Comments (13)
@imsourya
You shouldn't be changing the implementation like that, but set the NODE_TLS_REJECT_UNAUTHORIZED=0
environment variable before starting the library.
from cors-anywhere.
Could you paste an example of the request: URL, headers, request payload (POST data)?
from cors-anywhere.
Sure.. Here is an image of the header response:
I'm running my app on Blackberry Z10, the image capture is from the web inpector and the response is this: "Not found because of proxy error: Error: CERT_HAS_EXPIRED".
The URL requestet its working, I test the same request on a RESTClient on firefox and work OK.
Thanks in advance!
from cors-anywhere.
In a copy-pasteable format, please.
from cors-anywhere.
Sorry, here:
Request URL:https://cors-anywhere.herokuapp.com/https://qa.sisa.msal.gov.ar/sisaqa/services/rest/seguridad/autenticar
Request Method:POST
Status Code:404 Not Found
Request Headers
Accept:/
Accept-Language:es-ES,es;q=0.8
Access-Control-Allow-Origin:*
Content-Type:application/json
Origin:local://
User-Agent:Mozilla/5.0 (BB10; Touch) AppleWebKit/537.35+ (KHTML, like Gecko) Version/10.2.1.1925 Mobile Safari/537.35+
X-Requested-With:XMLHttpRequest
Request payload
{"credenciales":{"usuario":"uutn","clave":"12345"}}
Response Headers
Access-Control-Allow-Origin:*
Connection:keep-alive
Date:Mon, 24 Nov 2014 20:54:29 GMT
Server:Cowboy
Transfer-Encoding:chunked
Via:1.1 vegur
from cors-anywhere.
The error appears to be correct. The server's certificate has been expired (on 2014-01-17 13:07:54 GMT). Below is what I get if I make a request with curl (and the --insecure
flag to ignore certificate errors).
This is not an issue with cors-anywhere, the target server should be configured correctly (update the SSL certificate).
$ curl https://qa.sisa.msal.gov.ar/sisaqa/services/rest/seguridad/autenticar -X POST -H 'Accept:*/*' -H 'Accept-Language:es-ES,es;q=0.8' -H 'Access-Control-Allow-Origin:*' -H 'Content-Type:application/json' -H 'Origin:local://' -H 'User-Agent:Mozilla/5.0 (BB10; Touch) AppleWebKit/537.35+ (KHTML, like Gecko) Version/10.2.1.1925 Mobile Safari/537.35+' -H 'X-Requested-With:XMLHttpRequest' -d '{"credenciales":{"usuario":"uutn","clave":"12345"}}' -H 'Content-Length: 51' -vvv --insecure
* Hostname was NOT found in DNS cache
* Trying 190.220.135.83...
* Connected to qa.sisa.msal.gov.ar (190.220.135.83) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using TLSv1.0 / DHE-RSA-AES256-SHA
* Server certificate:
* subject: C=AR; ST=Buenos Aires; L=CABA; O=SISA; CN=*.sisa.msal.gov.ar
* start date: 2011-03-30 13:07:54 GMT
* expire date: 2014-01-17 13:07:54 GMT
* issuer: C=AR; ST=Buenos Aires; L=CABA; O=SISA; CN=*.sisa.msal.gov.ar
* SSL certificate verify result: self signed certificate (18), continuing anyway.
> POST /sisaqa/services/rest/seguridad/autenticar HTTP/1.1
> Host: qa.sisa.msal.gov.ar
> Accept:*/*
> Accept-Language:es-ES,es;q=0.8
> Access-Control-Allow-Origin:*
> Content-Type:application/json
> Origin:local://
> User-Agent:Mozilla/5.0 (BB10; Touch) AppleWebKit/537.35+ (KHTML, like Gecko) Version/10.2.1.1925 Mobile Safari/537.35+
> X-Requested-With:XMLHttpRequest
> Content-Length: 51
>
* upload completely sent off: 51 out of 51 bytes
< HTTP/1.1 200 OK
< Date: Mon, 24 Nov 2014 21:02:00 GMT
< Content-Type: application/octet-stream
< Content-Length: 58
< Connection: close
<
* Closing connection 0
* SSLv3, TLS alert, Client hello (1):
{"estado":"ERROR_AUTENTICACION : Error de autenticacion!"}
from cors-anywhere.
Thanks for the quick response!!!
So is there any way to skip this kind of error? I'm not able to configure the server....
Anyway, thanks again!
from cors-anywhere.
You could put an instance of cors-anywhere on an own server (e.g. using Heroku, see README.md in this repository for more information), and add the following environment variable: NODE_TLS_REJECT_UNAUTHORIZED=0
to ignore certificate errors. Note: This option defeats the purpose of https.
E.g. after setting up a Heroku instance, run the following command:
heroku config:set NODE_TLS_REJECT_UNAUTHORIZED=0
from cors-anywhere.
Thanks!
from cors-anywhere.
im having the same error but i dont understand where do i need to insert this in the server code "NODE_TLS_REJECT_UNAUTHORIZED=0"
from cors-anywhere.
i have the same problem in vps, i am using jquery for call external API but get the same error, how i can fix it?
from cors-anywhere.
I was trying from browser and getting this => Error: unable to get local issuer certificate
I solved this issue by just one change in the cor-anywhere code
in file cors-anywhere.js at line 418 Just change the line
process.env.NODE_TLS_REJECT_UNAUTHORIZED !== '0',
to
process.env.NODE_TLS_REJECT_UNAUTHORIZED == '0',
It worked!
from cors-anywhere.
@imsourya You shouldn't be changing the implementation like that, but set the
NODE_TLS_REJECT_UNAUTHORIZED=0
environment variable before starting the library.
Yes @Rob--W , You are right, We shouldn't change the code, Actually I was facing problem in setting environment variable in windows system so tried using this.
from cors-anywhere.
Related Issues (20)
- Does not work in Deno (TypeError on every request) HOT 1
- 400 Bad Request HOT 1
- Update HTTP-Proxy to 1.18.1 to resolve https://github.com/advisories/GHSA-6x33-pw7p-hmpq HOT 1
- Redirects ruining GET parameters using axios HOT 2
- how to block specific final link not origin
- cors-anywhere doesn't work with youtube m3u8 files HOT 1
- Error creating app on Heroku website HOT 2
- API domain name resolution problem HOT 1
- performance problem, cors-anywhere doesn't use outbound HTTP keep-alive HOT 1
- s anywhere
- Question about whitelisting HOT 1
- getting an Uncaught (in promise) SyntaxError HOT 1
- Authorization error HOT 1
- Whitelisting subdomain doesn't work as expected
- see the CI test #271 #273
- cors anywhere not working on vercel HOT 1
- add option to add auth header for sites like reddit HOT 1
- Siteye kurulum
- live radio use case: Missing required request header. Must specify one of: origin,x-requested-with HOT 4
- Not found because of proxy error: AggregateError
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cors-anywhere.