We are experiencing an issue with running TestCafe where it will consistently stall on an API call. The application outside of TestCafe will consistently run without issue. From what I can trace, it seems to be within the TestCafe Hammerhead proxy request-pipeline.
I can see the request is (pending) but we don't see the request actually reaching the API server logs. There is an auth token in the request and I can see that Hammerhead will manage the auth flow from the header prefix:
~~~TestCafe added this prefix to control the authorization flow~~~
We have other API calls with non-standard auth headers (x-ns-authorization). TestCafe/Hammerhead will not stall on these calls and there is no added prefix. With the request that stalls, we cannot modify the auth header.
These are the versions we're running:
Node 14.20.1
└─┬ testcafe#2.1.0
├── testcafe-hammerhead#28.1.0
Hammerhead becomes a black box (aside from source code) as I don't see a way to debug the proxy. Is there a way to debug the proxy server? Or is it possible to prevent TestCafe from controlling the auth flow?
Also to note: the full tests will run successfully about <10% of the time. So it's a bit random when the tests don't stall.
I am using The Chrome App for Postman and I am setting up my Access Tokens using OAUTH2. When I fill out the form, I am using the following:
Auth Url: https://[MY_API_URL]/api/authorize
Access Token URL: https://[MY_API_URL]/api/request/token
Client ID: xxxxxxxxxxx
Client Secret: xxxxxxxxxx
Scope: blank
Grant Type: Authorization Code
The callback url in my outh server is set to "https://www.getpostman.com/oauth2/callback"
When I click Request Token, I am taken to the proper Authentication page. When I submit my credentials, a new Chrome tab opens up with a blank page with the url https://app.getpostman.com/oauth2/callback?code=xxxxxxxxxx
I expect that this is supposed to redirect to the app so it can perform the access token request. from the access token url, but nothing is happening. Is this not the right callback uri?
This is an old question and things have changed since.
Google deprecated Chrome Apps, so Postman had to deprecate their old Chrome App client too, and so the old redirection URL (https://www.postman.com/oauth2/callback) no longer works.
According to this, with the more recent versions of Postman, the new redirection URL is https://oauth.pstmn.io/v1/callback.
You have change your permission type. Use Client Credentials instead of Authorization
I also faced same problem.
Just change Grant Type: Authorization Code to Grant Type: Client Credentials.
It worked for me.
Certainly as mentioned in other comments, for client_credentials it would work but for the Implicit or Authorization Code, I used "https://app.getpostman.com/oauth2/callback" as the callback url and it worked. Also it need to be configured in the application settings in oauth provider.
I've been using this callback url:
https://getpostman.com/oauth2/callbackurl
Time ago we set up a PEP proxy to secure the API our widgets are using. All have being working correctly until today, that we are receiving a 502 Bad Gateway error code for every call going through the proxy.
We have checked the requests are reaching our server and it is responsing correctly to them. The parameters added by the proxy (x-nick-name, x-display-name...) are defined correctly too.
We have also checked the requests outside wirecloud and all go well: we get the token properly and use it in the subsequent calls without problem.
We do not know where this error comes from, any ideas?
EDIT 06/11/2015
After Alvaro's new setting we are receiving the following error in the response body:
{
"description": "Connection Error",
"details": "('Connection aborted.', error(104, 'Connection reset by peer'))"
}
EDIT 09/11/15
Today, the code received in the request's response is different: 504 GATEWAY TIMEOUT
{
"description": "Connection Error",
"details": "('Connection aborted.', error(104, 'Connection reset by peer'))"
}
EDIT 16/11/15
Answering to Mr. Alonso's question:
1.- If we request directly to the server, the response is correctly displayed in the application.
2.- Here you can see the logs from the PEP Proxy with the new line added. As you can see the request is redirected correctly but the info is not displayed in the app.
Seems that the problem is in the PEP proxy side.
I've checked using other tools like curl (I obtained the connection details from the server log). Making the same request using curl gives the same result than using WireCloud: connection reset by peer. Also, if I make the request without the X-Auth-Token header, your service responds with an 401 error code. This is important, because it means that there is not a communication problem between the Mashup portal and your server. I don't know why, but the PEP proxy seems to be crashing when making the authenticated request from the Mashup portal (the same command works executing it from my machine).
I suggest you to restart the PEP proxy. If the problem persist, please attach any available info about the crash from the PEP proxy logs.
You can check three things to give us more information:
Try to remove the PEP and send the request directly to your service.
Introduce a new log in PEP to print the headers of the response: line 41 of lib/HTTPClient.js, log.debug("Headers: ", headers);
Try to send a request to the root path (directly to the tomacat or apache)
If not perhaps we can talk in private to check more information
With the default configuration, I am unable to make XHRs in my Mithril app if I run its Sails server in localhost. All I get is:
XMLHttpRequest cannot load http://localhost:1337/json/test-realms.json. The 'Access-Control-Allow-Origin' header contains the invalid value ''. Origin 'null' is therefore not allowed access.
