CORS & HTTP Options - chromecast

I have built a custom receiver app using Google's example for the chromecast.
I am trying to stream SmoothStreaming on it.
Problem is, that I see the networking debugger and I see that for every chunk of SS it fetches, it does HTTP OPTIONS before the HTTP GET.
Is there a way to use a CORS xml or something so that the chromecast will not do these overhead calls?
Thanks

You need a CORS Proxy. Have you tried to use corsproxy.com? Or TOMODOKorz? Links:
http://www.corsproxy.com/
https://github.com/TOMODOcom/TOMODOkorz
From the tests I've been doing, the Chromecast client always sends HTTP OPTIONS to check it has permissions to get the content and then (after receiving a 200 OK) sends a POST to the license server.

Related

How do I capture https requests with Postman native app using Windows 10?

I am using the Postman native app on Windows 10 and am struggling with trying to capture https requests. Postman's Documentation for this is for Mac and not Windows.
In particular, I am working on a web application that creates a session cookie upon login that needs to be included in most requests in order to be authorized. When I was using the Chrome App, Postman Interceptor achieved this (see https://stackoverflow.com/a/32436131/3816779).
Here's what I've tried so far:
Turn on the Proxy in Postman with port 5555.
Configured windows to send http and https requests through Postman's proxy server (127.0.0.1:5555).
This allows http requests to be captured in Postman
But when trying to connect to https sites, I get an error
Here are my Postman settings if that helps.
Update I ended up switching back to the Chrome App, which uses the "Interceptor" instead of a "Proxy Server" to capture traffic.
Unfortunately, capture https requests with postman native app is impossible in some case according to the official doc: Capturing HTTP requests
Note: for the Postman native apps, request captures over HTTPS will not work if the website has HSTS enabled. Most websites have this check in place.
Postman's proxy now supports HTTPS traffic - https://blog.postman.com/postmans-proxy-now-fully-supports-https-endpoints/
Once you install a CA certificate that Postman generates for your installation, capturing HTTPS requests should be seamless.
Disclaimer: I work at Postman
With Google Chrome i don't know how to fix the issue. But you can use to open the web page for example IE..
EDIT:
Or MAYBE you can start Google Chrome with parameter --ignore-certificate-errors to ignore the error message.
Postman Interceptor is available for Postman native apps which supports both features:
1. Capturing requests
2. Syncing cookies
Learn more here.
Just check HTTPS in setting and will work for you

Debugging KML in GE client

Working with Google Earth 6.2.2.6613 client and KML files and I have a need for debugging .
I have situation where GE reports my KML file has made an "invalid HTTP request" and it displays the offending URL.
I can cut and paste the URL into a web browser and it returns the expected result.
So the question is " How can you get useful debugging information from the GE client?"
For example "invalid HTTP request" ? How ? whats invalid ? Does GE client run/have a debug log or mode ?
I am using Windows 7 Professional 64bit but I will need to test other versions ( Mac OS X ) in the future.
While a web proxy ( or my own globe server ) would allow me to see the http traffic , I need to see what happens in between requests in the GE client.
Google Earth itself doesn't log what it does internally or have a debug mode to enable such logging. You can enable 'KML Error Handling' in the Tools/Options/General menu which may give more information for invalid KML but validating the KML is best done with something like the KML Validator.
So the easiest way to debug Google Earth HTTP access is using a network analyzer such as the Fiddler Web Debugger to identify the network traffic.
Fiddler runs as an HTTP proxy and captures all web access showing the full HTTP request and response information. Just click 'Capture Traffic' and then launch Google Earth to capture all HTTP traffic.
You can capture the HTTP session with hits to kh.google.com, mw1.google.com, khmdb.google.com, mw2.google.com, and so one with the full URL, HTTP headers for request and response, etc. There are many options for multiple views, filtering, decoding, timing information, and more. You'll see the selected Layers being downloaded as KMZ files.
Sample Web session
Result Port Host URL
200 HTTP kh.google.com /geauth?ct=free
200 HTTP Tunnel to www.google.com:443
200 HTTP Tunnel to accounts.google.com:443
200 HTTP kh.google.com /flatfile?q2-0-q.534
200 HTTP mw1.google.com /mw-earth-vectordb/photos/360cities/360cities.kmz
200 HTTP mw1.google.com /mw-weather/base/files/kml/weather_en.kmz
...
After debugging you can stop Fiddler which restores the HTTP proxy settings back to normal.
I use this tool to quickly see what Google Earth is doing behind the scenes. It is easy to use and very friendly.
http://www.fiddler2.com/fiddler2/

Visualize HTTPS in WireShark

I am trying to do a http bot to make me, my online check in.
I used the wireshark application to store the http request and response while i was
make the check in.But when i try to visualize what was sent in the request/response i am not able to to see the https packets.
For example : If i use the firebug plugin (firefox) i am able to see this information:
This first link shows the headers(request/response)
https://docs.google.com/leaf?id=0B9WcB03Ho2uzZmNlNTUyMDYtZjRhZC00YjljLTlkMDAtMDBiMmU4MDAzYjlk&hl=en_US
This second list shows the paylod of the POST method
https://docs.google.com/leaf?id=0B9WcB03Ho2uzNjllYjllYTQtZTg2MS00Zjc1LTgyODQtNTUyNTc5YTk5N2Nh&hl=en_US
But in whireShark when i filter for example by the ip.dst_host , the only packets that appear are the TCP and TLSv1 and in each one i am not able to see the some information thar i am able to see in the firebug because that information is in the application layer(HTTP).
The URL : https://checkin.si.amadeus.net/1ASIHSSCWEBTP/sscwtp/checkindirect
HTTPS is explicitly designed to prevent you from seeing this traffic. If you have the server's private key, you can input it into WireShark to decrypt the packets. Otherwise, use Fiddler.

How to see all HTTP Get request sent from browser without debugging tool?

so, I have page doing a number of ajax and jsonp(i.e. injection) to get data. I would like to know how to find out the request URL I have made without using debugging tools, like firebug. etc. i.e. the history of GET request of the browser. Thanks
For the most part, browsers do NOT log a history of their HTTP GET requests. Also, if you're using ajax, you're probably doing HTTP POST requests as well.
You don't have to use an in-browser tool like Firebug, but you will need some tool to actually get a history of requests and the request bodies.
You can use a tool like Fiddler2, which is a proxy that gets all HTTP traffic outgoing from your computer (including from your browser and all other applications).
If you have control of the server environment, you can also set up logging on the server to capture this data.
You can use WireShark or a similar tool to monitor the network traffic and inspect the packets.

view response content of ajax,flash http requests

I'm interested if there is some tool (preferably a firefox addon) that allows you to record http requests and view their response header and content.
Try HttpFox :
HttpFox monitors and analyzes all
incoming and outgoing HTTP traffic
between the browser and the web
servers.
It aims to bring the functionality
known from tools like HttpWatch or
IEInspector to the Firefox browser.
Information available per request
includes:
- Request and response headers
Sent and received cookies
Querystring parameters
POST parameters
Response body
Firefox's firebug and webkits developer tools.
I recommend using Charles, http://www.charlesproxy.com/.
Charles is a stand-alone application, not a browser addon (but it has browser integration) which I personally prefer, since it can monitor http traffic also outside the browser, for example when a swf is run locally or from an IDE, or any other http traffic on your system.
If you prefer a browser addon, I believe Fiddler is quite popular, http://www.fiddler2.com/.

Resources