HTTP action problem #410
-
Hi, First, thanks for making and maintaining such a fantastic resource. I work in Assistive Technology and Asterics Grid will be very useful for my clients. I'm trying to use an HTTP action in a cell to communicate with a local network device to assist in controlling a client's environment. I can run the HTTP GET command ( http://192.168.0.200:5000/localapi) in a browser (Safari or Chrome) no problem, but when I try the same from within Asterics Grid HTTP action in either browser I get an error 'HTTP action Failed! Reason: TypeError :Load Failed' I think this is to do with security settings in the browser as, if I alter site settings for grid.asterics.eu/xxxxxxxx in Chrome to allow 'insecure content', the HTTP action will work from within the grid cell. Apart from this not feeling like a great solution, the problem I have is that I don't seem to be able to alter the site settings in Chrome on an iPad, which is where I need to use the Grid. Does anyone have any ideas how I can solve this? thanks for reading |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 7 replies
-
Hi, When AsTeRICS Grid wants to send an http request to a program running on the localhost (the same machine as the one running the grid.asterics.eu application) then this is no problem. For all other IP addresses within your local network (e.g. the IP address of your Smart TV) this is only possible if the https server on the device was implemented to allow such a request. (The http server must send a response with a header 'Access-Control-Allow-Origin'). If it does so, it should be possible to do the HTTP action without a problem. If the request is done to a URL without SSL encryption e.g. http (not https) from within https://grid.asterics.eu, then we are talking about a mixed-content access, which is also not allowed by default. Then you have to allow mixed content for this requested URL, see the manual to allow mixed content. Unfortunately, it really seems that on an iPad you cannot allow the mixed content. SolutionsSolution 1: Other platformUse another platform like
Solution 2: CORS proxy serverIf you cannot switch the platform AsTeRICS Grid is running on, you could run a CORS server. Then it would be possible to use a special URL that redirects your request to the target device you want to remote control, e.g. In AsTeRICS Grid you would then simply use that URL in the HTTP action e.g. On an iPad, you could also try to run that nodejs program within the app Nodejs Lab. But I have never tried it. Before you run the program, ensure to open the file var cors_api_url = 'https://cors-anywhere.herokuapp.com/'; to var cors_api_url = 'http://localhost:8080/'; Maybe there is also a CORS proxy app for iPad, but I could not find one. But if you are not a developer, I would suggest Solution 1. |
Beta Was this translation helpful? Give feedback.
Hello,
The reason is, that it opens a new browser tab and opens the URL just like a user that would insert the URL in a separate tab. It's not some javascript that's doing the request in the background, so no security policies apply. For the background javascript the security measures are preventing "mixed content", so HTTP and HTTPS content on the same page.
I think I've found a possible solution:
I've hosted the same AsTeRICS…