gsoap Server does not accept Client request - gsoap

I have created a web service in gsoap, but server does not accept requests. There is no error, but i dont understand why it does not accept requests from client. I am pasting my client and server code here.
Clientcode
EnrollmentServiceSOAPProxy proxy;
_ns1__performRequest *req = new _ns1__performRequest();
_ns1__performRequestResponse *res = new _ns1__performRequestResponse();
if(proxy.performRequest(req, res) == SOAP_OK)
print "OK" // pseudo code for print.
else
print "Not Ok"
Server Code:
int __ns1__performRequest(soap *, _ns1__performRequest *ns1__performRequest, _ns1__performRequestResponse *ns1__performRequestResponse)
{
ns1__performRequestResponse->jobID = "1011";
return SOAP_OK;
}
The server is listening on localhost. but the request does not reach the server.
This is the WSDL file:https://www.dropbox.com/s/n2sdv51qmttp7vb/EnrollmentService.wsdl
I debugged the code, but it did not help me.

It happend with me before. In service definition i used different port, while the server was listening to different port. This seems your problem too.

The service endpoint may not be set to your server, but to whatever the WSDL defines as the server address. You should use EnrollmentServiceSOAPProxy proxy("URL"); with the URL that is your server's endpoint address (http://hostaddr or http://localhost:8000 when you run your server local on port 8000).

Related

What is the request that whatsapp cloud api does to verify a webhook?

I'm able to verify the webhook using glitch from the getting started:
https://glitch.com/edit/?fbclid=IwAR2YTjZuGGM9Hi6T_v1eZh_nV6_HY3RYn_8lll4gY1REa_bJy6ZAuq6tkKQ#!/whatsapp-cloud-api-echo-bot
my local server (in a subdomain with https enabled) has the same behavior as glitch and show "WEBHOOK_VERIFIED" on the log for the request:
/webhook?hub.mode=subscribe&hub.verify_token=xpto123&hub.challenge=123
but when try to verify my local server the request from meta does not reach the server.
chrome showing that the connection to the server is secured
After more tests I found that my local server was been blocked by the ISP, understood it after test with another connection.
I made my own server and had tried ngrok and other programs to run it from local host with https redirect but whatsapp doesn't allow the use of those programs.
In the end, my error was that the URL HAS to end in /webhook or else, it won't even send the request. Then it'll send a GET request and you have to return the hub.challenge query param after making sure that the provided token from them is the one you set up. This is my code using NodeJS
if(req.query['hub.verify_token'] === process.env.VERIFY_TOKEN) return res.status(200).send(req.query['hub.challenge'])

Is there a potential data leak when redirecting from http to https?

I have the following code in my Fastify server hosted on Heroku:
this.server.addHook('preHandler', async(req, reply) => {
const isHttps = req.headers['x-forwarded-proto'] === 'https';
if (isHttps) {
return;
}
const {
method,
url
} = req;
if (method && ['GET', 'HEAD'].includes(method)) {
const host = req.headers.host || req.hostname;
reply.redirect(301, `https://${host}${url}`);
}
});
The idea is to prevent access to the server through HTTP and force redirection to HTTPS at the application-level, since it is not possible otherwise on Heroku.
My question is: if the first request to the server via HTTP (before the redirection happens) contains sensitive information such as a username/password, wouldn't that still be "dangerous" or compromising somehow?
You have probably mis-configured something on Heroku.
Heroku domains (.herokuapp.com) are by default HTTPS enabled. The same page has a guide for custom domain SSL setup guide. Since you are talking about (username + password), I am going to assume this is a website. All you need to do is setup CORS with fastify-cors. Your website should ALWAYS be served over HTTPS.
Also you should not use the logic above. Fastify isn't meant to be used as a proxy server. The docs strongly suggest using a front-facing proxy server like nginx. With Heroku you don't need all these. It already handles this for you.
In the future you could also use Cloudflare as a "proxy server" outside Heroku.

