I deployed my page with firebase hosting.
For some reason, I get this safety error:
Users can write and read data from firebase (comments, replies), but can't of course read data for users collection. Did anyone have same problem? What can I do about it?
Here are links to:
live web site https://interactive-comment-sect-a2a31.web.app/
github repo https://github.com/tr43om/Texto
The issue could result with any of the following reason:
Your site has been infected with malware
Your site contains phishing pages
There's an issue with your SSL certificate
Your plugins have security vulnerabilities
Your website has questionable links
You offer suspicious downloads
To detect issue, use google search console and fix the issue as per recommendation.
source
Your Firebase API key is open to see anyone. It means your database can be hacked anytime. I think this can be an issue. Try to put your keys inside .env file. That will make your application more secure.
Related
I'm deploying a side-project at the moment that I've built on React+Nodejs.
I deployed the React part using Vercel, what a great service. I then deployed my Node backend to AWS ECS that is currently active and accessible.
The problem is, Vercel configures HTTPS by default so I need to enable HTTPS on my backend as well to allow for communication. Otherwise, I get a "Blocked mixed content" error on the frontend.
I've tried obtaining a certificate from ACM but Vercel has it so that I can't add a CAA record for Amazon (it removes the "." at the end). I currently have a support ticket with Vercel to try and resolve this.
If there's an alternate way to resolve this issue, or if I'm not even on the right track, let me know. Thanks.
Edit: This is the page I followed for ACM: https://docs.aws.amazon.com/acm/latest/userguide/setup-caa.html
The trailing dot is actually not required. As you can see here, Vercel is also using multiple CAA record without any issues. You can search for more examples online.
Newbie React learner here!
I created a react app from scratch, using webpack and babel). In the application, there are many fetch requests. The API URL has "HTTP" in front, and unfortunately, there isn't an https alternative for that. ( I tried putting an S or removing the / at the end but it didn't work).
The project worked fine locally with no errors. I made some configuration setup in order to host it with firebase, and then built and deployed it. The setup worked also error-free, but when I visited the page I saw that there was no fetched content. When I checked the console there was the mixed content error for all the fetch requests.
Mixed Content: The page at 'https://yu-gi-oh-deck.firebaseapp.com/' was loaded over HTTPS, but requested an insecure resource 'http://52.57.88.137/api/card_data/Burial%20from%20a%20Different%20>Dimension'. This request has been blocked; the content must be served over HTTPS.
To be honest, I have more than one questions, but there are all related to this project and how to move from here. I hope there isn't an issue with that.
Can I "undo" the firebase configuration from my project?
Are there other free options for hosting my app with no errors about https?
(it might be a stupid one). I haven't pushed the changes from the firebase setup to my Github repo. Can I edit my project even after running build and deploy?
Here you can find some of your answer and possible solution: Can sites on Firebase hosting include non-https resources?
Look at this post to stop hosting: How do I remove a hosted site from firebase
This is a post to host your single page app on GitHub: https://itnext.io/so-you-want-to-host-your-single-age-react-app-on-github-pages-a826ab01e48
You can still edit your project, it has nothing to do with Firebase hosting.
I created a very simple FireBase + Angular app with AngularFire, or rather, I copied the code from the examples. All it does, for now, is allow logging in and out via Google. The code is so simple I don't think there's even a need to post it here.
I tried it on different static files hosting solutions, and got somewhat weird results.
On Google Drive, Dropbox, and Github. Though the pages were served on all of them, no 404 error and no JS errors in the console, the login itself didn't work. What would happen is that the program would launch the login screen and log in the user, but then the angular "auth.user" object stayed null.
The same code exactly, when run on Visual Studio (just by "view file in browser") and also hosted on FireBase's own hosting solution, ran as expected, no problems. Logging in and logging out both worked.
I wondered how that could be, since this is a "no backend" app, or, more precisely, it has the same back-end, i.e. FireBase services.
What is happening here?
explanation on hosting on Google Drive
explanation on hosting on Dropbox and Github
(comments on how to improve this question will be appriciated)
You have to liste the domains that will host your app in the settings of FireBase.
It is in the login and auth tab, the "Authorized Domains for OAuth Redirects" field.
You should put there the domains you want to use, like dropbox.com, etc...
Details here : https://www.firebase.com/docs/web/guide/user-auth.html#section-configuring
Your code works on your local Visual Studio because localhost and 127.0.0.1 are enabled by default.
My questions is in two folds: issue with app engine:update and with the app cfg.sh.
I looked on the web and could not find any workaround or potential answer that could help me fixing this issue.
