I have been having a long and frustrating experience trying to get AASA to work for webcredentials. My goal here is to allow usernames and passwords to be stored in the iOS keychain.
I did have this working on a root domain the other week but it is not sufficient for my scenario as I will explain. It didn't work for me straight away I have to say but it eventually started working after a clean build so I thought this was the issue then but now I am not so sure.
I am using Expo with EAS build. We have a multi-tenant application. From a single codebase we deploy to multiple apps in the store. All are on the same team ID but they are separate applications and use separate credentials, nothing is shared.
I am confident my apps textContentType of username and password on my TextFields is correct as this has not changed from when I managed to get it working originally and I have checked it countless times.
Expectation
For the "Save Password" prompt to be displayed after login. What I have noticed however is when going to store a password manually using "add password" via iCloudKeychain from the keyboard accessory this does accurately show the correct "TENANT_SUBDOMAIN.example.com". I find this confusing.
Goal Scenario
I am hosting a site on Netlify. I have it setup to support wildcard subdomains with a LetsEncrypt provisioned wildcard SSL certificate. I then have edge functions which change the content of my index.html and apple-app-site-association file dynamically based on the requested subdomain.
I have added the Associated Domains capability to my provisioning profile.
I am using the latest Expo 47 and EAS build. I have added in the appropriate associated domains configuration and I can see this when introspecting my entitlements under com.apple.developer.associated-domains and it is correct.
I am using TestFlight for testing. I am doing a --clean-build on EAS every time and I also increase the runtime version. I have also tried manually refreshing credentials outside of the build process which does this automatically. This must be using the correct provisioning profile otherwise I would get a build failure as the requested entitlements wouldn't match.
The AASA file is currently hosted just in the .well-known directory. I have tried using the root and also tried using both. There are no redirects taking place.
I am aware the AASA file is pulled on application installation and update. I repeatedly remove the apps and then reboot my phone in an attempt to reset any device caches.
The content-type of the file is application/json and I have confirmed this using developer tools in the browser.
There is no robots.txt or anything blocking the request from an infrastructure perspective. There are no additional firewalls or geo restricted access as I am just using plain Netlify to host this, nothing fancy.
I am confident the Team ID and bundle IDs are correct in the AASA file.
I remove the content-length header in the Edge function so it is correctly calculated by the network instead and I have confirmed this using curl.
When I check the file using https://app-site-association.cdn-apple.com/a/v1/site.example.com Apple has the correct file cached on it's CDN so I would expect it to work.
I added in an applinks section so I could use the Apple App Search API validation tool and the Branch.io AASA verification tool to verify correctness. Branch.io says the file is fine and Apple says it's fine also but because the App has not been deployed to the store yet I see Error no apps with domain entitlements. From what I can tell this is normal in development and makes sense as it uses the current released version of the app to verify the deep link configuration. So to me this means Apple can parse the file correctly.
When I stream my device console logs; on install I can see the AASA requesting the correct domains. I see no errors on swcd I just see the Beginning data task AASA-XXXX with the correct domains.
When I run Charles proxy on my phone with a verified SSL installation (also reinstalled a few times now) I do not see quite what I would expect - but the device logs seem to imply it is doing the correct thing. When I view the app-site-association... URL requests in Charles there is one per application install which is correct. The request is marked as Unknown and when I look at the request the host is shown but as you would expect from SSL I see no path. The info says METHOD: CONNECT with Error - Input Error: EOF. This is the only error I see, I am not sure if it is a red herring and something to do with Charles. Given the error as you expect there is no body in the request or response. It is worth noting in general testing I have no VPN enabled and I have do not have Private Relay enabled in my iOS settings.
When I perform a sysdiagnose I see the following at the timestamp in my console log in the swcutil_show.txt device log. This looks correct in comparison to other apps webcredentials and applinks services I see there and I see no errors:
Service: webcredentials
App ID: MYTEAMID.com.cf.example.b2c.ios
App Version: 1.0
App PI: <LSPersistentIdentifier 0x141816200> { v = 0, t = 0x8, u = 0x1e7c, db = 0094F7C4-3078-41A2-A33E-79D5A62C80A6, {length = 8, bytes = 0x7c1e000000000000} }
Domain: CORRECT_SUBDOMAIN.example.app
User Approval: unspecified
Site/Fmwk Approval: approved
Flags:
Last Checked: 2022-12-09 14:14:32 +0000
Next Check: 2022-12-14 14:03:00 +0000
Service: applinks
App ID: MYTEAMID.com.cf.example.b2c.ios
App Version: 1.0
App PI: <LSPersistentIdentifier 0x13fd38d00> { v = 0, t = 0x8, u = 0x219c, db = 0094F7C4-3078-41A2-A33E-79D5A62C80A6, {length = 8, bytes = 0x9c21000000000000} }
Domain: CORRECT_SUBDOMAIN.example.app
Patterns: {"/":"*"}
User Approval: unspecified
Site/Fmwk Approval: approved
Flags:
Last Checked: 2022-12-13 13:13:23 +0000
Next Check: 2022-12-18 13:01:51 + 0000
At end of file:
MYTEAMID.com.cf.example.b2c.ios: 8 bytes
(This seems correct for all apps)
Other Scenario
I have tried setting this up using an apex on another domain which hasn't been seen before by Apple. I have tried using a subdomain with a root domain serving the same content and I have tried the subdomain and root domain on their own. I have also tried not using the Edge functions and having static files but to no avail.
