I am using a C# .NET 2.0 winform in 2010, I have added the ability for a user to log in and post comments. I copied the .NET developer guide in how to post comments but I am getting random but frequent exceptions when trying to post comments. At first I thought it might be because there is some issue with using a google e-mail instead of the youtube log in name, to get around this when a user succesfully logs in I request the profile, get the user name and create a new youtube settings class and give the appropriate credentials with the users profile name. This however hasn't resolved the issue, the comments still work sporadically. Here is the code that basically handles logging in.
youtubeService.setUserCredentials(userBox.Text, passwordBox.Text);
try
{
String strAuth = youtubeService.QueryClientLoginToken();
}
catch (Exception ex)
{
}
The above code is in a seperate form, the form that hosts the youtube video basically looks to see if this process has been completed and grabs the username, password used to log in and sets the new settings:
m_LoggedInSettings = new YouTubeRequestSettings(myappname, mydevkey, username, password);
m_LoggedInRequest = new YouTubeRequest(m_LoggedInSettings);
This then used to add a comment:
Comment userComment = new Comment();
userComment.Content = commentText;
m_LoggedInRequest.AddComment(youtubevideo, userComment);
When it fails I get the following:
{"Execution of request failed: https://gdata.youtube.com/feeds/api/videos/t-8K8Hj8bxE/comments"}
With the following info:
{"The remote server returned an error: (403) Forbidden."}
Status code:
System.Net.HttpStatusCode.Forbidden
Status description:
Forbidden
A few things come to mind, I do not have a proper log out that sends anything to youtube implimented at the minute (is this needed?), so it may be that I've logged in multiple times and that is somehow flagging on youtubes side? It could also be that I am essentially creating new settings and request objects that weren't used to get the video/comments and maybe the video taken from the normal settings file (with no log in) is giving problems or something like that? To be honest, I haven't got a clue what is wrong and any help would be greatly appriecated.
Okay, so I figured out that the reason they were erroring is because I was trying to post consecutive comments too fast, however I don't know what the timeout is for being able to post more comments.
Related
one of my old project/app was working fine for years, very recently client report that app does not working any longer due to API response issue.
it's just a get request to an API with some parameters..
till date (before issues occurs) it returns following response:
,,3,1669179307,0,
but recently it shows following response: (note nothing is changed in the source php/code files since project start)
<html><title>You are being redirected...</title>
<noscript>Javascript is required. Please enable javascript before you are allowed to see this page.</noscript>
<script>var s={},u,c,U,r,i,l=0,a,e=eval,w=String.fromCharCode,sucuri_cloudproxy_js='',S='bT0nP2RUNCcuc3Vic3RyKDMsIDEpICsgJycgKyAKJz9iVGYnLnN1YnN0cigzLCAxKSArICcnICsgCidIcExjJy5zdWJzdHIoMywgMSkgK1N0cmluZy5mcm9tQ2hhckNvZGUoNTYpICsgJ3FAYycuY2hhckF0KDIpKyAnJyArIAonNycgKyAgICcnICsgClN0cmluZy5mcm9tQ2hhckNvZGUoMHg2MykgKyAgJycgKycnKyIyc3VjdXIiLmNoYXJBdCgwKSsiYyIgKyAiNHNlYyIuc3Vic3RyKDAsMSkgKyAiZW0iLmNoYXJBdCgwKSArICAnJyArIAoiM2MiLmNoYXJBdCgwKSArICIiICtTdHJpbmcuZnJvbUNoYXJDb2RlKDk3KSArICJlIi5zbGljZSgwLDEpICsgICcnICsnZCcgKyAgJ0RiJy5zbGljZSgxLDIpKyAnJyArJycrJ3hJMScuY2hhckF0KDIpK1N0cmluZy5mcm9tQ2hhckNvZGUoMHgzMSkgKyAncTAwJy5jaGFyQXQoMikrU3RyaW5nLmZyb21DaGFyQ29kZSgweDYzKSArICIiICsnSHVIZScuc3Vic3RyKDMsIDEpICsiN3N1Ii5zbGljZSgwLDEpICsgIjhzdSIuc2xpY2UoMCwxKSArICdjJyArICAiZHN1Y3VyIi5jaGFyQXQoMCkrJ2EnICsgICIiICsiY3N1Y3VyIi5jaGFyQXQoMCkrImRzZWMiLnN1YnN0cigwLDEpICsgU3RyaW5nLmZyb21DaGFyQ29kZSg0OSkgKyAgJycgKyAKU3RyaW5nLmZyb21DaGFyQ29kZSgweDMzKSArICAnJyArJycrJ2QnICsgICAnJyArIAonMScgKyAgJyc7ZG9jdW1lbnQuY29va2llPSdzdXMnLmNoYXJBdCgyKSsndXN1YycuY2hhckF0KDApKyAnYycrJ3UnLmNoYXJBdCgwKSsncnN1Y3VyaScuY2hhckF0KDApICsgJ2knKycnKydzdWN1cmlfJy5jaGFyQXQoNikrJ2MnKycnKydsc3VjdXJpJy5jaGFyQXQoMCkgKyAnb3N1Jy5jaGFyQXQoMCkgKyd1JysnZHMnLmNoYXJBdCgwKSsnc3AnLmNoYXJBdCgxKSsncnN1Y3UnLmNoYXJBdCgwKSAgKydvJysneHN1Y3VyJy5jaGFyQXQoMCkrICd5Jysnc3VjdXJfJy5jaGFyQXQoNSkgKyAnc3V1Jy5jaGFyQXQoMikrJ3UnKydpJysnJysnZHN1Y3VyJy5jaGFyQXQoMCkrICdfc3UnLmNoYXJBdCgwKSArJzQnKycnKydzdWN1cmMnLmNoYXJBdCg1KSArICc2c3VjJy5jaGFyQXQoMCkrICcwc3VjdXInLmNoYXJBdCgwKSsgJ3N1Y3VyaTUnLmNoYXJBdCg2KSsnc3U0Jy5jaGFyQXQoMikrJ3N1Y3VyNCcuY2hhckF0KDUpICsgJ2YnKycyc3VjdXJpJy5jaGFyQXQoMCkgKyAiPSIgKyBtICsgJztwYXRoPS87bWF4LWFnZT04NjQwMCc7IGxvY2F0aW9uLnJlbG9hZCgpOw==';L=S.length;U=0;r='';var A='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';for(u=0;u<64;u++){s[A.charAt(u)]=u;}for(i=0;i<L;i++){c=s[S.charAt(i)];U=(U<<6)+c;l+=6;while(l>=8){((a=(U>>>(l-=8))&0xff)||(i<(L-2)))&&(r+=w(a));}}e(r);</script></html>
