Cannot load Apollo Server on safari. It returns an error that reads.
Safari does not support network requests from Studio on HTTPS to your local HTTP endpoint, so we cannot introspect your endpoint.
There are a couple solutions:
Visit this page from a browser that supports HTTPS requests to local HTTP endpoints, like Chrome or Firefox.
Set up an SSL certificate for your local endpoint.
Decided to try the second solution by spinning up ngrok. Which also returns a [Error] Fetch API cannot load https://7676-576-98-1-248.ngrok.io/ due to access control checks.
I am passing the Access-Control-Allow-Origin and Access-Control-Allow-Credentials Headers.
Any guess on what can be done?
Related
I have a working node.js express based server (and client) application here that shows RPC over http+websockets. This works perfectly when run locally (using devcontainers) and includes the Dockerfile as well as devcontainer.json. However, when run from a codespace, it fails with the following client-side error messages.
client.js:9 Mixed Content:
The page at 'https://aniongithub-jsonrpc-bidirectional-example-<redacted>-8080.preview.app.github.dev/'
was loaded over HTTPS, but attempted to connect to the insecure WebSocket endpoint
'ws://aniongithub-jsonrpc-bidirectional-example-<redacted>-8080.preview.app.github.dev/api'.
This request has been blocked; this endpoint must be available over WSS.
(anonymous) # client.js:9
client.js:9 Uncaught DOMException: Failed to construct 'WebSocket':
An insecure WebSocket connection may not be initiated from a page loaded over HTTPS
at 'https://aniongithub-jsonrpc-bidirectional-example-<redacted>-8080.preview.app.github.dev/client.js:9:10'
The documentation here states that By default, GitHub Codespaces forwards ports using HTTP but you can update any port to use HTTPS, as needed. When I check the settings indicated:
it's set to http. What am I missing here? How can I get it to serve my express application over http?
Note: My intention is that when locally cloned and opened in a devcontainer, the code works just as it would if opened in a CodeSpace. This means I need to ensure that the certs generated by CodeSpaces are somehow factored into my local devcontainer process or that I forego authentication altogether. Alternatively, I need to find out if I'm running on CodeSpaces and do different things, which seems messy and shouldn't be the case. Hope this makes my intentions for asking this question clearer!
It turns out that I just couldn't use http for the RPC endpoint when running over https, so the solution was to use location.protocol and ws/wss depending on the current protocol to initialize the client RPC endpoint.
For example I have a node server which uses the built-in module "http" (which is http1.1 version I assume). So will it be able to serve any XHR request from browser with http2 protocol?
Yes. Browsers negotiate HTTP/2 as part of the HTTPS setup (since browsers only support HTTP/2 over HTTPS). If HTTP/2 is not supported by both sides it will just use HTTP/1.1
Thanks one of the great things about HTTP/2 and why it’s made such headway - the ability to (almost!) seamlessly roll it out to the web without breaking existing sites/servers/browsers.
I'm a requesting a url with fetch in my node app and the response status is 464 (without responseText and without any error message). But I could't find any info about that.
Also if I request the same url with my browser (Chrome) then it works fine (no need to send any cookies or auth, it works in incognito window too)
What could be causing this?
EDIT: seems to be a problem with AWS Load Balancer, my problem is exactly this:
https://forums.aws.amazon.com/message.jspa?messageID=964799
But there's no solution in that post, so maybe could be helpful to put it here if someone knows the problem (I'm suspecting is related with HTTP 2.0 but not sure, could it be?)
Response Header in Node is:
Server=awselb/2.0
Content-Length=0
HttpCode=464
But in Chrome:
server: nginx/1.18.0
I had this issue just today. My target group was configured for HTTP/2, but, the backend service was not prepared for that traffic. So, when I rebuilt the target group using HTTP/1.1, traffic began to function as expected.
When creating a target group, the options presented to me for HTTP protocol options were (as shown in the AWS Console):
HTTP/1.1
Send requests to targets using HTTP/1.1. Supported when the request
protocol is HTTP/1.1 or HTTP/2.
HTTP/2
Send requests to targets using HTTP/2. Supported when the request
protocol is HTTP/2 or gRPC, but gRPC-specific features are not
available.
We are working on an express/react application which is using websockets through https to fetch the data and display it on the front end. The app is working as designed on every browser except Firefox. It turns out that Firefox resolves the Request URL to "https://example.url" instead of sending "wss://example.url", which is the default behavior that works on every other broser. This in turn causes problems on the server during load balancing, and the server simply returns a 404 http error code.
I have already tried editing the about:config page in firefox regarding websockets and urlbars, to no avail. (although that would not count as a solution, since we cannot force our clients to do the same)
Is there a way to disable said behavior on Firefox or force it to use wss?
We are using ws node.js websocket library on both server and client.
I've developed an application using socket.io and it works correctly on the development environment. When I implemented to the testing server the client doesn't fire the onConnect function and pending. Then I find that the server does recognize the connection and fire the onConnect (as i see the logs).
I use IIS reverse-proxy to comply with our infrastructure architecture and route the request to the node.js server (that runs the socket.io) public https to private http.
I suspect this may be the problem. I also found that safari and firefox can connect to the socket but not with chrome and I notice there is this header when I inspect the request
Referrer Policy:no-referrer-when-downgrade