When I do this I ensure I wait for the Apple CDN to catch up and remove/add entries prior to deleting the apps, rebooting my device, and reinstalling to test.
AASA File
AASA content comes back with the correct payload and Content-Type: application/json and Content-Length headers, both from Apples CDN and the origin. When I had this somehow working in my initial test it was on a root domain and I did not have an applinks section, this was only added so I could use the verification tools for universal links.
I am not sending back different content or duplicated content and I block the www subdomain - I have also tried it with a www subdomain for the record.
{
"applinks": {
"details": [
{
"appIDs": [
"MYTEAMID.com.cf.example.b2c.ios"
],
"components": [
{
"#": "no_universal_links",
"exclude": true,
"comment": "Matches any URL with a fragment that equals no_universal_links and instructs the system not to open it as a universal link."
}
]
}
]
},
"webcredentials": {
"apps": [
"MYTEAMID.com.cf.example.b2c.ios"
]
}
}
I have also tried this with the older format:
{
"applinks": {
"apps": [],
"details": [
{
"appID": "MYTEAMID.com.cf.example.b2c.ios",
"paths": [
"*"
]
}
]
},
"webcredentials": {
"apps": [
"MYTEAMID.com.cf.example.b2c.ios"
]
}
}
associatedDomains iOS. expo config
associatedDomains: [
`webcredentials:${SUBDOMAIN}.example.app`,
`applinks:${SUBDOMAIN}.example.app`,
],
Help :)
I have been trying to get this to work for a long time now and I am completely out of ideas. If anybody has any suggestions I would really appreciate it. I am very confused how the devices request seems correct and the CDN content is correct but it is still not working. It's worth also reiterating that I need to have different subdomains for each tenant as the credentials must not be shared across apps so the keychain->domain association store must be different.
I am wondering if it's the LetsEncrypt wildcard SSL certificate but I wouldn't expect it to verify and for Apple to cache the file if this was the case. It seems very unlikely to me but it is the only thing I haven't tried at this point.
Many Thanks,
Mark
I'm trying to make a Chrome extension that redirects to a pre defined page when a specified page is loaded.
I'm using webRequest for this, But now that I have to migrate to Manifest V3, webRequest can not be used anymore.
Can anyone help me with rewrite the script to make it work with Manifest V3?
Here's the script that I use to redirect pages:
var host = "http://example.com";
chrome.webRequest.onBeforeRequest.addListener(
function(details) {
return {redirectUrl: host + details.url.match(/^https?:\/\/[^\/]+([\S\s]*)/)[1]};
},
{
urls: [
"*://foo.com/demo*",
"*://www.foo.com/test/*"
],
types: ["main_frame", "sub_frame", "stylesheet", "script", "image", "object", "xmlhttprequest", "other"]
},
["blocking"]
);
I would not recommend using declarativeNetRequest for this task, it is very limited in its capabilities and has an awkward interface.
It sounds like you want to redirect the user prior to the page being loaded. If that's the case, you need to hook into the request/response lifecycle using chrome.debugger API. I describe how to do that here- his application seems easily adaptable to your own. This is the only way to get the same caliber request manipulation capabilities in MV3 as in MV2.
Alternative approach:
-Use the chrome.webNavigation API. This will just entail setting up event listeners/handlers for one or more of the following:
onBeforeNavigate -> onCommitted -> [onDOMContentLoaded] -> onCompleted
Here you can find many examples of other projects using this API.
I'm working in VS Code and started getting this error yesterday. All of my json files have this error, not just a few. If I remember right there was an update to the program yesterday or the day before. Did the update break something or reset a setting that I forgot I had set?
When looking this up, people are talking about downloading the schema and using it locally, but I would prefer not to have to do that and would instead like to find out why this broke?
I am using a proxy, but as far as I know that hasn't changed. Here's the exact error I'm getting.