Modify server response using node http proxy

I am a beginner to node js and this is my first post in here so apologies if this is a stupid question.
The problem I need to solve is to change information in an HTTPS server response before it hits the client. The reason is that my my client (Im developing a GARMIN sports watch application) cannot read the server response as the body data format differs from the content_type as defined in the response header. I have no means of impacting the server code and on the client I am stuck as well, Garmin has acknowledged it should be fixed but have not put it on priority.
I guess that leaves me with having to implement my own http proxy that I can connect in between the client and server to change either the header or the data format in the server response.
I have browsed around a bit and also played around a bit with node-http-proxy but I am not sure what is the best solution approach. Basically, the SERVER expects HTTPS comms, and preferably I also want secured comms between the PROXY and the CLIENT (since they will exchange user credentials).
I guess my first question is if this is a possible use case:
CLIENT -> (HTTPS_POST_req) -> PROXY -> (HTTPS_POST_req) -> SERVER
SERVER -> (HTTPS_resp) -> PROXY -> (modified_HTTPS_resp) -> CLIENT
I took a quick shot at it using node-http-proxy sample code but got stuck. What I did was to create an http server on localhost and a proxy server that would proxy the request to SERVER.
const http = require('http');
const httpProxy = require('http-proxy');
const proxy = httpProxy.createProxyServer({});
http.createServer(function(req, res) {
console.log('incoming request');
console.log('URL:' + req.url);
console.log('Method:' + req.method);
console.log('Headers:' + JSON.stringify(req.headers));
proxy.web(req, res, { target:'SERVER ADDRESS HERE' });
}).listen(8888, () => {
console.log("Waiting for requests...");
});
From the console I can see the incoming request and also read the url, headers and method but then after a short while I get this:
Error: connect ECONNREFUSED 127.0.0.1:80
at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1141:16) {
errno: 'ECONNREFUSED',
code: 'ECONNREFUSED',
syscall: 'connect',
address: '127.0.0.1',
port: 80
}
I have no idea why something want to connect to localhost on port 80.
Perhaps this approach will never work for HTTPS/SSL traffic? For instance, do I have to setup my own server certificate to do this or can node-http-proxy handle it "under the hood"? Need a bit of help, please.
//Fredrik

Capture HTTPS request to nonexistent server with FiddlerCore

I am trying to send a response to an HTTPS request, using FiddlerCore.
I need things to work like this: I put some fake URL in browser, like https://my_url_that_doesnt_exist.com/, then I intercept this request with FiddlerCore and respond to it with my data. But I only see a CONNECT and the host URL. I know this is because of HTTPS and Fiddler being a proxy. But is there a way to get the real full URL and be able to respond to HTTPS request, using FiddlerCore?
Also I use this code to create a root certificate if it's missing:
if (!Fiddler.CertMaker.rootCertExists())
{
if (!Fiddler.CertMaker.createRootCert())
{
throw new Exception("Could not create a certificate.");
}
}
also, I use these startup settings:
FiddlerCoreStartupFlags fcsf = FiddlerCoreStartupFlags.Default | FiddlerCoreStartupFlags.DecryptSSL|FiddlerCoreStartupFlags.AllowRemoteClients;
and CONFIG.IgnoreServerCertErrors = true;
This HTTPS request is not visible in Fiddler itself. I mean when I try some non-existent URL to which I'd like my app to respond with some custom content. It's also HTTP, not HTTPS, and Fiddler itself contains the following in response:
[Fiddler] DNS Lookup for "my_url_that_doesnt_exist.com" failed. The requested name is valid, but no data of the requested type was found
But if I use some existing HTTPS URL, like google plus or anything like that, I can see the HTTPS and all the request details.
So the question follows: How can I intercept HTTPS request to a non-existent URL and serve my content instead?
I can provide any additional details if needed.
Also makecert.exe is in the same folder where all my binaries are.
The problem is that HTTPS traffic flows through a CONNECT tunnel, and by default that secure traffic won't be sent if creating the CONNECT tunnel to the target server doesn't first succeed. Of course, if that target server doesn't exist, you end up with a DNS error in creating the tunnel, so the secure requests are never sent.
The workaround is to tell Fiddler to tell the client that the CONNECT tunnel was created, without even trying to contact the server. Do so by adding this inside the BeforeRequest handler:
if (oSession.HTTPMethodIs("CONNECT"))
{
oSession.oFlags["x-replywithtunnel"] = "GenerateTunnel";
return;
}

Error sending email

I created a simple application at: graficaromana.com.br
In the contact form (http://graficaromana.com.br/Contato) when I try to send an email I get an error.
Locally the mail is sent normally without any error.
Is there some setting I have to do on the host? in the domain?
Error:
System.Net.Sockets.SocketException A connection attempt failed because
the connected party did not properly respond after a period of time,
or established connection failed because connected host has failed to
respond 209.85.225.108:25
See the code for more details in link: https://gist.github.com/1149028
looks like the remote host has maybe a separate server they use for sending mail out or that you have to be whitelisted with the host in order to send mail and a username and password may be required. have not looked at your code but i see them kind of errors when there is a firewall involved and the machine trying to send does not have access through the firewall, as the firewall does not respond at all you get an answer like ' The server did not respond in a timely manner' or 'the server did not respond after a certain amount of time' i am assuming that before you posted on here that you have asked the hosting provider about sending mail, and what there preference is on how this should be carried out? right?
if so please provide info on what they have said
here is a sample of code to send email:
var smtpClient = new SmtpClient();
var message = new MailMessage();
smtpClient.port = 25;
message.from = "test#test.com";
message.To.Add("me#workemail.com,client#office.com";
message.Subject = "Contact from website";
message.IsBodyHtml = true;
message.Body = "<html><head></head><body>TEST</body></html>"
try {
smtpClient.Host = "relay.server.you.have.from.host";
smtpClient.Send(message);
} catch( Exception ) {
// host is down or we are local try other servers
// here you can have more try / catch
smtpClient.Host = "127.0.0.1"
smtpClient.Send(message);
}

Resources