here is curl screenshot:
And here is the postman screenshot:
and when i check the URL in browser it shows the expected result, though when i check the devtool (network tab), it looks like page is loaded two times.. 1st one provide error (HTML/js) response (read marked) 2nd one provide the expected response (green marked), so, it looks like when it's called directly by curl/postman/c#... fails.. but as browser can do redirect it passed.
here is the browser screenshot:
i am sorry, i added several screenshot to give better idea what is happening.
and here is the URL in question:
https://simpleclienttracking.com/membershipmanager/remotelogvisit.php?locID=1&orgID=1&deptID=1&barcode=8346420
now my question, is how can i use the API code/file to get the direct response as i was getting earlier? do i need to pass any header? update/modify server htaccess file or what?
To test the error in deep, i have tried another URL from another hosting provider, in that case i am passing post request to an URL, and this server response slightly different thing, but looks like core is same, redirect!
here is the response from new/another server:
<script>document.cookie = "humans_21909=1"; document.location.reload(true)</script>
so, it's looks like hosting providers has applied some kind of security for direct URL access?
thanks in advance for any upcoming help
best regards
I am trying to setup a social login for my site.
Here is what I did:
I created credentials on google and have both ClientID and Secret
In default MVC app, in App_Start Startup.Auth.cs I uncommented
app.UseGoogleAuthentication()* method, so it looks like this:
Build solution!
Made sure authorized JavaScript origins and Redirect url are correct. And other things that are needed on console.cloud.google.com are done. Including activation of Google+ API
Eventually Google authentication button should appear in _ExternalLoginsListPartial partial view. But as I can see I have 0 login providers still. And not sure why, and what can I do about it?
var loginProviders = Context.GetOwinContext().Authentication.GetExternalAuthenticationTypes();
//loginProviders.Count() here returns 0
Tried researching, but most are saying that you forgot to build, or restart the server. Tried that but nothing changed.
As last resort, I tried following a tutorial https://youtu.be/WsRyvWvo4EI?t=9m47s
I did everything as shown there, I should be able to reach api/Account/ExternalLogins?returnUrl=%2F&generateState=true url, and receive callback URL from Google.
But I got stuck with same HTTP404 error at 9:50
To answer my question, everything turns out to be fine.
All I had to do was just to give it some time.
After couple of hours, Google provider appeared on the page.
For future readers - if met with 404 in this case, another possibility is an active filtering rule against query strings in IIS. One of the commonly copy-pasted rules aiming to block SQL injection requests scans the query string for open (to catch OPEN cursor). Your OAuth request probably contains this word in the scopes section (data you want to pull from the Google profile)
IIS -> Request Filtering
Switch to the tab "Rules"
Inspect and remove any suspicious active filters there
My app has permissions to "like" something on FB on a user's behalf. Using the Facebook C# SDK (5.4.1), here's what I wrote:
Facebook.FacebookClient fb = new Facebook.FacebookClient(AccessToken);
object o = fb.Get("1234567890_12345678901234567/likes");
dynamic parameters = new ExpandoObject();
dynamic success = fb.Post("1234567890_12345678901234567/likes", parameters);
The second line is superfluous and creates an unnecessary round-trip, as we're not interested in the other "likes" on the same object. However, without it, fb.Post fails and throws "The remote server returned an error: (400) Bad Request."
Is this a bug in the C# SDK, or a bug in the graph API, or is it by design?
Note that it's possible to POST to /comments without a previous GET.