If I enable CORS with allRoutes: true, origin: '*' that problem goes away, and instead I get:
DOMException: Failed to execute 'replaceState' on 'History': A history state object with URL 'http://localhost:1337/#!/' cannot be created in a document with origin 'null'.
What exactly is the issue here?
Updates:
I am using sails lift as server.
The web app is loaded via http://test.pink. The domain is set to a LAN IP via the HOSTS file.
No resources are loaded via file:/// or localhost.
Turns out the problem was related to Content Security Policy. I had set sandbox 'allow-scripts' 'allow-forms', which as per this and this would treat the page as an iframe with an unique origin.
Disabling the sandbox policy or adding allow-same-origin suffices to fix it.
I'm building a web server and trying to test things. The server is running on localhost:888, and the first time I load the web app, everything works. But if I try to reload the page, a bunch of XmlHttpRequest requests fail with net::ERR_FAILED. By putting breakpoints in the server code, I can verify that the requests are never actually coming in.
This isn't a connection failure, as the connection succeeds the first time. The fact that it succeeds once and then fails later implies that it might be caching-related, but there's nothing in the server code that sets the cache-control header. So I tested it by putting the server up on an actual web server. The first time, everything had to take its time loading; the second time, it all loaded instantly, so this is definitely cache-related
This is a custom server running on top of http.sys (no IIS), and it appears that things are getting cached by default and then failing to load from it on subsequent runs, but only when my server is running on localhost; on the Web, it works fine. As near as I can tell, net::ERR_FAILED is a generic "something went wrong and we've got no useful information for you" message in Chrome, so I'm kind of stuck here. Does anyone know what could be causing this?
I run into similar problem. I have copied request as fetch in Network tab in devtools.
Then I have run it in browser dev console. There I could read description of the error about CORS. After setting cors on the api server, it worked.
You have to paste the fetch command into the dev console of the same origin and NOT accidentally e.g. open it from stackoverflow.
Another cause is, when you use withCredentials: true (sending cross origin cookies) for XHR calls, you are not allowed to set Access-Control-Allow-Origin: *, but have to provide a specific domain!
Sadly, you cannot use a list of domains here, because no browser supports this official standard. But several frameworks, like Spring, allow you to set a whitelist configuration, which then is matched on request.
See also:
CORS: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true
Header in the response must not be the wildcard '*' when the request's credentials mode is 'include'
https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS/Errors/CORSNotSupportingCredentials
One very important and un-loved comment in this set of answers is, "Look at your CORS headers." I had a problem much like this, and it gave me this error with some prodding. No data in my Apache logs, but I noticed that we were calling a secondary URL and getting no response for that secondary URL.
Chrome didn't initially call it a CORS issue, but lack of response caused me to dig into our Apache settings and change the allowable CORS source header.
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
Header set Access-Control-Allow-Origin "https://our-site.com"
Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"
Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
</Directory>
This answer may not apply to YOUR situation, but it applied to my net::ERR_FAILED
There is only one way to get to the bottom of these types of error
In chrome use chrome://net-export/ in a tab, then record the session in another and debug with https://netlog-viewer.appspot.com/#import which allows you to view the output in a more readable format.
We recently found an ERR_FAILED down to the socket being closed because of a proxy authentication issue on the clients network.
This can also be useful reference once you've got the error code from the above
chrome://network-errors/
One possible reason is that you write your AppCache Manifest wrong.
For example: in you /a/b/cache.html file you refer the cache.appcache Manifest file, but in cache.appcache file you announce like:
CACHE:
/cache.html
which is wrong.
you should write:
CACHE:
/a/b/cache.html
hope this can help you.
In my case installing an SSL certificate fixed the issue.
Add "proxy": "http://localhost:port_number/" at the last line in package.json and mode: 'same-origin' in the request body at the client-side. For example,
fetch('login', {
method: 'post',
mode: 'same-origin',
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json'
},
body: JSON.stringify({
username: username,
password: password,
})
})
I ran into this error on my localhost (on a monday morning) when requesting one of my virtual hosts. Turned out I still had a unfinished debugging action running (unfinished business from my friday afternoon :) ) on another virtual host which blocked Apache from serving the files for the other request. This resulted in the net::ERR_FAILED error in my browser console.
Hope this might be helpful for others ending up here.
Another potential cause is the request being handled by a service worker that runs into some sort of trouble. In this case it's worth checking the service worker console in the dev tools to see if there's an error message there.
If using node, make sure your CORS headers are added before the route. IE
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
app.get('/route.htm', function (req, res) {
res.sendFile( __dirname + "/" + "route.htm" );
});
Instead of the other way around putting app.use after.
This happened to someone on Mac OS / Chrome but not on Safari. And seems to have emerged recently (i.e. - likely not from a code deploy... Maybe a Chrome update?). I can't reproduce it on other computers with Chrome. Restarting Chrome and the computer didn't help.
I didn't notice anything strange in Extensions and they said they hadn't installed anything new.
Posting in case there is a newly emerging issue on Chrome.