Remote debugging - forward https? - google-chrome

Is it possible to forward locally-server site (but served with https) via remote debugging somehow?
My site is served via https because it uses some also https-based API. But it seems like there is no option now to forward it straightly.

It seems to work. If you forward port 1234 to localhost:8080, then you should be able to access https://localhost:1234 on your device.
There's no spot to specify a protocol because it's a straight port forward.

Related

Use Nginx as a HTTP proxy for Chrome and other browsers

I need to access a IP restricted website. Since the IPs of my coworkers any my own one changes all the time I would like to use one of my root servers running Nginx as a Proxy in Chrome and Firefox.
Yet I don't know how to set up Nginx for that kind of usage. Googling is also difficult because the term proxy is used in a lot of different contexts.
Can I configure Nginx to act as a HTTP proxy to that page, if yes, how do I set it up?
Note: I can't use it as a reverse proxy to the page. It does work but all links on the page point to the original URL which I can't fix easily (at least I don't know how).

Can I use html5 Websockets with windows domain authentication?

Our setup is like this: we use a coldfusion 10 server, and files are on a local intranet. Users use a domain login to access any files over https. I'm interested in using html5 websockets, but the first attempt gave me an error because no credentials were supplied. Is there a way around this? If not, is there a recommended technology for this scenario?
The user does log in on the client side. If it's possible, what I'd really like to do here is pass those credentials when making the connection to the server.
you should be able to supply the authentication header to your web socket server before the elevation to web socket read that and send it back in the headers for the elevation (first frame) then when the browser connects it should have the authentication it needs.
if your using a custom authentication E.G in page not authentication header you can also do this by passing any custom header to your server.
Or mandate that the first thing your web client sends is the authentication details this could be something like {username_hash}.{password_hash} if they don't close the socket to them.
Do not do this.
You're now responsible for sending and encrypting the authentication credentials yourself, bypassing something that already works and is tested.
Anyone can snoop on an unencrypted websocket port. Use HTTPs for an intranet, use stable solutions, don't reinvent this wheel because it tickles your fancy.
In a couple of years some colleague will have to maintain this and will have to figure out how your homebrew version works versus something that's solid like plain browser authentication.
My advice: Leave this to the browser and to well-tested coldfusion libraries.

How to determine whether a site is HTTP or HTTPS?

How do you tell if a site is an HTTP:// site or an HTTPS:// site? I am just starting to learn some of the more fundamental things about internet security. When you put up a web site is there a special way that you have to set up the html format in the .html files so that the site is secure or is this something that can be purchased from the site provider were you host the web site.
This seems like and easy thing to do but even on stackoverflow what it type in is
stackoverflow.com/questions/ask
There is no HTTP or HTTPS in front of the internet address. Is this implied or is there a way to toggle this on an off in the tools?
HTML Code:
<html lang="en">
<head>
<title>Test Title</title>
</head>
<body>
//...code goes here...
</body>
</html>
Is there something that goes in the HTML that determines whether the site is secure or not? Or is this an option on each page when you host the site.
How do you tell if a site is an HTTP:// site or an HTTPS:// site?
By looking at the URL
This seems like and easy thing to do but even on stackoverflow what it type in is
If you type in something that looks like a URL with the scheme missing, then browsers will assume you intended to put http:// in front of it.
Most browsers will hide the http:// part from the address bar for non-SSL sites.
When you put up a web site is there a special way that you have to set up the html format in the .html files so that the site is secure or is this something that can be purchased from the site provider were you host the web site.
To use SSL you need to have an SSL certificate and the web server needs to be configured to use it.
Beyond that, everything comes down to how the server is configured. You could have different sites hosted on http and https, or the same site, or redirect from one to the other, and so on.
Is there something that goes in the HTML that determines whether the site is secure or not?
No. SSL is dealt with at the transport level, not the document level.
Or is this an option on each page when you host the site.
You could configure a server to redirect the URLs for some pages to HTTPS and some to HTTP. This was typically done to save on CPU power for pages where security wasn't needed. Today, CPU power is much cheaper, so it is normally better to use SSL by default.
To make a site secured (an HTTPS) site you need a certificate and add the proper binding that means including a port and protocol by default https uses port 443 and NO, none of those configurations at server level will affect the files serve like your .html files.
HTTP means Hypertext Transfer Protocol. The "S" is Secure.
There is no special definition you can define to ensure a secure HTTP connection.
SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.
These certificates can be purchased from companies that provide them. This essentially encrypts any data transferred between the server and person it is responding to.
In short, this is determined by the browser, and different browsers have different strategies.
When you visit a site, such as www.abc.com, different browsers will use different default protocols.
Microsoft Edge will first use http to connect to port 80 of the server. If the server is set to redirect, it will send a 301 move permanently message to allow the client to reconnect to the site using https.
But the new version of chrome will directly use https to connect to the site (port 443), if the connection fails, then connect to http (port 80).
https://blog.chromium.org/2021/03/a-safer-default-for-navigation-https.html
Chrome will now default to HTTPS for most typed navigations that don’t specify a protocol. HTTPS is the more secure and most widely used scheme in Chrome on all major platforms. In addition to being a clear security and privacy improvement, this change improves the initial loading speed of sites that support HTTPS, since Chrome will connect directly to the HTTPS endpoint without needing to be redirected from http:// to https://. For sites that don’t yet support HTTPS, Chrome will fall back to HTTP when the HTTPS attempt fails (including when there are certificate errors, such as name mismatch or untrusted self-signed certificate, or connection errors, such as DNS resolution failure). This change is rolling out initially on Chrome Desktop and Chrome for Android in version 90, with a release for Chrome on iOS following soon after.

