I'm testing a Google App Engine app on my Windows machine, running locally on localhost:8084. Fiddler2 shows all my activity when I navigate around my app, but when requesting an external url with urlfetch.fetch() it doesn't show up in Fiddler at all, even when using an http, not an https address, and with a successful status code 200 in the response.
What do I need to do to get the urlfetch.fetch() request from Google App Engine to show up in Fiddler2?
My understanding is that Fiddler2 runs as an HTTP proxy; browser requests go through this proxy instead of directly to the internet resource. This allows Fiddler2 to capture information about the request and the response.
According to the Fiddler2 docs, "You can configure any application which accepts a HTTP Proxy to run through Fiddler so you can debug its traffic". So I think you would need to change the URLFetch API call to use a proxy, supplying the Fiddler URL and port. However, the URLFetch documentation doesn't specify exactly how to do this. You might be able to use urllib2 as specified in this question.
Irussell is generally right, but I'd like to make the answer more specific.
As proxies aren’t supported within Google AppEngine production environment, it’s not directly supported by development engine either. It seems that the only way to overcome this limitation is to modify the code of AppEngine development server.
You'll have to modify the urlfetch_stub.py file, by adding the following lines:
connection = connection_class('127.0.0.1', 8888)
and
full_path = protocol + "://" + host + full_path
You may find the detailed explanation in my blog post Use Fiddler to debug urlfetch requests in Google AppEngine
Related
I deployed Java 11 app on Google Cloud App Engine, and app is running fine, I can see the home page in the browser, but when the app tries to call Microsoft Graph API (the HTTP call is executed by using Microsoft Graph SDK), I am getting runtime failure.
The failure relates to Google debugger, but I didn't even enable debugger. I found information that debugger is enabled by default when Google builds the container image. I have two options - either to figure out why I am getting 401 error for the debugger, and configure debugger properly, or disable debugger completely.
I tried to find information how to disable Google debugger for container image generation, but didn't find anything helpful. I also tried to find information how to configure debugger properly for app engine, and also was not able to find complete working instructions. Does someone know what I need to configure on App Engine to bypass this error:
java.io.IOException: Server returned HTTP response code: 401 for URL: https://clouddebugger.googleapis.com/v2/controller/debuggees/register
at com.google.devtools.cdbg.debuglets.java.GcpHubClient.registerDebuggee
Assuming your Java app is in an App Engine Standard environment and using the bundled services, then you are still using appengine-web.xml file for app configuration. As stated in GAE standard Issuing HTTP(S) Request documentation:
URL Fetch will handle all outbound requests and cause requests that you send to your VPC network or the client libraries to fail. If any of these scenarios apply to you, make sure that the url-stream-handler field in your configuration is not set to urlfetch.
This scenario includes Google Cloud Debugger Client for Java hence the HTTP error. As a workaround, you can omit the following line in the appengine-web.xml file:
<url-stream-handler>urlfetch</url-stream-handler>
The setup:
Service A (frontend): GAE serving static site, all calls made from A are happening on client side.
Service B (api): GAE instance hosting REST API.
Without Identity Aware Proxy, I am able to make requests from the clientside of the frontend to the api on a different hostname by setting CORS to allow calls from the service A hostname.
I would like to be able to do the same thing while both services are behind Identity Aware Proxy.
Following the instructions in IAP docs I have:
Set my app to respond the OPTIONS requests
Changed the setting access_settings.cors_settings.allow_http_options to true using gcloud CLI.
Here is the error I'm facing:
Access to XMLHttpRequest at 'https://api-dot-my-app-dev.appspot.com/api/123' from origin 'https://frontend-dot-my-app-dev.appspot.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
When I make the same requests from localhost to localhost or from service A (client side) to localhost api the requests succeed.
This leads me to believe that the issue is related to Identity Aware Proxy. My only guess is that it's related to the preflight request, which I don't see anything about in the network requests in the browser console.
I would really like to be able to keep both apps behind IAP with their own hostnames while still communicating. Unfortunately, I have about exhausted ideas for how to do this.
In the meantime I have it working using alternative #2 below for now.
Alternatives:
Have the API serve the static site so they are on the same hostname
Use dispatch.yaml to serve both sites from the same hostname
Any ideas if this is possible or what might be going wrong?
Edit: Here is a repo to demonstrate my problem.
Edit 2: According to this article, this functionality used to work and Google said it would be a good idea to support it but offered not timeline.
Not sure if that can be applied on your use case but I have seen this kind of issue being resolved by allowing CORS preflight request to be passed through IAP by changing the access_settings.cors_settings.allow_http_options to true.
I have an API made with NodeJS (NodeJS v10 + Express v4.16 + Node-Fetch v2.3) and into this API, I have one endpoint that need to consume content from a third-party API/Service via HTTP Request (POST)
The problem is: This third-party API only accepts requests coming from Brazil
In the past, my API was hosted on Digital Ocean, but with this rule I have migrated to GCP (since DO doesn't have hosts in Brazil) and created my App Engine Application under region southamerica-east1 (Sao Paulo/Brazil according with this document)
And yeah... It works on my machine ¯|_(ツ)_/¯
What's happening: Sometimes the requests runs Ok, working fine, but after some version updates (I'm using CI/CD to make de deployment) the requests goes down.
The Question: Exist a way to control my application to only use the hosted region to make the outgoing requests??
PS* I'm not using flex env, purposely to prevent auto-scale (and cost elevation). (I don't know if I'm right about it because I'm new on GCP)
The IPs of Google Cloud Platform share the same geolocation (US) so I would say that it's expected for the requests to fail. You can have a look at this and this questions for more info and potential workarounds.
We have a micro service running on GCloud and to our surprise today a very important callback we expect from a vendor service receives a 302 Found response. Which is not an issue, problem is that vendor is not prepared to adjust their code to follow redirects.
Is their any solution around such cases, some configuration in GCloud we can activate. Funny we don't get 302 when we make calls from local machine and testing environments.
Figured out the issue: In our case vendor was using HTTP protocol instead of HTTPS since we have a secure:always configuration in app.yaml they where getting 302 which makes sense, since app engine was redirecting to HTTPS.
I am implementing (I am trying to implement) a 100% client side AngularJS web app which should access the google calendar API. Of course, this doesn't work because I hit the cross domain problem:
XMLHttpRequest cannot load http://... . Origin http://localhost:9000 is not allowed by Access-Control-Allow-Origin.
Is there any solution to bypass this issue, except creating a proxy? By setting some header or changing some google configuration? I don't see one ...
Great hint Philipp! The google javascript api client (see here) does the job.
But I am wondering: How does the google javascript api client bypasses the cross domain issue? Does someone know?
You need googles side to return the right headers, Access-Control-Allow-Origin, to your browser so it doesnt complain about the cross browser issue.
Make sure in the google cloud console is configured correctly to web application. Im assuming web app because the redirect though.
If its a phoneapp or not serving anything on localhost:9000 redirect endpoint there are other options. For example you could open up the oauth redirect in another window, still use localhost:9000 as the redirect. Even though you are not listening at that port you could still grab the url code or error that is set on the redirect from the parent window.
CORS is an issue that you will experience when running the app through web browsers. I suggest you download a CORS toggle extension on google chrome so you can toggle off CORS and the API will connect. Good luck!