i'm trying use google drive API quickstart project inside electron. here's my sample project:
electron quickstart with google api
how it should works:
when click authorize button, it'll redirected to authUrl then we can copy the authorization key, insert the authorization key page to input with id 'key'
when i run from electron,its return following error:
D:\koding\electron-example\gdrive\node_modules\gaxios\build\src\gaxios.js:68 Refused to connect to 'https://oauth2.googleapis.com/token' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
how to resolve this?
answered from this post refused-to-load-the-script-because-it-violates-the-following-content-security
we need to specify which kind of address that will allowed by content security
Related
When making a http request to "https://example.com/api" - the console throws an error
Refused to connect to...because it violates the following Content Security Policy directive: "connect-src http://localhost:*...
How can I resolve this error?
To make 3rd party API requests in your UI extension you mus specify the endpoints to be allowlisted in your "content_security_policy": { "connect-src": [] }
You can use the Stripe CLI to grant the URL permission:
stripe apps grant url "https://*.api.example.com/path/" "Send data to example service..."
For full reference, see the Stripe Apps docs.
I have configured a token and following are the settings at the Verizon Premium token config for the token generation.
My CDN is pointing to static files on storage account. But apart from home page rest all pages are giving 403 error. I have '/' on the ec_url_allow. I am unable to solve this problem any idea?
enter image description here
• You are getting this 403 error for all the other pages other than the home page because though ‘/’ is allowed in the ‘ec_url_allow’ section in the token configuration section, you will have to define the correct paths in the rule’s engine, enable the token authentication feature and enable the additional token authentication related capabilities.
For the above purpose, you will have to create a rule set to define the asset or path for which you want to apply token authentication with the condition ‘if the URL Path Directory Matches value equals to <directory path>, then the token authentication will take place and be enabled’. To do the same as discussed above, kindly follow the below documentation: -
https://learn.microsoft.com/en-us/azure/cdn/cdn-token-auth#setting-up-token-authentication
As a result, the ‘custom name’ option defined in the ‘Name’ option only contains valid URL characters that defines the name of the query string parameter where Token-Based Authentication will expect a token value. Hence, as per in the example below, the custom name should be specified post enabling the token authentication parameter: -
http://cdn.mydomain.com/secure/asset.html?mycustomname=Token
Thus, you should enable the rule and configure it accordingly to allow the custom path name in it to be able to access the files inherent in that path and avoid the ‘403’ error.
Update : - Kindly check the below snapshots for the modifications in the 'token auth' section of the verizon premium endpoint management: -
Also, do ensure that the custom 'test' blob created for your static website hosted in the storage account is configured for the access level 'Blob (anonymous read access for blobs only)' such that when you are trying to access the content within the 'test' blob, you are able to access it and not interrupted by the blob's access level policy even when the rules engines settings are correct.
The URL that I am forming to access content within the '$web' blob is as follows: -
'https://storageaccountname.blob.core.windows.net/test/ADFS role post-install configuration certificate install.jpg?Tokengenerated'
Please find the below formed rules policy in the rules engine as in below snapshot: -
Thus, configuring a policy as a rule in the rule builder based on the parameters defined in the token auth is necessary for accessing the different pages of the storage account successfully.
Please do make sure that you are not giving the default '$web' path in the rules engine policy because it won't work, thus you will have to create some other custom blob container and give its path in the rules engine as given by me.
When I add new server to a nestjs DocumentBuilder .addServer('http://localhost:7071') it thows a permission error when I try to execute routes at generated swagger page.
At the browser console it thows this error:
Refused to connect to 'http://localhost:7071/api/session/signin' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
Refused to connect to 'http://localhost:7071/api/session/signin' because it violates the document's Content Security Policy.
I already enable cors at the nestjs app with no luck!
app.enableCors();
Maybe I'm missing some security policy at the DocumentBuilder? Something like .addSecurity()? If it is the case How can I add this security policy?
