Openshift: Uploading File not possible / Sending emails not possible - angularjs

I have a small web project where I use openshift as a service for a test system.
Now I got 2 problems:
1) I have a form in which a user shall upload a picture. For that I use multipartfile. But the file upload just doesn't work, while it does locally under dev.
So now I ask myself if I need to configure something on the server. But I couldn't find out what (and why).
2) I am sending emails after a certain action. Which again runs perfectly fine under development, but not using my test system on openshift. If I remember correctly it was a 415 error, I have to repeat the test at home to look it up.
I can't give more information right now as I'm not yet home, but I don't think that much code is needed as it all works fine testing it locally.
I post this question rather for a quick answer like "uuh yeah, for openshift applications you need to configure it first for doing those things: here and there, make this and that and read here" which I oversaw.
I hope someone can give me some hints, I don't get why it all works locally but not on a test system.

Quick Answer:
Make sure your file uploads are being sent to your $OPENSHIFT_DATA_DIR and for email check out this post https://www.openshift.com/forums/openshift/send-mail-through-openshift-using-gmail or use something like SendGrid which is free in the OpenShift Marketplace.
If those don't help, posting some application logs will be really helpful

Related

How to log client side errors to a centralised file or dashboard (in React)

I want log all the client side errors in a centralised logging file .Can anyone tell me how to do this in react.(Client side error logging).I am not able to find support for this in react.Can anyone tell how to implement it by a small demo
As others have commented on, React runs in the browser and on the client side, so writing files is not possible.
However, I was searching myself for centralised logging for a frontend application and came across this post. Perhaps the question is not asked correctly, but basically I wanted to log and report crashes in the frontend to a central place or dashboard. When the app users run into issues, I at least know by seeing these errors in the dashboard. I found a few websites / services that can do this for you.
First tear is a free subscription
Rollbar
Sentry
LogRocket
Bugsnag
ClickUp
First tear is paid
Instabug
Raygun
Dynatrace
I've used this list myself to do some research and thought to share it here for anyone else who might currently be in my position. Perhaps it will help you along and you find it useful. Examples of how to implement them are in the docs. See which solution works best for you.

Serve Files From Naked Root Domain

I run Google Ads on my Google-App-Engine-hosted website (www.bigriddles.com), and they tell me I need to have an "ads.txt" file served from the root domain (i.e. http://bigriddles.com/ads.txt, as opposed to http://www.bigriddles.com/ads.txt).
My DNS is hosted on Gandi, and I created their "ALIAS" record (which I think just does CNAME flattening or something similar) to alias "bigriddles.com" to "ghs.googlehosted.com." I chose "ghs.googlehosted.com" because that's what I CNAMEd "www.bigriddles.com" to (many years back), and that CNAME has been working fine.
However, now when I visit "bigriddles.com", I get an "HTTP 301 Moved" to "www.bigriddles.com", and as far as I can tell, this response isn't coming from any code I wrote (I've looked through my code and don't see anything that would redirect this). Furthermore, there is a "Server: ghs" header in the response from "bigriddles.com", whereas if I visit "www.bigriddles.com", which works fine, the response includes the header "Server: Google Frontend". I'm not sure if there is some hint of my problem in the difference between those two Server headers.
Anyway, I'm not sure exactly what's going wrong. It could be a DNS issue. I say this because "dig www.bigriddles.com" comes back with the IP 172.217.14.115, whereas "dig bigriddles.com" comes back with "172.217.168.211", so maybe one of these really is a "ghs" server and the other is a "Google Frontend" server (I'm not sure the difference) and this "ALIAS" DNS solution just isn't going to work.
More likely though I feel like maybe there is just some settings problem with my App itself where it's not set up to allow the apex domain "bigriddles.com", and if I change that setting it will start working?
I have gone through the steps on https://cloud.google.com/appengine/docs/standard/python/mapping-custom-domains. When I view the "Custom Domains" for my project, I see "www.bigriddles.com" and "m.bigriddles.com", but I don't see the naked domain "bigriddles.com". However, when I try to add it on that page, it tells me that "bigriddles.com" is already mapped to a project, so I'm not sure what to make of that.
Any help would be appreciated, thank you!
This seems like an issue with your domain provider.
You can use this tool that might help you contact the domain provider with detailed info.
If they insist it's not an issue on their side (I strongly believe it is), then you should contact Google Cloud Platform Support so a deeper inspection can be made on your project.
If you're also using G Suites for your domain, the criminal is G Suites' Domain -> Redirect. If it is, it's a pity that Google does not let us turn off the so-called feature.
Since G Suites use as the same entry point as App Engine, you have no chance to solve this other than moving your site outside Google services or stop using G Suite.

Rejected HTTPS password being showing plain-text password in browser

We have a web app which is HTML/AngularJS on the front-end and uses MS Web API on the background. We require the use of HTTPS for security reasons. Every article I've read about using plaintext passwords and how to login basically comes down to "just use HTTPS and everything will be secure".
Recently, we were testing the app in-house and the Web API service was accidentally down when the QA person was trying to login. What happened next is what you see in the image below. The password was shown in plain text in the browser. QA, my boss, the company, God and everyone in America is "having a cow" because of this.
The message being displayed in the browser isn't something I coded, it appears that it is part of AngularJS which is trying to do me a favor by showing me a failed API call and what object it was trying to pass to the API. In which case, it makes sense (I think) that Angular has that information.
Can anyone please help me understand what happened here? And what is considered the proper way to address this? I assume I can add some JavaScript code to encrypt the password on the client side first, but that also seems like it would be super easy for a hacker to intercept on the client side. So what's the correct approach to take to keep things secure on the client?
What happened is that the user (you) and the browser (on your machine) live in the same trust boundary.
You just typed that password into the browser. The browser only hides it in the input box to prevent shoulder-surfing. The browser does not really attempt to hide something you just typed in from you.
If you open dev tools in the browser, you can see anything that is sent over the wire in the HTTP protocol. Anyone outside your trust boundary cannot see this because the HTTPS protocol encrypts anything on the wire.
its hard to tell without looking on the code, but I found the similar issue :
app.config(['$qProvider', function ($qProvider) {
$qProvider.errorOnUnhandledRejections(false);
}]);

why i couldn't see any text in "http://crawlservice.appspot.com/?key=123456&url=http://mydomain.com#!article"?

