We have a single-page-application that is running on Node. I need to make sure that the web app is up and running. However, when I do curl or get request with urllib, I get the html content that is always displayed, even when there is an error with app compiling.
This is what is currently being returned by a get:
Request Data: b'<!DOCTYPE html>\n<html style="background-color: #fbfbfb; height: 100%">\n <head>\n <meta name="viewport" content="width=device-width, initial-scale=1" charset="UTF-8" />\n <link rel="shortcut icon" href="./favicon.ico">\n <title>example</title>\n </head>\n <body style="min-height: 100%; margin:0">\n <div id="app"></div>\n <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:300,400,500">\n <link href="https://fonts.googleapis.com/css?family=Poppins" rel="stylesheet"> \n <link rel="stylesheet" href="https://fonts.googleapis.com/icon?family=Material+Icons">\n <!-- Dependencies -->\n <!-- <script src="../node_modules/react/umd/react.development.js"></script>\n <script src="../node_modules/react-dom/umd/react-dom.development.js"></script> -->\n \n\n <!-- Main -->\n <script src ="/bundle.js"></script>\n <script src="/vendors.bundle.js"></script>\n <script src="/main.bundle.js"></script>\n </body>\n</html>'
The section that is: <div id="app"></div>\n has more content.
This is the content if I look at Elements in Chrome Web Tools:
<div><div class="Section__container___3YYTG"><div><div><h2 class="MuiTypography-root MuiTypography-h2">Something went wrong</h2><h6 class="MuiTypography-root MuiTypography-h6">Loading chunk vendors~overview~siteColors~studyDetails failed.
(error: https://dev.example.com /vendors~overview~siteColors~studyDetails.bundle.js)</h6></div></div></div></div>
Is there a way to get urllib get request to return the expanded data content of
Related
I am developing a codeigniter4 web-application. I use apache as my web server. When I enable CSP in app/Config/App.php using
public $CSPEnabled = true; , I get the image in my web page blocked. How would I unblock images from same origin and disable others by customizing CSP behaviour?.
The head tag of my code is:
<head>
<meta charset="UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link rel="apple-touch-icon" sizes="76x76" href="../assets/img/apple-icon.png" />
<link rel="icon" type="image/png" href="../assets/img/favicon.png" />
<title><?=$title?></title>
<!-- Fonts and icons -->
<link href="https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700" rel="stylesheet" />
<!-- Font Awesome Icons -->
<script src="https://kit.fontawesome.com/42d5adcbca.js" crossorigin="anonymous"></script>
<!-- Nucleo Icons -->
<link href="../assets/css/nucleo-icons.css" rel="stylesheet" />
<link href="../assets/css/nucleo-svg.css" rel="stylesheet" />
<script src="https://cdn.tailwindcss.com"></script>
<!-- Main Styling -->
<link href="../assets/css/soft-ui-dashboard-tailwind.css?v=1.0.4" rel="stylesheet" />
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/jquery.validate.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/additional-methods.min.js"></script>
<style>
.errors {font-size:small;color:red;}
.error {font-size:small;color:red;}
.alert {font-size:small;color:red;}
</style>
</head>
The portion of the page that contains the image which gets blocked after enabling csp is:
<div class="w-full max-w-full px-3 lg:flex-0 shrink-0 md:w-6/12">
<div class="absolute top-0 hidden w-3/5 h-full -mr-32 overflow-hidden -skew-x-10 -right-40 rounded-bl-xl md:block">
<div class="absolute inset-x-0 top-0 z-0 h-full -ml-16 bg-cover skew-x-10" style="background-image: url('../assets/img/curved-images/curved6.jpg')"></div>
</div>
</div>
</div>
My ContentSecurityPolicy.php file has the following settings:
public $reportOnly = true;
public $styleSrc = ['self','https://fonts.googleapis.com/css','https://cdn.tailwindcss.com'];
public $imageSrc = ['self', 'https://cdn.tailwindcss.com'];
Some of the stylings also doesnt work after enabling CSP.
You will have to whitelist the domain from which you load the image in your website at, app\Config\ContentSecurityPolicy.php.
The line to be modified is, public $imageSrc = 'self';
self - You can load images from the same domain as your website.
Example:
public $imageSrc = ['self', 'data: w3.org/svg/2000', 'https://www.google.com'];
With this you can load images from your same domain, google.com and inline SVG images which is usually used in Twitter bootstrap.
Enviroment:
Java 11
Jboss 7.2
Primefaces 8
JSF 2.3
I am trying to update a combobox with an ajax render event and the web does not update the combobox and I get this error.
How could I solve this?