Problems loading reference 'https://schemastore.azurewebsites.net/schemas/json/package.json': Unable to load schema from 'https://schemastore.azurewebsites.net/schemas/json/package.json': Unable to connect to https://schemastore.azurewebsites.net/schemas/json/package.json. Error: connect ECONNREFUSED 168.62.224.13:443
I'm behind my company's proxy which I don't know the details because it's everything automatic, and this problem have bug me for some time.
I'm not sure whether this is an universal solution but according to this issue, the http.proxySupport setting is defaulting to "override".
I turn this setting off and the errors disappeared:
"http.proxySupport": "off"
Open User settings of visual studio code through the command palette:
Press F1
Type user settings.
Select Preferences:Open User Settings from drop down
Put below code and modify accordingly:
"http.proxy": "http://username:password#hostname:port/",
"http.proxyAuthorization": null,
"http.proxyStrictSSL": true
Just close your VsCode Editor and open it again. That should fix the error.
I just turned off checkbox schema download and error gone.
Press F1 and follow open user settings/user/extentions/JSON
I was facing following issue with Angular 6:
Problems loading reference 'https://schemastore.azurewebsites.net/schemas/json/package.json': Unable to load schema from 'https://schemastore.azurewebsites.net/schemas/json/package.json': Unable to connect to https://schemastore.azurewebsites.net/schemas/json/package.json. Error: unable to get local issuer certificate
I added following properties at the end of the User Settings File and worked for me:
"http.proxy": "",
"http.proxyAuthorization": null,
"http.proxyStrictSSL": false
Add this to your setting.json. Your problem will be solved! Plus this works for me.
"json.schemas": [
{
"fileMatch": ["/package.json"],
"url": "https://json.schemastore.org/package",
"schema": true
}
]
Well i didnt like the idea to set "http.proxyStrictSSL": false, so i started searching, and i found this Issue on SchemaStore site from azure. After seeing this i concluded that my proxy was getting some problem with the certificate and authentication. What i did was change all "https" to "http" in the following session of package.json file(Mine was on this path: C:\Program Files\Microsoft VS Code\resources\app\extensions\typescript-basics\package.json).
"jsonValidation": [
{
"fileMatch": "tsconfig.json",
"url": "http://schemastore.azurewebsites.net/schemas/json/tsconfig.json"
},
{
"fileMatch": "tsconfig.json",
"url": "./schemas/tsconfig.schema.json"
},
{
"fileMatch": "tsconfig.*.json",
"url": "http://schemastore.azurewebsites.net/schemas/json/tsconfig.json"
},
{
"fileMatch": "tsconfig.*.json",
"url": "./schemas/tsconfig.schema.json"
},
{
"fileMatch": "typings.json",
"url": "http://schemastore.azurewebsites.net/schemas/json/typings.json"
}
]
I solved this issue by turning off proxy support in VS Code.
Open Settings and search for proxy support at the top. The only option shown should then be the one you want to switch from Override (which is the default) to off:
PS: You can also locate settings by pressing F1 and entering user settings.
please follow the step below to solve this problem:
Open the folder where package.json file present
Type npm install from cmd
restart VS code or any IDE that you use.
I tried every setting - the only one which works is adding this to settings.json:
"json.schemas": [
{
"fileMatch": [
"/package.json"
],
"url": "https://json.schemastore.org/package",
"schema": true
},
]
}
Note, using the HTTP URL doesn't work - it just ignores the URL.
If you still want the proxy support to work, just disable the proxyStrictSSL. Don't need to adjust other settings.
After banging my head against this for longer than I care to admit, I just needed to add the proxyAuthorization value for my Base64 encoded credentials, and did not need the proxy or proxyStrictSSL values.
I already had my proxy correctly configured in my environment variables. It only has the domain and port, not my credentials, ex. "HTTP_PROXY" "http://example.com:port/".
I used this C# code in LINQPad to get the proxyAuthorization value from my credentials:
var pw = "user#example.com:password";
var base64Encoded = Convert.ToBase64String(Encoding.UTF8.GetBytes(pw));
base64Encoded.Dump();
This is what I have in my user settings.json, using the encoded string from the above code dump.
"http.proxyAuthorization": "BASE64_ENCODED_VALUE"
Note: I believe that if I didn't need the full username with email address in the credentials for our proxy to let me out, I could have used an above solution. But since I did, this was the only way I could get it to work.
I`ve just delete this setting 😃
"http.proxy": "http://.......",
For me this works the Azure Storage Emulator stopped working ;-(
To start the Azure Storage Emulator:
Select the Start button or press the Windows key.
Begin typing Azure Storage Emulator.
Select the emulator from the list of displayed applications.
https://learn.microsoft.com/en-us/azure/storage/common/storage-use-emulator
just do the 3
in CMD
AzureStorageEmulator.exe init
AzureStorageEmulator.exe start
AzureStorageEmulator.exe status
BAM all worked
It's issue of opening the vs code using command line or any type of terminal
for avoid this issue.
