The issue that I am facing is that we have a private subnet that hosts our EC2 instances. There is one EC2 instance that is hosting a C# API and another hosting a react app. I need to be able to have the react app communicate to the api. Currently I have an ALB infront of the frontend app that is serving traffic as https. The issue arises when I try to make and Http call from the front end app to the private API.
The error that I am receiving has to deal with mixing Http and Https traffic. However I want the react app to be able to talk internally to the API.
Mixed Content: The page at 'https://' was loaded over HTTPS, but
requested an insecure XMLHttpRequest endpoint 'http://'. This request
has been blocked; the content must be served over HTTPS.
I have tried making curl calls from the servers and am able to get responses from both sides.
Related
We have 2 Linux Web apps running in Azure ( blessed images, not custom ones) running on .NET 6 with custom domains - one API and an MVC app. It's a multitenant organization and the API is using the host header from the incoming HTTP request to resolve a tenants database. So far so good - on IIS everything is working great - we are setting the host header in the HttpClientFactory with the correct domain name, sending the request and the API does its job.
Now the problem - when deployed to Azure, when we set the header to the domain from which the request should be sent(which is the domain we are currently on), the container goes in to a loop when the first HTTP request occurs, executing this request over and over again and after some time our timeout DelegateHandler on the HttpClient is being hit. If we do not set the header the loop stops but we do not have the correct Host header in the request and our API is unable to process the request.
I know there is a reverse proxy which is resolving which web app should process the request based on the custom domain in Azure and I am pretty sure that's our problem but I am not very familiar with Azure architecture and don't know what to do.
P.S. If we use a custom header and set there the host name and reconfigure the API to use this custom request header everything works fine, but that's not what we want.
So any help would be of great help.
In my windows phone application I have a WinRT component that references a Portable Class Library (PCL), which contains code to do a POST to remote WEB API address via HttpClient.
The HTTP client is also sending Multipart Form Data Content.
The Windows Phone app has the Internet (Client & Server) capability enabled in the app manifest.
When I run this code calling a HTTPS URI from either a physical phone or the phone emulator I get a 404 error, however the request works when I call the same WEB API via HTTP.
I am pretty sure it is not a problem with the WEB API side of things as I have Unit/Integration Tests in the solution that call the API via both HTTP and HTTPS and they work as expected.
Am I missing something on the windows phone side? Any ideas why I would get a 404?
On Windows Phone, you get a 404 error when trying to make a SSL (HTTPS) request with an untrusted certificate. Most likely, you're using a self-signed certificate.
For your tests, you can manually install the certificate on the phone (there's many ways, but the most practical is to upload the certificate on a server then point the web browser to the .cer file). But when publishing your application, you'll probably have to switch to a "real" trusted certificate (or ditch SSL).
We have an application that communicates with azure (ServiceBus, Queue and Blobs) and some third party WebServices that requires HTTPS.
The problem is that some of our clients use proxy servers with rules to block connections based on the user-agent header and, as we discovered, .NET does not send the user-agent during the HTTPS CONNECT.
For Azure we can choose not to use HTTPS and go with HTTP (I don’t like it but it is a possibility). The problem is that we need to access a Web Service through HTTPS. We do not have control over this Web Service and the HTTPS is mandatory.
I’ve search for solutions and found several people with the same problem but no solution other than avoid HTTPS and use HTTP.
Does anyone knows a solution for this? Is it possible to replace “default” .NET HTTPS connections with some other library (like libcurl.NET) and use this library as the default in our application?
Thanks.
I've got a client who requires a secure transaction made over HTTPS. They do not provide any web services to consume, so instead they have a simple post over HTTPS with SSL. I have two applications that need to utilize this service, one is a website, one is an iOS app, so I figured to save some time and effort, I would write a proxy web service that both of these applications would use to pass data back and forth between the client's system.
So I have the web service sitting on a server, with an exposed web method which is being consumed by the application. The variables are in the method, can someone please help me with sending that data via https POST to the required URL? I've never done anything like this before and I'm a bit lost. The web service is programmed in C#.
If you are using .NET 4.5, you can use the System.Net.Http.HttpClient
http://msdn.microsoft.com/en-us/library/system.net.http.httpclient.aspx
or, System.Net.HttpWebRequest if you are using older version of the framework.
Here's an example
HttpWebRequest with https in C#
we are trying to build a some program that will sit on the clients servers, then a user will enter a url in his browser that will go to our program on his servers. the program will call some data at our servers and will return an image in his browser is it possible to create under wcf self hosing ?
you could use a HTTP call to your site at the clients site to get the image or a more sophisticated technology like a web service. There should be no problem if both web servers are connected to the internet.