Yes, it should be possible to do post commands without a get. Strangely enough, my like code with the 5.4.1 does not require the extra GET directly before the POST for doing a like. Maybe somewhere else in my app's flow I've already done some sort of GET via the API. However, I'm going to investigate my DELETE problem with me/permissions that I'm encountering (http://stackoverflow.com/questions/8598614/facebook-c-sharp-api-return-400-when-deauthorizing-app) and see if a get to the me/permissions first will help resolve that issue.
So I have created a custom token, based mostly from the MSDN example (http://msdn.microsoft.com/en-us/library/ms731872.aspx) but I can't seem to get it to work. I always get this error " security token with the 'Basic' attachment mode must be signed." in the logs. I have been over the code base several times and
A) obviously it compiles and runs
B) I can't see where the issue is.
The log message isn't all that helpful. I thought it might be something with the cert but I have beat that to death and created a couple different certs (one using server name set to localhost etc...).
A Google search for this turns up almost nothing.
Anyone got a clue what this is, or just tell me where I can maybe look? Like I said - I have been through this code many times, I see the authorization policy get created and all that good stuff, I can see the certificate is set, I just don't know where else to look, I really don't have any code to post, there are so many classes you have to implement. If someone has an idea of what maybe I can look at I will be happy to post that particular class / code snippet.
Thanks
See here: http://social.msdn.microsoft.com/forums/en-us/wcf/thread/F822CCB9-A8A1-474F-87AF-E5CD9EC34494
... wasn't copying the "id" property of the security token correctly.
This was causing a new ID to get created for the security token on the server, which no longer matched the security signature data, and so the message would be rejected.
In your implementation of your custom WSSecurityTokenSerializer to serialize your security token, you probably aren't copying the Id property of the token. The ID needs to match from the client to the server.
A common mistake (one that I'm sure I've made too) is to just id = Guid.NewGuid().ToString() in the constructor. That is fine for its initial creation on the clinet, but when it deserializes on the server, it needs to use the same ID from the client, not a new guid again.
I want to create a small windows application will go automatically every time period to my site and check if its running fine, if it found it down, not working or have an error "Examples: 404, network error, connection to db failed" it will show a message on my screen.
How can i know that there is an error there programmaticly using any .NET language?
It's pretty easy to do with a WebClient. It would look something like this:
WebClient client = new WebClient();
try
{
string response =
client.DownloadString("http://www.example.com/tester.cgi");
// We at least got the file back from the server
// You could optionally look at the contents of the file
// for additional error indicators
if (response.Contains("ERROR: Something"))
{
// Handle
}
}
catch (WebException ex)
{
// We couldn't get the file.
// ... handle, depending on the ex
//
// For example, by looking at ex.Status:
switch (ex.Status)
{
case WebExceptionStatus.NameResolutionFailure:
// ...
break;
// ...
}
}
You could hook that up to a Timer's Tick event or something to periodically make the check.
Why bother? You can get a much better solution for cheap from a provider like RedAlert
The nice thing about this is:
1) It tests your site from outside your firewall, so it can detect a wider variety of problems.
2) It is an impartial 3rd party so you can prove uptime if you need to for an SLA.
3) For a small premium you can have the thing try and diagnose the problems.
4) It can page or e-mail you when there is a problem.
5) You don't need to commission a new server.
Geez, I sound like an ad for the guys, but I promise I don't work for them or get a kickback. I have just been happy with the service for our servers.
BTW: I checked pricing and it is about $20 per site/month. So you could probably pay for a year of the service in less time than it will take to build it yourself.
Wanting to perform the same functionality I first looked into third party solutions. One particular service that is free and has been fairly accurate is MonitorUs.
If, however, you are wanting to build your own then I would have one recommendation. Consider using a Head request instead of a get request:
The HEAD method is identical to GET
except that the server MUST NOT return
a message-body in the response. The
metainformation contained in the HTTP
headers in response to a HEAD request
SHOULD be identical to the information
sent in response to a GET request.
This method can be used for obtaining
metainformation about the entity
implied by the request without
transferring the entity-body itself.
This method is often used for testing
hypertext links for validity,
accessibility, and recent
modification. w3.org
Here's a link to Peter Bromberg's article that explains how to perform a Head request in C#.
Use the System.Net.WebClient object. It's easier to use than HttpWebRequest. It has a "DownloadString" method that will download the contents of a URL into a string. That method may also throw a WebException error if the server returns a 500. For other errors you can parse the string and look for key words.
Use HttpWebRequest, and wrap it in a try catch for WebException. The error code in the exception object will give you the code. 404, etc. If it is 500, you could print the message.
If you do this, create a special page that exercises any special subsystems, like the data base, file IO, etc, and serves up the results in plain text, not html. This will allow you to parse the returned data easier, and will also catch things like DB or IO problems that may not give you a 404 or 500 HTTP error.
Try Adventnet's Application Manager (http://www.manageengine.com/products/applications_manager/), it is free for 5 monitors, and provides excellent monitoring capabilities
You could configure the actions that can be done in case of a failure like send email etc.
If you'd prefer to get email/SMS when your sites are down, try the Are My Sites Up web-based solution.