• Recent
    • Tags
    • Popular
    • Register
    • Login

    Please Note This forum exists for community support for the Mango product family and the Radix IoT Platform. Although Radix IoT employees participate in this forum from time to time, there is no guarantee of a response to anything posted here, nor can Radix IoT, LLC guarantee the accuracy of any information expressed or conveyed. Specific project questions from customers with active support contracts are asked to send requests to support@radixiot.com.

    Radix IoT Website Mango 3 Documentation Website Mango 4 Documentation Website Mango 5 Documentation Website

    Did HTTP receiver changed from V2.8.6 ?

    Scheduled Pinned Locked Moved User help
    10 Posts 3 Posters 2.5k Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • philgdepP Offline
      philgdep
      last edited by

      Good day,

      I'm checking the new V3 and i can't receive HTTP POST from an other device with http receiver.

      The exact same setting is working with core 2.8.6.

      basically i'm trying to send http post from Node-Red.
      with the following code;

      msg.payload = "testpara=22";
msg.headers = {'content-type':'application/x-www-form-urlencoded'};
return msg;

      trough the http request node in POST on the mango server address.

      I receive it in Mango 2.8.6 but not in 3.0.1. with the receivers set up in the exact same settings.
      In 2.8.6 :0_1493370809118_Screen Shot 2017-04-28 at 11.10.59.png

      In 3.0.1 it doesn't receive anything.

      Any clue ?

      philgdepP 1 Reply Last reply Reply Quote 0
      • philgdepP Offline
        philgdep @philgdep
        last edited by

        I have this message in the console :

        WARN  2017-04-28T14:54:02,077 (com.serotonin.m2m2.web.mvc.spring.security.MangoAccessDeniedHandler.handle:54) - Denying access to Mango resource 
org.springframework.security.web.csrf.MissingCsrfTokenException: Could not verify the provided CSRF token because your session was not found.
	at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:114) [spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.7.RELEASE.jar:4.3.7.RELEASE]
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) [spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
	at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:66) [spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.7.RELEASE.jar:4.3.7.RELEASE]
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) [spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) [spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) [spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
	at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56) [spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.7.RELEASE.jar:4.3.7.RELEASE]
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) [spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
	at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214) [spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177) [spring-security-web-4.1.1.RELEASE.jar:4.1.1.RELEASE]
	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) [spring-web-4.3.7.RELEASE.jar:4.3.7.RELEASE]
	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262) [spring-web-4.3.7.RELEASE.jar:4.3.7.RELEASE]
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668) [jetty-servlet-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:581) [jetty-servlet-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) [jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548) [jetty-security-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226) [jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180) [jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511) [jetty-servlet-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) [jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112) [jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) [jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213) [jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134) [jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.server.Server.handle(Server.java:524) [jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:319) [jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:253) [jetty-server-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:273) [jetty-io-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95) [jetty-io-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93) [jetty-io-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303) [jetty-util-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148) [jetty-util-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136) [jetty-util-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671) [jetty-util-9.3.11.v20160721.jar:9.3.11.v20160721]
	at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589) [jetty-util-9.3.11.v20160721.jar:9.3.11.v20160721]
	at java.lang.Thread.run(Thread.java:745) [?:1.8.0_121]
        1 Reply Last reply Reply Quote 0
        • phildunlapP Offline
          phildunlap
          last edited by phildunlap

          Hi philgdep,

          Can you share how you're trying to publish data to it? I just confirmed it's working fine, and the CSRF message is not related (it's not happening every time you attempt to publish, is it? If so, I wonder if you're publishing to http://ip:port/httpds). Are you using the alias 'localhost' for your server? If so, it's possible IPv6 is being resolved. The whitelists don't currently support IPv6, so if the incoming IP is ::1 it will get denied.

          Here's some text I was able to get a value from using nc 127.0.0.1 80 < httpPub.txt

          GET /httpds?brown=8.905449871164275%4020170428091914 HTTP/1.1
User-Agent: Mango M2M2 HTTP Sender publisher
Host: localhost:8088
Connection: Keep-Alive
Accept-Encoding: gzip,deflate

          Gotten by a nc -l 8088 and pointing the publisher at that port/httpds so some of the details (like the host header or user agent) aren't exactly correct (User-agent netcat!), but it works.

          1 Reply Last reply Reply Quote 0
          • phildunlapP Offline
            phildunlap
            last edited by

            Nevermind. I have attempted the same exercise with Post and encountered this issue. It's related to some security enhancements. I will work to get this resolved as quickly as possible.

            1 Reply Last reply Reply Quote 0
            • phildunlapP Offline
              phildunlap
              last edited by

              Hi Philgdep,

              I have emailed you a fix if you need it right this moment. We will be updating this in the store download soon.

              philgdepP 1 Reply Last reply Reply Quote 0
              • philgdepP Offline
                philgdep @phildunlap
                last edited by

                @phildunlap Thanks a lot ! its working now. You guys are very efficient!

                The fix you sent me will be ok or the later store version will be better ? Just to know if I have to delete de override file later?

                best,

                1 Reply Last reply Reply Quote 0
                • phildunlapP Offline
                  phildunlap
                  last edited by phildunlap

                  Thanks! We try!

                  It's always better not to use overridden classes, but we like to enable people to resume whatever they were doing when they discovered an issue as quickly as possible, but it does make a moment more of work during an upgrade. You'll definitely need to delete the overrides when updating.

                  1 Reply Last reply Reply Quote 0
                  • ricardoR Offline
                    ricardo
                    last edited by

                    @phildunlap What is the fix here? I am trying with 3.4.4 using HTTP JSON receiver listener and I am seeing the same error.

                    1 Reply Last reply Reply Quote 0
                    • phildunlapP Offline
                      phildunlap
                      last edited by

                      I believe the fix was creating an exclusion such that no XSRF was required on the http://host:port/httpds URL Shouldn't really be possible still. Do you have any details about how it's being caused?

                      For instance, i was able to post this message from a publisher to a receiver, and receive the value in an alphanumeric point with the HTTP parameter name on thE JSON receiver set to /p1

                      POST /httpds HTTP/1.1
User-Agent: Mango M2M2 HTTP Sender publisher
Content-Type: application/json
Content-Length: 49
Host: 192.168.2.12:8888
Connection: Keep-Alive
Expect: 100-continue
Accept-Encoding: gzip,deflate

{
  "p1" : "52.81569485688922@20180625082854"
}

                      My receiver was on 3.4.4

                      1 Reply Last reply Reply Quote 0
                      • ricardoR Offline
                        ricardo
                        last edited by

                        Got it thanks.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post