We are starting to log unhandled exceptions from an app to a third party provider so we know what kind of errors our users are facing. When calling code like File.Open it includes path information in the unhandled exception like:
C:\Users\username\AppData\Local\Packages\MyApp
Would username be considered personally identifiable information?
Is there any difference between:
C:\Users\name_surname\AppData\Local\Packages\MyApp and
C:\Users\fake_username\AppData\Local\Packages\MyApp
in terms of PII?
Thanks
Related
Suppose an ethereum smart contract has external function "foo" whose logic has state-reverting exception require(1 == 0, 'error: you broke the simulation!');.
If ethereum-client A broadcasts transaction "txA" which is a function call on foo, how can ethereum-client B access the state-reverting message corresponding to "txA"?
edit: by "how can", I mean how can a developer practically enable ethereum-client B to access this data. i.e. Can you please point me in the direction of the correct (lower-level.. not webui) api/rpc call from a particular tool?
Clearly this is possible since block explorers provide such messages for failed transactions. I read through some of the source of etherscan, but their javascript is minimized and not easily readable.
Thanks in advance!
See this: https://ethereum.stackexchange.com/questions/39817/are-failed-transactions-included-in-the-blockchain
Failed transactions often are included in the chain.
What you sometimes see, if you're using e.g. MetaMask, is a popup saying "this transaction will fail" that happens before the transaction is sent to the chain. This is MetaMask trying to be helpful and prevent you wasting gas. But you can force send the transaction anyway, and you'll get a failed/reverted transaction posted on-chain (like this one for this Solidity source).
So to answer the original question, if TxA was posted on-chain, then client B will process it and get the revert message itself. If TxA was not posted on-chain, then there is no record of it.
Hope somebody can get me past this point... because I spend pretty much time on it and still not working.
Short story is that I want to use Azure Notification Hub for my Xamarin.Forms app.
It want's these info to work:
That's all good and I got all of them under control, expect the Token one.
Ok, so I follow the Microsoft docs on the subject:
https://learn.microsoft.com/en-us/azure/notification-hubs/notification-hubs-push-notification-http2-token-authentification
I follow along and got things under controls I think, until I get to:
"Authentication token"
Here it says:
The authentication token can be downloaded after you generate a token for your application. For details on how to generate this token, refer to Apple’s Developer documentation.
Like it's no big deal and then it links to this page, which is suppose to help me. Read through it, clicked the links etc. read stuff.
I end up on this page: Establishing a Token-Based Connection to APNs
And the the craziness and confusion really kicks off for me, because, it then says, like it's the most common thing in the world:
Encrypt the resulting JSON data using your authentication token signing key and the specified algorithm
It doesn't really explain much, other than link to the jwt.io tool.
Well, that would have been great if I could make the tool work...
On the surface it's pretty easy, as the docs explains what to put in where, so I do that:
So the "header" and the "payload" is filled in and I assume it's correct - however, at the bottom I clearly need to put in some keys for this to be able to decrypted correctly on the other end...the question what do I put in here?
When I created my key in the Apple Developer portal, I of cause downloded the .p8 file, which I can see contains my PRIVATE key...but I have 2 problems.
Putting that into this jwt.io tool, result in a "invalid signature" right away, and I have no idea what to put into the "PUBLIC KEY" part.
So, what am I doing wrong?
Thanks in advance and really hope somebody can help me, as I'm starting to go crazy over this, "tiny" step in the development that have been taking WAY too long now.
At the bottom of jwt.io there are libraries you can use to encrypt the token on your server. For example, this php library: https://github.com/lcobucci/jwt/blob/3.3/README.md
About public key. I think it's the KeyID that is the public key that APNs uses to verify. You only need the private key to generate the token. It goes like this in this php sample:
$token = (new Builder())->issuedBy('http://example.com') // Configures the issuer (iss claim)
->permittedFor('http://example.org') // Configures the audience (aud claim)
->identifiedBy('4f1g23a12aa', true) // Configures the id (jti claim), replicating as a header item
->issuedAt($time) // Configures the time that the token was issue (iat claim)
->canOnlyBeUsedAfter($time + 60) // Configures the time that the token can be used (nbf claim)
->expiresAt($time + 3600) // Configures the expiration time of the token (exp claim)
->withClaim('uid', 1) // Configures a new claim, called "uid"
->getToken($signer, $privateKey); // Retrieves the generated token
Just to whoever stumbles upon this question.
The token field in the Azure Notification Hubs Settings is the private key which you will find inside the .p8 file you downloaded from Apple Developer Account for Universal APN.
As for the JWT encryption, you need that when you sending a request to apple's apn server directly. You will need to send a Bearer token by encrypting the header and payload ( specifications are in apple's website). The encryption is done by crypto libraries, using algorithm ES256 ( only one supported for APN ) and the signing key is the token we mentioned above, that is the private key in the .p8. This creates a JWT that you include in your Authorization header for the request to APN server
We have referred to this MSDN article for help on locking down the hardware buttons on our device.
