Github pages doesnt show HTTP urls - reactjs

I have a React website hosted on Github Pages, and a Flask Server running to put information on my ArangoDB server which is hosted on a machine that has HTTP address lets call it (http://21.23.24.25:8352)
The problem is that I try to show images which are stored on my local server for e.g.: http://21.23.24.25:8352/data/images/image.jpg
and I'm getting an error: net::ERR_SSL_PROTOCOL_ERROR
How can I bypass this other than creating a new ArangoDB server hosted on another machine, or creating a SSL Certificate on the machine.
I also paid for the pythonanywhere subscription, I thought maybe it was required to bypass the SSL issue. Any ideas?

Related

intermediate hops in nginx reverse proxy

I am new to nginx and doing full stack development for the first time. Could you please help me understand the below logic
Lets say we are building a chatting app. We have 3 servers (EC2 instances)
server_nginx - ec2 running a nginx server working as reverse proxy
server_react - ec2 running a react project through nginx as web server
server_spring - ec2 running a spring boot project through nginx as web server
My reverse proxy is running through SSL/https. Initially everything was happening on same machine, so I made my spring boot service also ssl because I could not initiate a http connection over https. Now the I started separating out the instance as mentioned above (3 ec2 instances). I was expecting that the connection to my backend would fail. Reason :
user connects to reverse proxy through https domain (lets say mydomain.com).
The request comes to server_nginx(mydomain.com).
From here this proxies this to server_react (which is running on simple http). This is the server where my react code is hosted
This react code tries to initiate a web socket connection to server_spring where I have enabled the CORS for mydomain.com. So I was expecting that the connection would fail here as this is a different IP now. But surprisingly all the apis are getting the response as if I am hitting it from mydomain.com
So can anyone please help me understand why is the behaviour like this
Thanks.

Forcing JS fetch to use non-https

I have an in-development ReactJS application that I run locally from my computer (on localhost). I have also set up local certs so that the application runs on HTTPS (https://localhost).
I also have a backend application located at an HTTP endpoint hosted in the cloud. Of course, the backend application will eventually be located at an HTTPS endpoint eventually, but that process hasn't been started yet.
I am trying to hit that HTTP endpoint from my local HTTPS ReactJS application by using fetch. However, something is upgrading the connection from HTTP to HTTPS automatically.
The only relevant information I have found on this is this post. I have tried the accepted answer (setting the referrerPolicy to unsafe-url) but that did not work for me.
Any other suggestions?

Adding domain name in digitalocean droplet

I have recently bought a domain from Godaddy. I have done the necessary setups to connect it with digitalocean droplet. I can access the website using the domain. The domain is by default using HTTPS. But inside the web app, I have made HTTP requests(for login, sign up). These network requests aren't being made if I access the website using the domain name. But if I access it by using the IP address of the droplet, those network requests were working. I guess the problem is with the domain. There is no SSL certificate present in the droplet. I am using the Nginx server in the droplet. I have used React to build the website.
I am new to web hosting. Can anybody tell me what's wrong here and how to fix this?
If I understood your question correctly, i think the issue might be in nginx config.
SSL requests that are coming to your droplet over HTTPS should be decrypted somewhere... You can either do it in nginx by using a certificate and modifying your nginx config accordingly, or you can use a digital ocean load balancer in front of your server and configure that load balancer to terminate SSL (you can get a digital ocean managed cert)... In both of these cases, your app will receive un-encrypted traffic.
These links might help:
https://www.digitalocean.com/community/tutorials/how-to-set-up-nginx-load-balancing-with-ssl-termination
https://www.digitalocean.com/docs/networking/load-balancers/how-to/ssl-termination/

connect to local host with my android phone but dont the full angular site

I am using tomcat server and angularJS to build a site that uses an API to bring data from the server by using an HTTP requests. when running on local machine tomcat is on ,i can see the full functionality of the site but when i'm connecting to my localhost from my phone (through WiFi) the site i see is not really functioning ,as if the HTTP requests can't be sent. is there a way to make the site work fully when viewed from my phone ?
note: my site basically uses the API to send a GET request and update a table on screen with the data, and POST/DELETE requests to update,delete,create data and of course dynamically update the table.
i'm working with Windows 7 if it matters.
another note: i used this answer to be able to connect with my phone. maybe i should use another way ?
Thanks
Sivan
why not use https://ngrok.com/ to tunnel your localhost to an private url.
(this is just for mobile testing right?)

Angular/Breeze app connecting to Web API throws "Access Denied" error on IE11

The Application
In short, the application surfaces data from a backend onto a web page. The client application is a Single Page Application made using AngularJS. It calls an ASP.NET Web API service located on a different domain to retrieve the data. I utilize BreezeJS on both the client application and the web service to manage this data. The client is hosted on a SharePoint Online site, and the service is hosted on IIS7.
The Error
I encounter an "Access is Denied" error when AngularJS attempts to make an XMLHttpRequest.open() call targeting this web service. However, though this seems like a simple CORS issue, it has some peculiarities which have me stumped:
Foremost, this error only occurs when using Internet Explorer 11 (or a previous version). When the application is viewed in Chrome or Firefox, it can connect and retrieve data from the service.
The web service is configured to accept the calling origin.
No network traffic is detected either by the native IE development tools or by Fiddler.
Specifically, the line: xhr.open(method, url, true); of the angular.js file throws this error.
Does anyone have any insight as to why this error occurs?
Also, if more specific details are needed I certainly can provide them. I'm not even sure where the issue might be coming from and I don't want to dump tons of irrelevant lines of code.
I think that this is due to using "localHost", i.e when attempting to access a resource in the "Local intranet" zone from an origin in the "Internet" zone.
See: Access denied in IE 10 and 11 when ajax target is localhost
This is not just a localhost issue as previously suggested. I have a production AngularJS application that is trying to POST to a public Web API 2 on a different domain. IE11, Chrome, and Firefox work without a hitch when the site is accessed externally. When accessing from a subnet that can talk directly to those servers, I get Access Denied and IE doesn't even send the request (Chrome and Firefox work flawlessly, of course. One workaround (I refuse to call this a fix) is to add the site as a Trusted Site in IE11. Even when the security settings for Internet mirror the settings for Trusted Site, I get access denied. I have to add the site on each internal IE system to gain access.

Resources