I am using apiary preview --server to watch a file while editing it and have a UI generated.
I would like to hit a local dev server in the "Try" section of the UI, but when I hit "Call Resource", a request is made to POST https://jsapi.apiary.io/apis/null/http-transactions/.
HOST is set to http://localhost:3050 and I'm expecting it to hit that endpoint.
How can I change this?
$ apiary version
0.5.2
Currently, all console calls are routed via apiary.io servers to work around CORS limitations.
If published, you can work around this limitation by exposing your local port using service such as ngrok.
There is a testing of a version of the console that would make calls to the API directly and would utilise browser plugin if needed to get around CORS limitations. You should be able to utilise them soon.
Related
Configuration Details
We have a SonarQube 6.7.2 (build 37468) on-premise installation running.
The instance is accessible from our office IP without HTTP Basic Auth, as well as from everywhere else with HTTP Basic Auth.
The "Force user authentication" option is off.
All projects are set to private - in case someone gets past the HTTP Basic Auth.
My user belongs to the sonar-administrators groups and has "Browse" and "See Source Code" permissions on all projects.
Using the web interface in the browser, I am able to see all projects including analysis results etc., as expected.
Problem
However, using the Web API, I receive "Insufficient Privileges" errors on several API calls.
My user has a valid token that I pass to cURL as described in the documentation. I even created a new token, to be sure I'm not using an invalid one.
Example
$ curl -X GET -u my_user_token: https://sonar.example.org/api/measures/search_history?component=the_project&metrics=lines_to_cover%2Cuncovered_lines%2Ccoverage&ps=1000
{"errors":[{"msg":"Insufficient privileges"}]}
Question
Is it not possible to retrieve measures information or project information via the API for projects that are set to private?
The above call works fine if the project is to public. (But then again, if the project is set to public, that call works fine even without authentication.)
We do have the same issue when using the SonarLint plugin for PHPStorm. The plugin works fine as long as the projects are public, but server sync stops working as soon as projects are set to private.
I'm thinking maybe it would be best to deny all requests to SonarQube except from our whitelisted office IP and have everyone connect via VPN if they want to access the instance from their home office. That would allow us to make all projects public and not have any of these issues. Is that the recommended way to run an on-premise installation of SonarQube?
Turns out the SonarQube instance was running behind an nginx reverse proxy that dropped the Authorization HTTP header from the request before passing it on to SonarQube.
After fixing the nginx configuration, all Web API calls work as expected.
How to disable the web security in Firefox or how to solve CORS issue in Firefox during development?
Things tried but did not work:
The option of filtering in "about:config" and setting the "security.fileuri.strict_origin_policy=false" doesn't work
Tried few add-ons like "CORS-Everywhere" (https://addons.mozilla.org/en-US/firefox/addon/cors-everywhere/). Doesn't work.
How to disable the web security in firefox
Don't. It gives unrealistic results for testing.
how to solve CORS issue in Firefox during development
Ideally: Create a development environment that is just like the live environment.
The server side code will, at some point, need development work performed on it. Your team will need the ability to create a development server with test data in it for that. Use the same development server for working on the client side code.
That way you can do you development work:
without making test calls to the live server (so you never need fake test users doing fake actions on the live server with the risk that test data will escape somewhere end users will see it).
without cross origin issues (because your development server for your client side code will be the same as the development server for the URL you are requesting)
able to use relative URLs
with a browser that acts like the browsers used by end users
As a quick and dirty hack which doesn't have most of the benefits of using a proper test environment: Use a proxy server that maps requests to the same origin as your development environment to the live environment.
I used Charles proxy for that before I moved to having proper development environments.
Is it possible to run an in-app HTTP server with NativeScript either as a background service or as part of the foreground app itself ? I am looking to utilize a common code base across a system of applications which would communicate to a local server which handles some parts of the application's communication to my servers. Where, I intend to create a HTTP server in the app which can just serve as a REST server for the app. Is it possible ?
Thank you.
I don't think its possible since nativescript doesn't offer any module or plugin that supports the creation of http servers. First option is to look for a nativescript module in npm that supports http server creation, Second option is to create an http server using the native API's with javascript, Third and last option (which I prefer) is to make your own server using nodejs or any server side script and run that server on a certain machine then from your nativescript app you can access that server using the fetch module or the http module :)
I'm currently running MAMP Pro (osX 10.9.4) with several different virtual servers on my local machine, one for each of my client's projects. I've been trying to connect to the Google API use OAuth and have everything working just fine when 'REDIRECT URIS' is set to:
http://localhost:8888
However, as mentioned I've got several of these servers running,
e.g. 'https://clientname1:8890' or 'https://clientname2:8890'
Whenever I enter those into the API console I just get a 'Whoops' message telling me something has gone wrong Google's end:
"Server Error: Whoops! Our bad."
It seems as though only 'localhost' is allowed via the API for local testing, is there anyway I can set it up so I can test off any of my local servers?
I had to add my localhost to the allowed referrers list to test locally. Without that inclusion, I get 403 Forbidden errors. You probably just need to add clientname1 and clientname2 or clientname1:8890 and clientname2:8890 to the allowed referrers list in the Google Developers Console. Mine's set under public api access, so maybe it's going to be another problem for you depending what API you're using and how you're using it. Hope it helps -
I'm using the AJAX Test Server in Rational Application Developer. I'm posting a form to another host for authentication. That host takes a URL to redirect to after authentication. However, it insists on using HTTPS whenever it sends the 302 response. The low hanging fruit would be to just use HTTPS locally.
Looking at the launch configuration, the AJAX Test Server appears to be a custom Apache HttpCore server. I haven't spotted anything in the configuration guide.
Is there a way to access this test server via HTTPS?
This is for demo and local development purposes; not production.
Speaking from working with WAS (WebSphere Application Server) in RAD, I'm pretty sure the answer would be yes. The server (at least with WAS) has both secure and "unsecure" ports.
What I have noticed is that when the server is built with the install (at least with the newer versions of the products 7.5+), the ports used are different per install. This is to help with not conflicting with other applications that may use those ports.
So https is probably fine. You just may have to use it over port 302 or some other port.
If there is no admin console for viewing your ports, you could always try the Window | Preferences option under your menu items. Sometimes IBM hides server config stuff in there.