and "white-list plugin" parameters in config.xml.
For #6 & #7
With the CLI version, if you do not assign a version for your platform OR in ''Phonegap Build'' if you do not set the phonegap-version in config.xml, YOU WILL GET THE LATEST VERSION. If you are lucky, your program just works as expected. If you are not lucky, you'll get a set of cascading errors.
Luckily for all of us, Holly Schinsky has written a nice blog post to explain it all:
Cordova/PhoneGap Version Confusion
http://devgirl.org/2014/11/07/cordovaphonegap-version-confusion/
For #10
This relatively * NEW * requirement means – to access ANY website or resources on the web, you MUST use the whitelist and the whitelist plugin. This requirement goes into affect, if you are using cordova-android#4.0.0 or better; including cli-5.1.1. If however, your version is before 4.0.0, let's say 3.5.0 or 3.7.0, then you will not have to add the white-list requirement.
To be clear, the "whitelist" has been around for a bit, but the plugin and requirement is very new. As you would expect, when the "whitelist" was added, the defacto open-access feature was deprecated. Or said another way, the defacto open-access feature was planned and scheduled to be eliminated. This change marks a step in removal of the open-access feature.
In addition, the Content Security Policy (CSP) has caught numerous developers - because it was soooo poorly publicized. Depending on your use and the version of Phonegap you are using, the CSP needs to go in every single HTML page you used, just like you have to wait for 'deviceready'. However, there are cases where it is not needed at all. The documentation is confusing for some, please read it carefully. The documentation is buried in the bottom of many of the latest documentation pages.
Related Links
Phonegap Build Forum: Notes for upgrading to cli-5.1.1 on PGB and now required Whitelist
Cordova Whitelist Guide
Phonegap Whitelist Guide
Phonegap Build Whitelist Guide

Resources