How can I implement a mechanism for communication between a desktop application and a browser, for example Firefox or Google Chrome.
Is there a platform independent solution or I need to implement it for each platform separately?
The app either serve a webserver for the browser. or some other 3rd host would be the webserver, in which your application would communicate with the browser via-proxy (that is issue a request to the server 'Send the browser this data' ).
In addition, you would have to periodically check for updates from the server using AJAX or page refreshes due to the fact that the server cannot issue a command to the browser, only upon the browser request [This also possible through COMET or COMET-LIKE technology].
Related
We're using AppAuth for a macOS application to authenticate Google accounts. This has been working for years, except recently Chrome has started to block all http connections by default. The loopback server in AppAuth is hard-coded to work with http connections only. The following issue also seems to have gone unanswered: https://github.com/openid/AppAuth-iOS/issues/624
What other options do we have for using a https loopback server on macOS for OAuth2 authentication? We need the loopback server to be able to extract parameters Google sends back after authentication. Asking users to switch from Chrome is not desirable.
Interesting - with loopback desktop logins there are two URLs involved:
The URL in the desktop app, which is meant to be HTTP according to OAuth standards, since it runs on end user PCs. Using HTTPS would require the entire user base to host SSL certificates, which is highly impractical. Typically a loopback URL is a value such as http://localhost:8000, where the port number is often calculated at runtime.
The URL used to invoke the system browser is a value such as https://myauthserver/authorize?client_id=xxx&redirect_uri=http://localhost:8000..., and this should be HTTPS of course.
PROBLEM DIAGNOSIS
I'd be very surprised if Google have blocked this if you are using standard desktop logins, since it has been referenced on their Native Apps Page for years.
Are you sure something else is not the cause? One possibility might be lack of a user gesture in the system browser. Is the problem consistent and are there any differences in these cases:
Make Safari Browser the default before login
Make Chrome Browser the default before login
Make Chrome Browser the default before login and clear browser cache
Let me know and I may be able to suggest some next steps ...
I am running two Windows server 2016s with IIS 10.0.14393. One server for staging purposes, and one for production.
The application has one "front-end app" and one "back-end REST api" running on the same IIS server. The front end communicates with the backend (suprise!). The difficulty I am facing is that the staging server works as expected, i.e no "Sign in" box appears when entering the front-end web page (React). However, on the production server this box pops-up.
When the page is loaded, there is javascript that fetches some information from the API, and it seems that this async fetch is causing the pop-up to occur (the request is in pending mode until login).
I have studied the configuration of IIS on the two servers but can't seem to find any obvious differences.
Both instances have both windows authentication and anonymous authentication turned on for both front-end and backe-end. I need this as the API has different types of authentication for the endpoints.
Anyone that has solved a similar issue?
Thanks
If someone experiences a similar issue the following link may help: https://support.microsoft.com/en-us/help/258063/internet-explorer-may-prompt-you-for-a-password
In my case I was sending the request to the api with the full domain url. The problem was fixed by just using the machine name (and port in my case) when sending the request. If the whole domain with punctuation is used, the system believes that the request is meant for the Internet and not the intranet, and will not include any credentials.
Another, and probably more robust solution, is to add the site in question to: Internet properties -> security -> Local intranet -> sites -> advanced.
I have got a web application with the following topology.
A (Web application) ---calls---> B (Local Web Api) ---calls---> C (Remote Web Api)
I am trying to capture the traffic from B to C in chrome DEV tools - network tab, but nothing is logged. It only showing one server request. I want to see the subsequent calls made by that server request. Is it possible?
B is a web site hosted locally on my dev box in IIS.
You are currently only debugging your client side app, so DevTools will only show the single request to your local web API. In order to debug the middle layer, you need to debug the API.
If you are using Node JS for this, you can use the v8 inspector by running node --inspect and then use the debugging URL to open up DevTools. Alternatively you can fallback to using Node Inspector
If you are using .NET Web API, you can use the debugger in Visual Studio to see the subsequent calls to the remote API, but Fiddler is a very handy tool as well, especially for mocking.
I can't find any documentation on what type of internal server PhoneGap is running on mobile devices, whether it's Apache, IIS, or some other minified web server. I'd like to know what type of server it is and whether it can be configured to allow external communication to a server, which is rejecting the incoming requests because it doesn't have the CORS support added to it.
We have 3 options
1) Add CORS support to allow AJAX from PhoneGap device to the web servers
2) Configure the PhoneGap web server to act as a proxy
3) Add a plugin, or write a plugin, which allows a native Android function call to allow communication to the web server
If you have any experience with these or advice on which way to go, your help would be much appreciated. Thanks in advance!
There is no internal server. PhoneGap/Cordova creates a base native application with the default view as a webview. A webview is a blank version of a web browser window. There is no web server component to PhoneGap.
I have deployed a ASP.NET MVC 4 w/ SignalR application of mine which is working fine on all clients, except one. When using Chrome Dev tools to debug the page I see that the SignalR transport method is ServerSentEvents and that the SignalR GET requests have a status of 'Cancelled'. This is the case in both Chrome Latest & IE 9 Browsers.
This problem is specific to a single client. A few things I have tried are:
Disabling Windows Firewall
Adding my site to Trusted Sites with
Security settings 'Low'.
As a bit of a background on the client.. they are part of a corporate network running Windows 7. Another computer on the same network had the same issue, however, this was fixed by adding my site to 'Trusted Sites'.
AVG Internet Security was blocking these requests. Disabling 'Online Shield' meant the app returned to normal working order.