Apigility and https - angularjs

I got a problem with apigility and https.
To enable https communication between AngularJs frontend and Apigility backend, I used this tutorial:
http://robsnotebook.com/xampp-ssl-encrypt-passwords. Almost everything works fine, but REST webservices doesn't respond via https.
When, using Advanced REST Client, I'm sending request e.g.
https://localhost:8888/status
NO RESPONSE appears.
Does anyone know where might be the problem?

For defiantly it is server fault. My apigility instances are working perfectly normal on production server with SSL. Could you give some more information.
Can you open your apiglity admin panel by browser? Is it working?
Is there any error in response headers or some other clue? Are you sending "Accept" header?
What is your apigility and zf2 versions?

Related

How to solve net::ERR_SSL_PROTOCOL_ERROR?

The error shown in this image
I just made a simple landing page with Nestjs (backend), Reactjs (frontend) and using graphql for API and deployed on AWS EC2. (The error says, "POST https://[our public address]:[end point port number]/graphql net::ERR_SSL_PROTOCOL_ERROR")
And I set up a proxy server with Nginx and put SSL with Let's encrypt.
It was fine submitting a form (just simple email info) and got them in our database (PostgreSQL) and as soon as I got the SSL implemented in NginX.
We are getting that error.
Can anyone help us to solve this error please?
tried making https protocol for backend following this official doc https://docs.nestjs.com/faq/multiple-servers#https does not seem to work and I am not sure if this is necessary to do to be honest.
The current NginX set up
Not sure if I have to do somethings on this Nginx setup.

How is "No 'Access-Control-Allow-Origin' header" a server issue if I can turn on a CORS extension and it works?

I access a server that I can change in any way. It is only available to me.
GETS / POSTS work in curl, but I get an error in my angular web app
I read a ton of posts about this, and after nothing seemed to work, I installed the CORS extension to Chrome, added *://*/*, and I have to turn it on anytime I'm trying to access the server. But it works.
Most of the posts say this is because the server does not allow access from outside sources. So I did some more digging and found the W3 CORS enabled site, that specifies a filter must be added.
However, when I get the error, I can open the network panel and see that the response came back exactly as I was expecting, so why did I get an error?
This makes it seem like Chrome is not allowing access.
Why must the server be changed to allow this?
Does this mean anyone with this chrome extension can access my server?
It seems like it should be possible to configure a header in my $http.get that would allow this, but everyone keeps saying its the server...
Cross domain calls are not allowed by default. When the browser makes a call to a website or Web-API sitting on a different domain than the domain opened on the browser, it includes a HTTP header "Origin" in the request. The server looks at this header and if it's white-listed it includes the header Access-Control_Allow_Origin in the response. All this happens in a pre-flight request using HTTP Options method before the actual GET/POST call. So for the CORS to work the server has to allow the client domain, so the browser can make further calls.

$http.post cross domain request not working in Internet explorer (Network Error 0x80070005, Access is denied)

When I make an $http.post request and set the "withCredentials" property to true.
My request works fine in Chrome and Fiefox. However, I'm getting the error below in IE:
XMLHttpRequest: Network Error 0x80070005, Access is denied.
I noticed that if I enable the "Access data resources across domains" setting in IE, The error gets resolved. However I need to find an alternative solution because I can't ask the users to enable that setting obviously.
I noticed that a $http.get request to the same domain is working in IE with no issue, the issue is only with the $http.post request, the Options request is getting a 500 internal server and I see the request and response headers below:
Note:
I do have the necessary custom headers, and I can see them in Chrome when the OPTIONS request succeeds. The headers that I see in Chrome are listed below:
Could you please let me know if I'm missing something that would make the request work in IE without having to enable Access data sources across domains?
Internet Explorer 9 doesn't support cookies in CORS requests. The withCredentials property of the $http arguments attempts to send cookies. I don't think there's any way to fix it with headers. IE10+ should work by default, just be sure that you are not in compatibility mode. CORS isn't fully implemented in IE10 either, but the type of request you are trying to do should work.
You didn't mention what the nature of your web app is, but it impacts the type of workaround you will need for IE9. If possible, see if you can refactor your code to use a GET request instead (again, I don't know what you are trying to do via AJAX so this may be impossible).
You may be able to use Modernizr or something similar to detect if the browser supports CORS. If it is not supported, send the request without AJAX and have a page refresh.
Another alternative if you really want to use AJAX is to set up a proxy on your web server, i.e. the server on the same domain. Instead of making the cross-origin request directly, you make the AJAX request to your same-origin server, which then makes the request to the cross-origin server for you. The server won't have CORS issues. This solution assumes, of course, that you have some server-side scripting going on such as PHP, Node or Java.

Request and Response between two projects

I'm trying to work on 2 projects. The first one is mainly for client side (AngularJS+MVC) development and second is server side, including web APIs. I want to use web APIs as controllers.
I set the server side project as start-up project. Then set its URL (localhost:..../) as the URL of the controller, then ran the project. After that with the view in the browser, I ran my view, too. (From the client project). The request correctly gets to the API controller from the second project, but I didn't reserve any Response. I guess the problem is the difference between URLs.
What is your opinion? And what should I do, then?
What kind of response are you getting? 200 (OK) status or something else? you might be getting cross orgin request error, if you have not enabled CORS on the web api and you are making the api request from the client side of the Angular project.
Please don't mind my poor English.
Are two projects served on the same domain? If not, there maybe a cross origin request error. You can fix it by adding some headers, like this:
header('Access-Control-Allow-Origin','*');
header('Access-Control-Allow-Methods', 'GET,POST,DELETE,PUT,PATCH');
header('Access-Control-Allow-Headers','Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With');

Issue with AngularJS and 3G conneciton

I developed an AngularJS and I have a issue I can't fix, in a desktop the app works fine and in a mobile with Wi-Fi connection too.
But when I use it in a mobile with 3G connection it fails 'cause it doesn't do a GET request to the server, I've thought it was the cache but I disabled it in app config ($http.defaults.cache = false) and it doesn't work.
I have three nested request, one POST and two GET in order to refresh the shown data. The request in what I have the issue is the first GET, it doesn´t send the request to the server but treat the response as it had returned 200 OK.
Example code:
sendData()
.then(refreshFirstData) (problem here)
.then(refreshSecondData);
Does anyone know what can be happening?
Thanks.
EDIT
I could get a capture from the request when using 3G connection and it loads the data from cache... I think I disabled this option..
SOLUTION
I found the solution in nginx, I needed to add 'expires -1' to the config of my site.

Resources