HTML5 WebSockets Only Work For Localhost

I am having a bit of a problem with HTML5 & WebSockets.
I have put together a very simple client / server application to pass strings to each other and all works well when I am accessing the client html page via a local file path or via http://localhost, however when I try and call it from http:// or http:// it doesn't seem to work.
The first thing the client does is check if the browser supports Web Sockets:
if (!window.WebSocket) {
_Status.innerHTML = "Web Sockets not support by this browser";
return;
}
When I browse to the page with the local host address window.WebSocket is true, but when I use anything else, the page works but window.WebSocket is false.
Am I missing anything obvious? Is it an IE permissions/trust issue?
I am using IE10 and Windows 8 Consumer Preview.
I am out of ideas. Has anyone got any ideas?
WebSockets uses TCP protocol layer to connect.
Server opens Socket and Binds it to specific Port. Then it listening port and accepting connections.
If you are trying to connect to your server, make sure that you use right external IP and you probably need to set up Port Forwarding on your router to your computer, that router will know where to redirect packets.

HTML href link to local ip camera web server

I have a website running on a NAS server and I also have a ip camera on my network. I can configure port forwarding on my router to forward http requests to either my nas website (192.168.1.64) or ip camera (192.168.1.200) from the internet. I have configured both independently and was able to access from internet. However, I only have one IP address so I have configured port forwarding on my router to forward http requests ( port 80) to the web site on my NAS where I have provided a hyperlink on the default html page to the IP camera (href=http://192.168.1.200/....html). From home the link works because the internet browser is running on a computer on my network. But browsing from a computer ouside of my router ( the internet) the link does not work. The browser is attempting to communicate with ip address 192.168.1.200 which do not exist on the internet. How can I link to the ip camera website from a html page on my NAS website behind the router. I hope I have explained this in enough detail for you to understand.
You can't, plain and simple. This is because you can never get your browser to connect the device that does not have the port forward directly, therefore you can never load a page directly from that device to your browser, however you try and work it.
When I refer to "the other device" in this is answer, I am referring to whichever one does NOT have the port opened through the router to it.
Setting aside the security problems you are creating by doing this that frankly, horrify me, you have two options:
Set up a port redirect on your router to the other device, so that a different public port is redirected to port 80 internally. This would mean you could access both devices directly across the internet. Not all routers support this (albeit fairly basic) functionality.
Set up some form of proxy script that will fetch the page from the other device and display it on a page (in an iframe maybe?) on the device that does have a port forward. This will probably require a third web server inside your network, since it is unlikely either the NAS or the camera will support any form of scripting language.
I do not recommend either of these options, but that is what you are left with.
You are creating a huge hole in your network security by doing this. Only do it if you 100% trust the fact the neither device could under any circumstances be hacked into. Are you that confident in some software you didn't write - or even some you did?