ERROR js console
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'nonce-ZGRkM2ZjYTAtNzE3MC00MmU4LWE4YmMtOWNmYjUyNjYyMTNh'". Either the 'unsafe-inline' keyword, a hash ('sha256-PoJBY0XvVwb+v60hF7CQr9zfBAfr3HAsK3P9TEKUqGs='), or a nonce ('nonce-...') is required to enable inline execution.
runScript # jsf.js.xhtml?ln=javax.faces:1
runScripts # jsf.js.xhtml?ln=javax.faces:1
doUpdate # jsf.js.xhtml?ln=javax.faces:1
response # jsf.js.xhtml?ln=javax.faces:1
onComplete # jsf.js.xhtml?ln=javax.faces:1
AjaxEngine.req.xmlReq.onreadystatechange # jsf.js.xhtml?ln=javax.faces:1
web.xml
...
<!--Primefaces Content Security Policy-->
<context-param>
<param-name>primefaces.CSP</param-name>
<param-value>true</param-value>
</context-param>
...
face.xhtml
...
<p:selectOneMenu id="cbxOrganisme" value="#{userBean.selected.organism}"
valueChangeListener="#{userBean.onChangeOrganism}"
converter="vTableConverter" filter="true"
rendered="true" required="true" style="width: 90%;">
<f:ajax event="change" execute="#this" listener="#{userBean.onChangeOrganism}" render="cbxCenter"/>
<f:selectItem itemLabel="#{messages['seleccionar']}" itemValue="" noSelectionOption="true"/>
<f:selectItems value="#{userBean.organisms}" var="organism"
itemLabel="#{sessionBean.localeCode eq 'ca'? organism.nomCA:organism.nomES}"
itemValue="#{organism}"/>
</p:selectOneMenu>
...
web.html
<html><head id="j_idt2">
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE9">
<meta http-equiv="Content-Type" content="text/xhtml; charset=UTF-8">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Pragma" content="no-cache">
<title>Govern de les Illes Balears - APP
</title><link type="text/css" rel="stylesheet" href="/APP2/javax.faces.resource/theme.css.xhtml?ln=primefaces-bootstrap">
<link type="text/css" rel="stylesheet" href="/APP2/javax.faces.resource/fa/font-awesome.css.xhtml?ln=primefaces&v=8.0">
<link type="text/css" rel="stylesheet" href="/APP2/javax.faces.resource/govern-ie.css.xhtml?ln=css">
<link type="text/css" rel="stylesheet" href="/APP2/javax.faces.resource/buttons.css.xhtml?ln=css">
<link type="text/css" rel="stylesheet" href="/APP2/javax.faces.resource/components.css.xhtml?ln=primefaces&v=8.0">
<script type="text/javascript" src="/APP2/javax.faces.resource/jquery/jquery.js.xhtml?ln=primefaces&v=8.0" nonce="">
</script><script type="text/javascript" src="/APP2/javax.faces.resource/jquery/jquery-plugins.js.xhtml?ln=primefaces&v=8.0" nonce="">
</script><script type="text/javascript" src="/APP2/javax.faces.resource/core.js.xhtml?ln=primefaces&v=8.0" nonce=""></script>
<script type="text/javascript" src="/APP2/javax.faces.resource/components.js.xhtml?ln=primefaces&v=8.0" nonce=""></script>
<script type="text/javascript" src="/APP2/javax.faces.resource/idlemonitor/idlemonitor.js.xhtml?ln=primefaces&v=8.0" nonce=""></script>
<script type="text/javascript" src="/APP2/javax.faces.resource/touch/touchswipe.js.xhtml?ln=primefaces&v=8.0" nonce=""></script>
<link type="text/css" rel="stylesheet" href="/APP2/javax.faces.resource/fileupload/fileupload.css.xhtml?ln=primefaces&v=8.0">
<script type="text/javascript" src="/APP2/javax.faces.resource/fileupload/fileupload.js.xhtml?ln=primefaces&v=8.0" nonce=""></script>
<script type="text/javascript" src="/APP2/javax.faces.resource/jsf.js.xhtml?ln=javax.faces" nonce=""></script>
<script type="text/javascript" nonce="">if(window.PrimeFaces){PrimeFaces.settings.locale='ca';}</script><script type="text/javascript" nonce="">$(function(){PrimeFaces.csp.init('ZTFhYjQ3MDItYzM5Yy00MGU5LWE2NDEtZDFjMTExNDEzMWU4');;});</script>
<script async="async" src="https://www.googletagmanager.com/gtag/js?id=UA-133688930-1" nonce=""></script>
<script nonce="">
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', 'UA-133688930-1');
function redirectPrincipal() {
let context = "APP/";
let mainPage = "principal.xhtml";
let url = window.location.href;
if (url.endsWith(context)) {
window.location.replace(url + "principal.xhtml");
}
}
redirectPrincipal();
</script>
<link rel="SHORTCUT ICON" href="http://www.name.es/webname/favicon.ico"><script type="text/javascript" src="/APP2/javax.faces.resource/calendar-localization.js.xhtml?ln=js" nonce=""></script>
<script type="text/javascript" src="/APP2/javax.faces.resource/functions.js.xhtml?ln=js" nonce=""></script>
<meta name="description" content="APP. VersiĆ³: 8.0.0-">
<meta name="author" content="Govern de les Illes Balears"></head>
<body>
...