This error is caused by wrong CORS config. To fix it:
Update swagger by adding :
.addServer('http://localhost:3000')
Add origin in CORS config (the address you're using) :
app.enableCors({origin: 'http://localhost:3000'});
I am trying to develop an integration with quickbooks, I have downloaded the node.js sample code, and have tried to run the oauth2example app,
I have filled my public and private key, and set my call back uri to local host:3000 in quickbooks dev,
when I run the app it gives me the option to connect to quickbooks, and even login, but then i get the following error
Uh oh, there’s a connection problem.
The redirect_uri query parameter value is invalid. Make sure it is listed in the Redirect URIs section on your app's keys tab and matches it exactly. Click here to learn more about the redirect_uri query parameter.
You are required to match the 'Redirect_uri' in your Intuit account with the uri that you are performing the request from.
For example if you are requesting from page localhost:2000/sign_in. Go to your Intuit account > Dashboard > Your project NAME > Keys & oauth > Redirect URIs > paste in localhost:2000/sign_in
I am new to openAM. I am trying to use openAM (954) to secure my web service using J2EE agent 3.0. I have deployed my webservice (using CXF) on Glass fish 3.1.x.
I have created necessary configuration given in URL http://docs.oracle.com/cd/E19575-01/820-4803/ghuqg/index.html
I want to authenticate using user id and password. I am passing this information (userid/password) using SOAP header. But when I try to access my web service in browser it gives access forbidden message.
Are there any additional configurations required? Please let me know, I am not able to find any other information on this anywhere.
Following is the request we are sending. I am not sure about UsernameToken wsu:Id whether it is correct? How do we get this value from OpenAM dynamically at each time when we send the request.
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="HTTPdocs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-27777511" xmlns:wsu="HTTPdocs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>amadmin</wsse:Username>
<wsse:Password Type="HTTPdocs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">Amit4001</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
<demo:greetPerson>
<!--Optional:-->
<arg0>Ashish</arg0>
</demo:greetPerson>
Please help me solve this issue.
I want to authenticate using user id and password. I am passing this information (userid/password) using SOAP header. But when I try to access my web service in browser it gives access forbidden message.
I'm currently struggling to learn OpenAM as well and I think your specific problem is that you have not yet set up a policy (not a policy agent) after users have successfully authenticated.
If you haven't try the following steps:
Navigate to Access Control -> YourRealm -> Policies -> New Policy
Name: yourpolicyname
Rules (click new):
Name: URLPolicy
Resource Name: http:// your-webservice-url/*
Check allow get and post
Name: GetUrlPolicy
Resource Name: http:// your-webservice-url /* ? *
Check allow get and post
Subjects (click new)
Type = OpenAM Identity Subject
Name: UserAccess
Add users you want to be able to authenticate
You have to add in the * ? * if you have any GET parameters in your web page.
Hope that helps, I know the documentation around is terrible.
For your agent policy, in the Global tab: General section > Agent Filter Mode, remove ALL and add SSO_ONLY (leave Map Key blank and Map Value as SSO_ONLY). Note that this configuration isn't hot-swappable, so OpenAM has to be restarted to apply.
Here is a procedure for installing the agent on the server you want to protect:
http://openam.forgerock.org/openam-documentation/openam-doc-source/doc/jee-install-guide/index/chap-glassfish.html
Here is a good procedure for configuring the agent policy centrally on the OpenAM server:
http://openam.forgerock.org/openam-documentation/openam-doc-source/doc/admin-guide/index/chap-agents.html#create-agent-profiles
You might want to also control which URIs (webapps) to protect instead of the entire website. To do that, in the agent policy:
Application tab: Not Enforced URI Processing section > add the URI to protect, for example: /application1/*
Application tab: Not Enforced URI Processing section > check the "Invert Not Enforced URIs" checkbox so that it will actually enforce the "Not Enforced URI" values