The article is pretty straightforward and I managed to generate a prov.xml file with the help of our manufacture however when we try and upload our app to the Windows Store we get the following error:
Package acceptance validation error: File WindowsPhoneReservedAppInfo.xml is invalid: The 'Id' attribute is invalid - The value 'ID_CAP_ENTERPRISE_SHARED_DATA' is invalid according to its datatype 'http://schemas.microsoft.com/phone/2013/windowsphonereservedappinfo:ST_SoftwareCapability' - The Enumeration constraint failed.
I would have thought we would be required to include the WindowsPhoneReservedAppInfo.xml as described in the article above so that when we download the app we can lockdown the hardware buttons.
It's worth noting that if you don't have this file and attempt to lockdown you get the following error:
Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
For anyone interested in the code that does the lockdown here it is (although the code works I just thought I would try and give a bit of context):
Dim _GUID As Guid = Windows.Embedded.DeviceLockdown.DeviceLockdownProfile.GetCurrentLockdownProfile()
If Windows.Embedded.DeviceLockdown.DeviceLockdownProfile.GetLockdownProfileInformation(_GUID).Name <> "Associate" Then
For Each G As Guid In Windows.Embedded.DeviceLockdown.DeviceLockdownProfile.GetSupportedLockdownProfiles()
If (Windows.Embedded.DeviceLockdown.DeviceLockdownProfile.GetLockdownProfileInformation(G).Name.Equals("Associate", StringComparison.CurrentCultureIgnoreCase)) Then
Await Windows.Embedded.DeviceLockdown.DeviceLockdownProfile.ApplyLockdownProfileAsync(G)
End If
Next
End If
Catch ex As Exception
End Try
We use the role Associate in the prov.xml file. The prov.xml file does lockdown the device as we want it too and that only works if we have the WindowsPhoneReservedAppInfo.xml file as described in the MSDN article so I can't understand why we can't upload to the Windows Store.
Does anyone have any ideas on how I should be uploading our app to the Windows Store?
I've spoken with our manufacturer and they have said this:
I have a strong feeling this cannot be used in a store app due to Microsoft rules…. So it looks like you can only use this in an Enterprise signed application (Which you then side load onto the device or download using a MDM).
That being the case I will have to look into MDM.
Mule documentation states that catch-exception-strategy is similar to java catch block. But unfortunately, the payload is consumed (message is consumed); from the catch block the payload is lost (unlike a java method where you can access the method input parameters from a catch/finally block).
The problem with this design is that at any instance, (from the catch strategy flow) it is impossible to know the error and last known enriched payload which was used (which caused the error?). This complicates auditing of data which caused the error.
Suppose if there is a flow with 10 message processors, it becomes tedious to identify the message processor which threw error.
I can see 2 workarounds regarding the payload:
1) After the inbound endpoint, push the payload to a flow variable before every message processor (again another disadvantage is what happens to the Inbound properties and attachments?)
2) Use Rollback exception strategy with zero attempts (the transaction will be rolled back), and original input message may be available. (drawback: it is difficult to introspect on why the error happend and on which message processor - example: I may have 5 or 6 DB processors)
The reason why this becomes important is supporting an ESB application in production becomes easier.
For example, from the catch-block if we are able to pipe the payload and exception details (linked to a single UID), then you can run a log monitor tool, push it to a real time dashboard for monitoring purpose/raise Alerts. The same approach can be uniformly applied to all the applications/flows and java components, etc.
MMC is weak in this area - for example, if you want to supress Alerts from a batch job after 5 occurrences, MMC cannot do it.
My questions are:
1) Is there any reason on why the payload is made unavailable?
Possible workaround is to push (last known data) to another variable as part of message called originalPayload or originalInboundProperties?
2) Any other straight forward way of piping the exception and payload to an appender (instead of workarounds)?
Ananth Krishnan (WHISHWORKS.com)
I'm trying to implement in-app purchases for a Windows Phone 8 app. The docs for RequestProductPurchaseAsync don't exist specifically for the phone. In the Windows Store docs, there's a funny line:
You should treat a success result as indicating the async process
completed without errors. To ensure that the transaction itself was
successful, check the LicenseInformation element in the returned
receipt.
There's no LicenseInformation element (or attribute) in the receipt. There's Receipt, ProductReceipt, and Signature. Question - did anyone work with in-app purchases before? How is transaction failure/cancellation reported?
Got my hands on a real phone.
Cancellation is reported by an async completion (parameters Info, Status) with Status=AsyncStatus.Error, Info.ErrorCode is COMException with HResult=0x80004005 (E_FAIL).
For at least some of the genuine transaction failures (e. g. product ID not found in the catalog), the reported status and HRESULT are the same. I don't think there's a good way to catch a cancellation with the current API. Reporting AsyncStatus.Canceled would be a good idea, but so far it's not implemented.