Just restart the vs code or close the vs code and open again
Add following code in setting.json file
"http.proxy": "",
"http.proxyStrictSSL": false
To Open setting.json file use the below step
Press F1
Type User Setting and then select Preferences:Open User Settings
Then click on Edit Setting.json link
for me turns out that the problem was due to terminal.integrated.shell.windows being deprecated in VSCode.
these are the steps i followed to fix it :
Open command palette (CTRL + Shift + P)
Search "Preferences: Open "User Settings" (the JSON file)"
find this field => terminal.integrated.shell.windows delete it and type this instead inside of "terminal.integrated.profiles.windows":
"PowerShell": {
"source": "PowerShell",
"icon": "terminal-powershell"
},
"Command Prompt": {
"path": [
"${env:windir}\\Sysnative\\cmd.exe",
"${env:windir}\\System32\\cmd.exe"
],
"args": [],
"icon": "terminal-cmd"
},
"Git Bash": {
"source": "Git Bash"
}
},```
if you want to disable PowerShell, just set its value to null
I created an Azure Function App to send emails (uses service bus topics), and I have it working beautifully locally using their SDK/CLI tools, but when I publish it to Azure using the Visual Studio Publish options available, the function doesn't appear to run, there is no error, and the monitor shows "No Data Available". The only thing I can possibly think of is that perhaps the local.settings.json file which allows me to run the app locally needs to be manually entered some place into the function app?
Clicking Run next to function.json just tells me in the Logs "2017-12-01T16:59:21 Welcome, you are now connected to log-streaming service." no other information is presented. Also, I checked the topic and still have messages pending.
I have verified the files did publish successfully to the bin folder using Kudo, and the function.json (below) looks right to me. Does anyone have any ideas why this might not be triggered and isn't erroring? As a note, the function folder only has function.json in it, but up one level the bin folder and the dll shown in the json are there.
function.json:
{
"generatedBy": "Microsoft.NET.Sdk.Functions-1.0.0.0",
"configurationSource": "attributes",
"bindings": [
{
"type": "serviceBusTrigger",
"topicName": "topicemail-dev",
"subscriptionName": "subLowPriority",
"accessRights": "manage",
"name": "mySbMsg"
}
],
"disabled": false,
"scriptFile": "..\\bin\\Emailer.dll",
"entryPoint": "Emailer.Functions.LowEmail"
}
When deployed to Azure, Functions does not use local.settings.json. Instead, it reads values from the App Settings. All you need to do is add App Settings values for each of the properties you have in local.settings.json
For people with the same issue, but who still can't get it working with the selected answer, view Azure function implemented locally won't work in the cloud , it might help.
I need to get the network events from Chrome. I've found this:
https://developer.chrome.com/devtools/docs/debugger-protocol
https://developer.chrome.com/devtools/docs/protocol/1.1/network#command-enable
It seems that Chrome uses a port to get messages, answer and send events, for remote debugging. It says it uses JSON, so I decided to try it.
So, I wrote some simple java code that opens the port that chrome is listening on (ofcourse i've started it by using google-chrome --remote-debugging-port=9222 on my ubuntu machine). I have a thread that writes to stdout anything coming from this port, and then the code writes this to the outputstream of the socket using this line (a sample method from the protocol):
out.println("{\"id\": 1,\"method\": \"Network.enable\"}");
I would expect some answer (according to the protocol) in the input stream but nothing happens.
Does anyone ever done something like this? I can't find anything on the net.
Finally I've got it. Credit goes to https://www.igvita.com/2012/04/09/driving-google-chrome-via-websocket-api/.
First I send an HTTP request to http://localhost:9222/json. This returns a JSON list of open tabs in Chrome, for each I also get a WebSocket uri (webSocketDebuggerUrl):
[
{
"description": "",
"devtoolsFrontendUrl": "/devtools/devtools.html?ws=localhost:9222/devtools/page/C014A09F-BD0A-40BA-B23C-7B18B84942CD",
"faviconUrl": "http://cdn.sstatic.net/stackoverflow/img/favicon.ico?v=00a326f96f68",
"id": "C014A09F-BD0A-40BA-B23C-7B18B84942CD",
"title": "Using Google Chrome remote debugging protocol - Stack Overflow",
"type": "page",
"url": "https://stackoverflow.com/questions/28430479/using-google-chrome-remote-debugging-protocol",
"webSocketDebuggerUrl": "ws://localhost:9222/devtools/page/C014A09F-BD0A-40BA-B23C-7B18B84942CD"
}
]
Then I can use WebSocket to send messages for debugging a specific tab, using this URI. I also found this for using Jetty implementation of WebSocket: javax.websocket client simple example.