Ok, i found this link https://code.google.com/p/gwt-platform/wiki/CrawlerSupport#Using_gwtp-crawler-service that explain how you can make your GWTP app crawlable.
I got some GWTP experience, but i know nothing about AppEngine.
Google said its "crawlservice.appspot.com" can parse any Ajax page. Now I have a page "http://mydomain.com#!article" that has an artice that was pulled from Database. Say that page has the text "this is my article". Now I open this link:
crawlservice.appspot.com/?key=123456&url=http://mydomain.com#!article, then i can see all javascript but I couldn't find the text "this is my article".
Why?
Now let check with a real life example
open this link https://groups.google.com/forum/#!topic/google-web-toolkit/Syi04ArKl4k & you will see the text "If i open that url in IE"
Now you open http://crawlservice.appspot.com/?key=123456&url=https://groups.google.com/forum/#!topic/google-web-toolkit/Syi04ArKl4k you can see all javascript but there is no text "If i open that url in IE",
Why is it?
SO if i use http://crawlservice.appspot.com/?key=123456&url=mydomain#!article then Can google crawler be able to see the text in mydomain#!article?
also why the key=123456, it means everyone can use this service? do we have our own key? does google limit the number of calls to their service?
Could you explain all these things?
Extra Info:
Christopher suggested me to use this example
https://github.com/ArcBees/GWTP-Samples/tree/master/gwtp-samples/gwtp-sample-crawler-service
However, I ran into other problem. My app is a pure GWTP, it doesn't have appengine-web.xml in WEB-INF. I have no idea what is appengine or GAE mean or what is Maven.
DO i need to register AppEngine?
My Appp may have a lot of traffic. Also I am using Godaddy VPS. I don't want to register App Engine since I have to pay for Google for extra traffic.
Everything in my GWTP App is ok right now except Crawler Function.
So if I don't use Google App Engine, then how can i build Crawler Function for GWTP?
I tried to use HTMLUnit for my app, but HTMLUnit doesn't work for GWTP (See details in here Why HTMLUnit always shows the HostPage no matter what url I type in (Crawlable GWT APP)? )
I believe you are not allowed to crawl Google Groups. Probably they are actively trying to prevent this, so you do not see the expected content.
There's a couple points I wish to elaborate on:
The Google Code documentation is no longer maintained. You should look on Github instead: https://github.com/ArcBees/GWTP/wiki/Crawler-Support
You shouldn't use http://crawlservice.appspot.com. This isn't a Google service, it's out of date and we may decide to delete it down the road. This only serves as a public example. You should create your own application on App Engine (https://appengine.google.com/)
There is a sample here (https://github.com/ArcBees/GWTP-Samples/tree/master/gwtp-samples/gwtp-sample-crawler-service) using GWTP's Crawler Service. You can basically copy-paste it. Just make sure you update the <application> tag in appengine-web.xml to the name of your application and use your own service key in CrawlerModule.
Finally, if your client uses GWTP and you followed the documentation, it will work. If you want to try it manually, you must encode the Query Parameters.
For example http://crawlservice.appspot.com/?key=123456&url=http://www.arcbees.com#!service will not work because the hash (everything including and after #) is not sent to the server.
On the other hand http://crawlservice.appspot.com/?key=123456&url=http%3A%2F%2Fwww.arcbees.com%2F%23!service will work.

Problems using Twitter4j on GAE throws 401 just after deploy

Well, I'm having a weird error here:
I'm developing one GAE app to read some Twitter Data, and after read a lot of docs, I have it working on my test server (Running on my pc) but after deploy and test on the real (my appspot domain) it shows this message:
401:Authentication credentials (https://dev.twitter.com/pages/auth) were missing or >incorrect. Ensure that you have set valid consumer key/secret, access token/secret, and the >system clock is in sync.
message - Could not authenticate you
code - 32
I've tried to recreate my OAuthAppToken and OAuthAppTokenSecret keys, even changing the permissions to "Write, Read and Direct Messages" and even assingning one Callback URL but nothing seems to work...
I've tried using twitter4j.properties OR using setOAuthConsumer(TW_CONSUMER_KEY, TW_CONSUMER_SECRET) OR a ConfigurationBuilder whith the correct constants and I'm experimenting the same Issue.
I'm working with AppEngine 1.8.3 and Twitter4j 3.0.4
Iv'e been writing on log and the Twitter object seems to be well created... I dont understand why is working on my PC but not on the real app.
On some other post someone says that could be because it needs to use Sync clock.. but he doesn't explains where to change that property...
Did someone had a clue?
Ok, the problem was me (and Twitter.... well..... I really think it was Twitter problem for being so dark on his api messages)...
On testing server I was looking for an existing account and on the cloud I was looking for an inexistent one. So, It was my mistake. But seriously, what about Twitter saying: "Access Forbidden"? That doesn't have any sense...

Resources