Gmail API not a valid origin - api

I'm using Gmail API Javascript, but this is problem.
Uncaught
{error: "idpiframe_initialization_failed", details: "Not a valid origin for the client: http://localhosā€¦itelist this origin for your project's client ID."}
details
:
"Not a valid origin for the client: http://localhost has not been whitelisted for client ID 731803464357-pdq2kfb0qg5ahca5gvvht343u2qmbgdk.apps.googleusercontent.com . Please go to https://console.developers.google.com/ and whitelist this origin for your project's client ID."
error:
"idpiframe_initialization_failed"
This is my config with file: http://localhost/b.html

Did you add the Origin HTTP header before doing the HTTP request ?
const headers = new HttpHeaders().set('Origin', 'http://localhost')

Related

Setting an Authorization header after a ForwardAuth in Traefik

I'm moving from Nginx to Traefik as the reverse-proxy of a Docker Swarm.
Currently, each request coming with a Bearer Token is sent to an authentication service (microservice running in the Swarm) which sends back a JWT when auth is correct. I then need to use this JWT in the Authorization header to the request can be sent to the service it targets.
The current setup with Nginx:
auth_request /auth;
auth_request_set $jwt $upstream_http_jwt;
proxy_set_header "Authorization" "jwt $jwt";
Can this approach be done with Traefik ForwardAuth directly or do I have to add a middleware to create this header once the request has been authenticated ?
This is possible if your authentication service can return the JWT in the Authorization header of its response. Set the authResponseHeaders option of the ForwardAuth middleware to Authorization.
The authResponseHeaders option is the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers.
E.g.
http:
middlewares:
auth:
forwardAuth:
address: "http://your_auth_server/auth"
authResponseHeaders:
- "Authorization"

Not Getting Custom Nameservers Using Godaddy Api

I used this api call to get DNS records and nameservers using domain name
https://api.godaddy.com/v1/domains/testsd34.com/records/NS
GetRecords here is the api call
For default godaddy nameservers its giving everything perfectly but whenever i am using custom nameservers for domain that time this api call not giving nameservers in response its giving empty array,
anyone knows how to get custom nameservers using this api call?
Finally, I found a way to get and edit nameservers for domain.
(For custom nameservers, records are not set by GoDaddy, therefore you have to
query nameserver provider.)
Following is the API call for getting nameservers:
HTTP request:
GET https://api.godaddy.com/api/v1/domains/mydomain.com
HTTP headers:
Authorization -> sso-key my-key:my-secret
Content-Type -> application/json
Response will contain JSON object which has key "nameservers"
with pair of nameservers that you have. Example:
"nameServers": [
"ns1.mynameservers.com",
"ns2.mynameservers.com"
]
To edit the nameservers via API call, you can use following API call:
HTTP request:
PATCH https://api.godaddy.com/api/v1/domains/mydomain.com
HTTP headers:
Authorization -> sso-key my-key:my-secret
Content-Type -> application/json
HTTP body:
{
"nameServers": [
"ns3.mynameservers.com",
"ns4.mynameservers.com"
]
}

Cross-Origin Resource Sharing between https and http?

i have a page that is hosted on both HTTP and HTTPS, and it makes a HTTP call with jquery to a local http server on the client computer with the following code:
var url = "http://127.0.0.1:1234/Ping";
var ajaxSettings = {
url: url,
timeout: 1000
};
return $.ajax(ajaxSettings);
the client application has the following headers:
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: Accept, Origin, Content-type
This works great when using http but when using https i get a error.
Is there any way to solve this? (generating a ssl certificate and registering it seems a bit overkill)

CORS request not valid - missing headers?

I am trying to upload an image to a finagle (netty) server. For the OPTIONS request I return the following:
curl -X OPTIONS http://localhost:8686/images -i
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST
Browser (FireBug): http://s15.postimg.org/vtdzyfshn/Screen_Shot_2014_09_02_at_9_49_05_PM.png
The following POST request fails with
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote
resource at http://localhost:8686/images. This can be fixed by moving the resource
to the same domain or enabling CORS.
FireBug 1 (Console): http://s30.postimg.org/9utq4ridt/Screen_Shot_2014_09_02_at_9_53_41_PM.png
FireBug 2 (Net Tab): http://s16.postimg.org/jyblxfcv9/Screen_Shot_2014_09_02_at_9_54_37_PM.png
FireBug 3 (Net Tab - POST): http://s14.postimg.org/e8czua2wh/Screen_Shot_2014_09_02_at_9_54_47_PM.png
Any idea what I am missing?
(I am using this upload script: http://www.extremecss.com/creating-asynchronous-file-upload-system-using-html5-file-api/
You have to return the CORS headers (Access-Control-Allow-Origin: *) within the response header to your POST as well, instead of just within the OPTIONS response.

Cross server websockets

I get this error when I try to connect to my websocket server:
Error during WebSocket handshake: origin mismatch: http://skerit.com != http://kipdola.be
Sure enough, I had to put in an origin response, like this:
self.client.send("Sec-WebSocket-Origin: http://kipdola.be\r\n")
self.client.send("Sec-WebSocket-Location: ws://kipdola.be:1234/\r\n")
But how do I set it to allow multiple origins?
You just echo back the origin the user provided in the request, the request looks somewhat like this:
GET / HTTP/1.1
Upgrade: WebSocket
Connection: Upgrade
Host: skerit.com
Origin: http://skerit.com
You perform a serverside check if the Origin header is in your list of allowed origins and just echo the origin back to the client:
self.client.send("Sec-WebSocket-Origin: " + headers["Origin"] + "\r\n")