</body>
</html>
Content Security Policy known limitations
Currently CSP in combination with <f:ajax> cannot be used with all Faces implementations / versions.
MyFaces supports it since 2.3-next (which will be 4.0 in the future), Mojarra doesn't support it in general: https://github.com/eclipse-ee4j/mojarra/issues/4542
As workaround, you can always use <p:ajax> instead.
I am using Flex-ratio property, but this property is not working. I am sharing my code.
According to this link, this property is working fine on Polymer 1.0.
<!DOCTYPE html>
<html lang="en">
<head>
<script src="bower_components/webcomponentsjs/webcomponents-lite.min.js"></script>
<link rel="import" href="bower_components/paper-button/paper-button.html">
<link rel="import" href="bower_components/paper-input/paper-input.html">
<link rel="import" href="bower_components/paper-car/paper-card.html">
<link rel="import" href="bower_components/polymer/polymer.html">
<link rel="import" href="bower_components/iron-icon/iron-icon.html">
<link rel="import" href="bower_components/iron-icons/iron-icons.html">
<link rel="import" href="bower_components/iron-flex-layout/iron-flex-layout-classes.html">
<link rel="import" href="bower_components/iron-flex-layout/iron-flex-layout.html">
<style is="custom-style" include="iron-flex"></style>
</head>
<body>
<div class="horizontal layout">
<div class="flex-2"><p>flex three</p></div>
<div class="flex-1"><p>flex</p></div>
<div class="flex-2"><p>flex two</p></div>
</div>
</body>
</html>
I made this mistake myself.... need to import iron-flex-factors in <style include="iron-flex iron-flex-factors iron-flex-alignment">
hi I am trying to get an instagram feed onto my website showing my user photos. I have put the javascript at the top of my page as follows:
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>tomsaxby.com</title>
<!-- CSS ------------------------------------------------------------------------------------------- -->
<!-- Bootstrap --><!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="http://netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css">
<!-- EDITS -->
<link rel="stylesheet" href="css/style.css">
<!-- Fonts -->
<link rel="stylesheet" href="fonts/neuzeit/MyFontsWebfontsKit.css" type="text/css" />
<!-- CSS ------------------------------------------------------------------------------------------- -->
<script type="text/javascript" src="path/to/instafeed.min.js"></script>
<script type="text/javascript">
var feed = new Instafeed({
get: 'user',
userId: 904401907,
accessToken: '904401907.1677ed0.27d4a579f194430cbe77c28af165aae1'
});
userFeed.run();
</script>
</head>
I have then put a div with he id of "instafeed" into the body of my page. but nothing displays either locally or when i upload my files? Does anyone know why this is?
The most likely cause of your problem, is that instafeed.js is trying to run before your page has been completely loaded.
To resolve this, make sure you have put <div id="instafeed"></div> on your page, and that you are loading instafeed.js after the page has been completely loaded:
$(document).ready(function() {
var feed = new Instafeed({
get: 'tagged',
tagName: 'awesome',
clientId: clientId
});
feed.run();
});
One other thing...something the instafeed page does NOT seem to mention...is to add a "limit"...this tells instagram how many images to drop in.. otherwise i suppose the default is zero...
I made mine: limit: '4'
would be a pretty helpful piece of info to put into the instructions!
see below:
<script type="text/javascript">
var feed = new Instafeed({
get: 'tagged',
tagName: 'cool',
clientId: '916c01b8624d43c7b4b76369aruc86a0',
limit: '4'
});
feed.run(); </script>
Your instafeed.js file is not properly being called up.
You have put this:
<script type="text/javascript" src="path/to/instafeed.min.js"></script>
The path/to/ before the instafeed.min.js needs to actually be a working path with your website info.
i'm trying to make a simple header (HTML) with some text ( one word ). I would like the text to follow the center of the page, i mean that when i shrink the page width with the mouse i want the text change its position to the new center of the page.
Please help, thanks
Below is the sample code. The important thing is the CSS "text-align". Does this help?
<!DOCTYPE html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title></title>
<meta name="description" content="">
<meta name="viewport" content="width=device-width">
</head>
<body>
<style type="text/css">
p.centerPara{text-align: center}
</style>
<p class="centerPara">Hello world!</p>
</body>
</html>
Try this sample code. It might be a little simpler. :)
<!DOCTYPE HTML>
<html>
<head>
<title>Title goes here</title>
<style type="text/css">
#banner{
width:100%
/*Additional banner code */
}
#banner h1{
text-align:center;
}
</style>
</head>
<body>
<div id="banner">
<h1>OneWord</h1>
</div>
</body>
</html>
Basically, the same thing. Text-align:center is the most important thing.