My application is working with not much issue locally. Time now to give it a shot on production and upload it to google app engine. At first I tried doing this by using the 'app engine:update' from gradle (I'm using Android Studio). The execution failed with the following error message: "toolkit not found: apple.awt.ctoolkit. Why is this toolkit required and where can we find it?
While searching on the internet there were suggestions to use the appcfg.sh script to upload the application. It seemed to work at first until it asked for email and password. I used the exact same email/password I use to connect to goole-appengine and for some reasons it does not work.
Thanks.
After few hours investigating this issue I found out what the issues were. First thing, my account was compromised and received an email from Google. All I had is to confirm that was me trying to upload application to GAE. Secondly, my primary email address linked to my Google account belongs to another ISP. There is a security feature to disable and for security being a bit more loose. Creating a gmail account did the trick.
Using Eclipse, I am experiencing an error when trying to deploy a rather basic web app with JAX-RS and JAXB. It runs okay locally, but when trying it on the remote servers I get the message shown below...
'Deploying to Google' has encountered a problem / This application does not exist
Below shows my appengine-web.xml
The XML file illustrates that I am using the same name in the xml as what's specified in the project properties...
The output window show...
------------ Deploying frontend ------------
Preparing to deploy:
Created staging directory at: '/var/folders/n8/6by626014jbfc0dwmxnb0ly00000gn/T/appcfg2754901216637807129.tmp'
Scanning for jsp files.
Scanning files on local disk.
Initiating update.
com.google.appengine.tools.admin.HttpIoException: Error posting to URL: https://appengine.google.com/api/appversion/create?app_id=hillingarincident&version=0&
404 Not Found
This application does not exist (app_id=u'hillingarincident').
Debugging information may be found in /private/var/folders/n8/6by626014jbfc0dwmxnb0ly00000gn/T/appengine-deploy447984481661870877.log
The referenced debug logs show...
Unable to update:
com.google.appengine.tools.admin.HttpIoException: Error posting to URL: https://appengine.google.com/api/appversion/create?app_id=hillingarincident&version=0&
404 Not Found
This application does not exist (app_id=u'hillingarincident').
at com.google.appengine.tools.admin.AbstractServerConnection.send1(AbstractServerConnection.java:293)
at com.google.appengine.tools.admin.AbstractServerConnection.send(AbstractServerConnection.java:253)
at com.google.appengine.tools.admin.AbstractServerConnection.post(AbstractServerConnection.java:232)
at com.google.appengine.tools.admin.AppVersionUpload.send(AppVersionUpload.java:644)
at com.google.appengine.tools.admin.AppVersionUpload.beginTransaction(AppVersionUpload.java:449)
at com.google.appengine.tools.admin.AppVersionUpload.doUpload(AppVersionUpload.java:124)
at com.google.appengine.tools.admin.AppAdminImpl.doUpdate(AppAdminImpl.java:371)
at com.google.appengine.tools.admin.AppAdminImpl.update(AppAdminImpl.java:53)
at com.google.appengine.eclipse.core.proxy.AppEngineBridgeImpl.deploy(AppEngineBridgeImpl.java:433)
at com.google.appengine.eclipse.core.deploy.DeployProjectJob.runInWorkspace(DeployProjectJob.java:148)
at org.eclipse.core.internal.resources.InternalWorkspaceJob.run(InternalWorkspaceJob.java:38)
at org.eclipse.core.internal.jobs.Worker.run(Worker.java:53)
Any answers will be appreciated. At one point my browser was not logged in to the target google account, so I swapped to the correct one a little later, Google does render the application name as expected.
Okay, this was simple in the end! Eclipse performs an auto-login to the Google account, unfortunately I created the Eclipse project whilst being logged in to one Google account and then tried to specify the application name afterwards.
You'll see in the bottom-right (or bottom-left in some versions) a Google icon with the name of the user that you are logged in as. If that's not the account where your application is defined, then simply logout of that account, then login as the correct Google account.
Now there's no error :-)
I know this question is super old but I had this issue all day and finally I found a solution. Maybe it will help someone out in the future.
After you create a project in Google Cloud Platform, you must go to google cloud shell in your project and run the command
gcloud beta app create
After you run this command, you will get prompted to choose a region. Then go back to eclipse and try deploying it. It worked for me.
There are not just 1 way can cause this problem. For me, I have this problem when I create the project using Maven. But I don't have the same issue if I directly create the project from the Google plugin.
There might be another issue, when you register with Google App Engine, you receive email indicating your activation. If you have not received the email yet, this problem could occur too.
Another issue could be to use the gmail account for the Google App Engine to avoid any such errors.