I'm trying to use Charles to map requests for my server to localhost on my Mac.
The server is on HTTPS and the local is HTTP.
I'm trying that from the Chrome browser, iOS simulator and Postman.
it always fails.
I set map remote in charles from my-server.com/* to http://localhost:PORT.
If I try https://my-server.com/, charles maps the request but I get error in CONNECT request.
If I try http://my-server.com, the request succeeds.
EDIT:
There is an answer that suggests rewrite instead of map remote. it is good and working, but it feels to me as a workaround. I would like to use map remote as usual. I guess it require both Charles setup and machine setup
You should try using the Rewrite function like this:
As #kubano suggested, I'm using REWRITE tool with URL rewrite.
In order to map all subpaths, I'm using regex group to replace the hostname but re-attach all that comes after '.com'.
When wrapping something with () it is referred as 'group' and you can use it with $1 $2 ... and so on. in this case, what ever comes after '.com' is referred as $1 in the replace section
I suggest using Map Remote from Proxyman to map between HTTP <-> HTTPS which is easier to setup.
Just create a rule, set HTTPS to HTTP, and the host. It will map from https://your-server.com to http://localhost:3000
Doc: https://docs.proxyman.io/advanced-features/map-remote
Disclaimer: I'm the creator of Proxyman and hopefully it would help you.
In case somebody comes here to search for how to map local (file) from an https location (which did not work for me out of the box):
Similar to the rewrite rule (in Charles 4 at least) it works with map remote, mapping https to an http location (e.g localhost) and then mapping that (localhost) url to a file
Related
My web hotel host (one.com) allows me to define "web-aliases" for my site. I want to use this for multi-language versions of my site. E.g. the alias fr.example.com will show a French version of https://example.com without changing the showed url. This part is quite straight forward for me...
However... I develop my site locally and use localhost for browsing and testing. I'm not familiar with Apache and all it's configurations. So I wonder if it's possible to create similar web-aliases for localhost, i.e. an alias such as fr.localhost ==> https://localhost?
You can use a service like nip.io, e.g.:
en.127.0.0.1.nip.io
fr.127.0.0.1.nip.io
both will point to your localhost.
On most systems, the whole segment 127.0.0.0/8 is mapped to localhost, so you can use things like:
http://127.0.0.1
http://127.0.0.2
http://127.0.0.3
as well. But you will need to explicitly listen on these IPs, though.
I'm trying to setup Traefik to replace my Nginx reverse proxy setup.
I have my domain setup like this:
- I can access different services using http://example.com and detecting which service I should proxy to, by using subpath.
I tried to recreate same setup with Traefik. First by using ReplacePathRegex and then StripPrefix. My api requests work fine, but when I try to use Portainer, requests made from web browser omit /portainer part which causes web ui to break.
For example:
I make request to http://example.com/portainer.
I get response and then consecutive requests should be made like this: http://example.com/portainer/vendor1.css
and instead it makes request like this:
http://example.com/vendor1.css
Is there any way to setup Traefik behavior to exactly match Nginx proxy_pass?
I found this post that gives me a partial solution: Is there an equivalent to ReverseProxyPass for Apache in Traefik?. Portainer seems to be working when I make request to http://example.com/portainer/ by adding "/" to the end.
I tried to fix it with forceSlash, but it did not make any change
Is it possible to make it work with or without trailing "/"?
This is how requests look like in /portainer and /portainer/:
This is my current Traefik configuration (I'm only using Docker):
Stripprefix middleware is for removing prefixes from the path before forwarding the request. According to your configuration, everything after /portainer and /portainer itself will be stripped.
In your case, it will also remove the trailing slash. If you need to forward / to the Portainer, then you need to use portainer (without slash) as to configure the prefix of stripprefix middleware.
I found a solution: https://community.containo.us/t/middleware-to-add-the-if-needed/1895
This is what I had to add to labels in my portainer container to make it work:
- traefik.http.middlewares.strip-prefix.chain.middlewares=strip-prefix-1,strip-prefix-2
- traefik.http.middlewares.strip-prefix-1.redirectregex.regex=^(https?://[^/]+/[a-z0-9_]+)$$
- traefik.http.middlewares.strip-prefix-1.redirectregex.replacement=$${1}/
- traefik.http.middlewares.strip-prefix-1.redirectregex.permanent=true
- traefik.http.middlewares.strip-prefix-2.stripprefixregex.regex=/[a-z0-9_]+
It is not ideal solution as I think there should be an easier way to achieve it, but for the time being it satisfies my needs.
I'm using authlib in my project. I have a local IDP setup using http atm.
For testing, this code is blocking me because my dev environment is http.
https://github.com/lepture/authlib/blob/master/authlib/client/oauth2.py#L155
I can carry on by commenting out the line. But, i think having a way to turn of https check is neater.
So, dose anyway know a way to turn off https check in Authlib ?
It can be solved by setting an environment:
AUTHLIB_INSECURE_TRANSPORT=true
This is not documented on client sections, it is documented on the server parts like https://docs.authlib.org/en/latest/flask/oauth2.html
I'm trying to use Liferay for http and https
if I include in portal-ext.properties:
company.security.auth.requires.https=true
web.server.protocol=https
Will be working ok with https but in http is showing incorrect themes due is trying to load https://domain.com/theme
If I remove this two lines is working ok for http but not for https.
What can I do?
IMHO mixed mode, e.g. offering http as well as https never gives you what you expect: You expect security from https, but you always risk leaking session information, e.g. being vulnerable to session-hijacking attacks (ala Firesheep). My actual advice would be to go https only if you do https for security. Read on if that's not an option for you, but don't complain when you find information leaking (this is not dependent on Liferay, but for any web-based environment)
What is the exact problem that you have with the themes? (images/css through http?) Which version of Liferay are you using?
Before you specify more, you might want to configure your theme's "virtual path", this will rewrite all the URLs referring to your theme. It's typically used to serve static resources through a webserver or cdn, but it works with any kind of URL. Simply using a protocol-relative URL should work (I love this mostly unknown http feature):
Add this to your theme's liferay-look-and-feel.xml:
<look-and-feel>
<theme id="my" name="My Theme">
<virtual-path>//domain.com/myTheme</virtual-path>
</theme>
</look-and-feel>
note that the URL omits the protocol part, http: or https:, thus the browser will use the same protocol that the whole page is loaded with.
Edit: corrected the xml. Will investigate if there's a problem with protocol-relative URLs in themes.
Edit 2: Something is weird. It seems, virtual-path does not work like this, but I recall it did earlier. Do you add domain.com as cdn.host.http or cdn.host.https? (this would be concatenated)
On related stuff, please check if you're running Apache in front of your appserver. In this case you might forward some traffic for the portal (e.g. in the virtual host for http) but not forward the traffic in the https virtual host.
It basically sends everything you throw at it to your localhost. Is it possible to do this with apache server and .htaccess? Its also what I used as a callback url when I was developing using twitter's API. So I'm curious. http://smackaho.st
Thanks
There is no HTTP server involved here at all. The DNS A record for smackaho.st is 127.0.0.1, which refers to your own machine.
Using that name as a "callback url" probably won't work at all, since when Twitter tries to contact smackaho.st, they'll get 127.0.0.1, which refers to their own machine (not yours).