I'm experiencing the popular Security Sandbox violation...
I use Google Maps Flex API and now i want to access the Google Geocoding API . For this , i use the HTTPService :
<s:HTTPService id="geo_req" url="http://maps.googleapis.com/maps/api/geocode/xml?address={i_address}" result="geo_req_resultHandler(event)" />
But i got Sandbox Security violation . So i've created crossdomain.xml as :
<cross-domain-policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://www.adobe.com/xml/schemas/PolicyFile.xsd">
<allow-access-from domain="*" secure="false" />
<allow-http-request-headers-from domain="*" headers="*"/>
</cross-domain-policy>
I use WAMP server and can access the file by typing http://localhost/crossdomain.xml ...
Still i can't access the url.
How can i get rid of this ?
You need to put the CrossDomain.xml file on the domain you're sending the request to.
why don't you use the existing class ClientGeoCoder to geocode your address, instead of making an HTTP request to the Google site?
Do you successfully run the example on this link: http://code.google.com/p/gmaps-samples-flash/source/browse/trunk/samplecode/GeocodingSimple.mxml ?
Related
I am trying to setup an API proxy with apigee with a trail account.
I am facing issue in accessing the target endpoint (URL is correctly accessible directly via the browser).
XML part of the API proxy is as below:
<TargetEndpoint name="default">
<Description/>
<FaultRules/>
<PreFlow name="PreFlow">
<Request/>
<Response/>
</PreFlow>
<PostFlow name="PostFlow">
<Request/>
<Response/>
</PostFlow>
<Flows/>
<HTTPTargetConnection>
<Properties/>
<URL>http://xyz. com/artifactory/app/</URL>
</HTTPTargetConnection>
</TargetEndpoint>
Expected:
Error code 200 and page should load.
Actual:
{
"fault":{
"faultstring":"The Service is temporarily unavailable",
"detail":{
"errorcode":"messaging.adaptors.http.flow.ServiceUnavailable"
}
}
}
The issue was that, the artifactory base URL does not have access from a trial account. After creating another proxy with 'official' account (which had access), the links are working fine and the files are getting downloaded.
In short, the apigee account needs access to the artifactory.
i am new to WHMCS API and i just want call WHMCS API from my spring boot rest template and i am tired of adding my ip address to WHMCS->General Setting->Security->API IP Access Restriction.
According to WHMCS docs, it is a requirement:
API IP Access Restriction
Advanced. If using the WHMCS API from an off-server location, you must
specify the IP address here, otherwise access will be denied.
You can submit a feature request with your concerns so that they may consider an alternative in the future.
Edit:
According to WHMCS developer documentation, you can bypass IP Address restriction by using api access key in the configuration.php file:
$api_access_key = 'secret_key_passphrase_goes_here';
then access api with the following URL:
whmc-url.com/includes/api.php?action=xxxx&username=xxx&password=xxx&accesskey=secret_key_passphrase_goes_here
I am trying to integrate Yammer with our company platform which can be accessed only under intranet. While trying it, I am getting error "No 'Access-Control-Allow-Origin' header is present on the requested
resource". Can anyone help me how can my intranet app share resources with Yammer. What should be the link has to be given under Javascript Origin in Yammer Client Applications.
Set the value of JavaScript Origin to "localhost" while creating an application in Yammer.
If you are not using the local atom, then use it.
I am trying to add an google drive account using google api's to Owncloud, but following the instructions in http://doc.owncloud.org/server/5.0/admin_manual/configuration/custom_mount_config_gui.html
always fails
I have tried
https://bytenix.net/owncloud/index.php/settings/personal or the same on http
as the Web Origin but i always get "Error
Invalid web origin." on the Google cloud console page. The same applies for the destination, if i try using bytenix.net with https or http as Origin and works fine, but that is not what i want obviously. So what could be going wrong?
It could be because there are two options, 'Web Origins' and 'Authorised Redirect URLs'.
The 'Web Origins' is for the domain name e.g google.com.
The 'Authorised Redirect URLs' are the completed path (domain name
included) e.g. google.com/redirect/to/this/path
Sorry for replying to an old post, but you can try solution (for localhost) described here:
https://developers.google.com/+/quickstart/javascript
It should works fine, at least in my case did.
Say I have an app with a Sinatra REST API at http://example.com:4567. With my app I have a designer working on the front-end. Rather than set him up with a local back-end I edit his hosts file as follows:
127.0.0.1 local.example.com
and his httpd-vhosts.conf as follows:
ProxyPass /api http://example.com:4567
ProxyPassReverse /api http://example.com:4567
so that API calls are proxied to the remote host. I then create a vhost for local.example.com in apache that maps to his local directory where our front-end repo is. This allows me to give him a remote back-end with a local front-end.
The reason for the subdomain is because we do Facebook authentication which has its restrictive domain policies for auth. We can successfully facebook auth a user and get redirected back to the app, but when attempting to get an access token get a 400 response with the message:
{"error"=>{"message"=>"Missing client_id parameter.", "type"=>"OAuthException", "code"=>101}}
I believe the client_id is correctly set as it's set in the rack:oauth:client object correctly, and the flow is identical and only fails when the domain is different. The only thought I have is that facebook might not like that the user auth's from local.example.com while the access token is requested from example.com, but my understanding is facebook will authenticate on all subdomains. I've also whitelisted local.example.com on my App.
Any insight or advice into how to accomplish this? Thanks in advance.
Turns out it wasn't a domain issue, but rather fb_graph, the open source fb api from nov, uses basic auth by default, you need to set auth to something other than ":basic" when you get the access token in order to solve this error.