Cordova ajax call kCFErrorDomainCFNetwork error 311 - ajax

Anyone encountered this error? kCFErrorDomainCFNetwork error 311?
I wrote a simple cordova application running in iPad (iOS 9 up). This applications calls an HTTPS api but throws this error kCFErrorDomainCFNetwork error 311.
Pleas note that the HTTPS Server has a valid CA Issued SSL Certificate.
I googled a lot on this error but without any luck and only managed to found this cfStreamErrorHTTPSProxyFailureUnexpectedResponseToCONNECTMethod that has an int value of 311 and it says that
The HTTPS proxy returned an unexpected status code, such as a 3xx
redirect
Indeed the resource that i am invoking is returning a 302 which unfortunately i have no control of.
And to access the https server, i have to specifically connect to a wifi proxy where the IP address is whitelisted in the https server.
I hope someone from this great community could provide me some light on this error.
Thank you.

I also have received the same error. The problem is that you are accessing network through a proxy which needs to be authenticated before you send a request.
In your case, generally if you are accessing internet in the system browser, you might have proxy settings(along with authentication) in your browser or system preferences -> network -> Advanced -> Proxies.
In order to address the authentication issues while URL requests, Apple has given documentation in this regard - https://developer.apple.com/library/content/documentation/Cocoa/Conceptual/URLLoadingSystem/Articles/AuthenticationChallenges.html.
For a simple model implementation just refer to Simple example of NSURLSession with authentication

Related

Postman 503 Service Unavailable

I tried using postman to test my springboot project. When I sent the request, postman made a 503 error, but when I sent the request in the browser, it successfully got a response.
How to solve this problem?
I had the same issue I resolved it like this :
Postman settings
go to the top right of your postman window Settings > proxy > use the system proxy
for my case I added another proxy so I had to desable it when making a local api call. good luck !
503 Service Unavailable clearly states the server is overloaded, you may be running out of memory. Try again or try to restart the server. The post method will say bad request only. So you should try restarting the server if it is yours, or retry after sometime if it is a 3rd party service.
And also can you check and make sure your postman proxy is turned off. Even that causes problems like these sometimes. Check that in proxy tab.

Browser not responding to www-authenticate challenge for bookmarked ssl (https url) to restricted resource

I have set up SSO using weblogic on windows and Kerberos, It is working fine for the http pages, however I observed a strange behavior on https pages which requires CONFIDENTIAL setting for the transport, It works fine if I first access a page on http which is not configured as secured in web.xml(Transport-Gurantee as None) and then the https page.
But If I try to hit the https url directly which is configured with Transport-Gurantee as CONFIDENTIAL then it shows the Basic Auth Dialog and a 401 Unauthorized response, Looking at the logs I see that the Server responded with the WWW-Authenticate but browser showed the Basic Auth Dialog in response instead of getting the Authorize token.
Does anyone has any idea on what might be issue here, If there is any problem with the browser settings then it would not have worked irrespective of accessing the http url first.
I can see the following error log in weblogic console
Malformed request "Can not parse URI from http request". Request parsing failed, Code: -1
Found one of the link here
SPNEGO on IBM WebSphere Portal 6.1 with https
For my case it is weblogic 12c , I don't think reinstalling 12c is a valid solution for it
Ok I got it fixed , It turns out to be an issue with the browser configuration , the https://myserver.domain.com was not inside the intranet domain and the control to do that rests with the windows Admin team, once they added it , the https urls are also working fine.

How do I capture https requests with Postman native app using Windows 10?

I am using the Postman native app on Windows 10 and am struggling with trying to capture https requests. Postman's Documentation for this is for Mac and not Windows.
In particular, I am working on a web application that creates a session cookie upon login that needs to be included in most requests in order to be authorized. When I was using the Chrome App, Postman Interceptor achieved this (see https://stackoverflow.com/a/32436131/3816779).
Here's what I've tried so far:
Turn on the Proxy in Postman with port 5555.
Configured windows to send http and https requests through Postman's proxy server (127.0.0.1:5555).
This allows http requests to be captured in Postman
But when trying to connect to https sites, I get an error
Here are my Postman settings if that helps.
Update I ended up switching back to the Chrome App, which uses the "Interceptor" instead of a "Proxy Server" to capture traffic.
Unfortunately, capture https requests with postman native app is impossible in some case according to the official doc: Capturing HTTP requests
Note: for the Postman native apps, request captures over HTTPS will not work if the website has HSTS enabled. Most websites have this check in place.
Postman's proxy now supports HTTPS traffic - https://blog.postman.com/postmans-proxy-now-fully-supports-https-endpoints/
Once you install a CA certificate that Postman generates for your installation, capturing HTTPS requests should be seamless.
Disclaimer: I work at Postman
With Google Chrome i don't know how to fix the issue. But you can use to open the web page for example IE..
EDIT:
Or MAYBE you can start Google Chrome with parameter --ignore-certificate-errors to ignore the error message.
Postman Interceptor is available for Postman native apps which supports both features:
1. Capturing requests
2. Syncing cookies
Learn more here.
Just check HTTPS in setting and will work for you

Stripe's JS not working with browser's Manual proxy configuration

I am trying to integrate stripe with my site. To detect security risks, I use Burp Suite. For that I have to modify my proxy settings.
I have set below proxy configurations in my Browser (Google Chrome)
HTTP proxy: 127.0.0.1
Port: 8000
Now when I fill the stripe form and try to purchase, I get below error
An unexpected error has occurred submitting your credit card to our secure
credit card processor. This may be due to network connectivity issues, tt
so you should try again (you won't be charged twice).
If this problem persists, please let us know!
This error is thrown by
https://js.stripe.com/v2/
Why do I get this error? I can't even open that URL in my browser. By the way I am able to open other sites like Google.
You have an HTTP proxy, but you're trying to access an HTTPS site.

How do I bypass the 'ports, protocols and domains must match' CORS issue whilst in development?

I have a local site running ASP.Net MVC 3 over HTTP and HTTPS through IIS Express.
The HTTP url is http://localhost:4000 and the HTTPS is https://localhost:44301.
I'm trying to hook up the Stripe payments API but it really does not like the port, protocol and domain mismatch. I've tried using CORS to tell it to trust stripe.com but it seems that it is due to the port mismatch and I cannot figure out how to tell it to ignore that.
Adding the following header does not product any difference.
Access-Control-Allow-Origin:*
When accessing my payment page via HTTP, I get the following:
Blocked a frame with origin "https://checkout.stripe.com" from
accessing a frame with origin "http://localhost:4000". The frame
requesting access has a protocol of "https", the frame being accessed
has a protocol of "http". Protocols must match.
It gets worse when using SSL as my local SSL port is not 443.
How do I tell CORS to ignore the port mismatch whilst in development?
You can disable same origin policy while in development. Load chrome with the following argument:
--disable-web-security
https://stackoverflow.com/a/6083677/287760
Didn't the error message tell you the problem? Use HTTPs.
I still get this message my live site:
Uncaught SecurityError: Blocked a frame with origin "https://checkout.stripe.com" from accessing a frame with origin "https://getaddress.io". Protocols, domains, and ports must match.
..everything still works so I wouldn't worry about it. There's not much you can do about the domains being different.

Resources