Activities of "jogoertzen"
I am currently attempting to deploy v4.3.3 of the microservice template to OpenShift, and I realized that I had yet to properly configure the internal gateway routes (ie. it was still using the default configuration which points to various ports on localhost), but the overall application still seems to work fine. I even scaled the internal gateway deployment down to 0 pods and I still can't find anything that breaks as a result. The only thing I can find that even looks like it should talk to the internal gateway is the administration service which has the following default configuration pointing to 44302 (ie. the internal gateway port), but it would seem that the administration service doesn't use it.
// services\administration\src\MyProject.AdministrationService.HttpApi.Host\appsettings.json
{
"RemoteServices": {
"Default": {
"BaseUrl": "https://localhost:44302/",
"UseCurrentAccessToken": "false"
}
}
}
Am I missing something here? Does the internal gateway play a role at all in the microservice template? Thanks!
- ABP Framework version: v4.3.3
- UI type: Angular
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): yes
- Exception message and stack trace: N/A
- Steps to reproduce the issue:" N/A
Hi Albert,
Judging by the responses to the issue you created, it looks like upgrading to tui.editor v2.x is the recommended way to resolve this issue.
Is this something that can be done?
- ABP Framework version: v4.3.3
- UI type: Angular
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): yes
- Exception message and stack trace:
There is no exception message, but the auth-server logs contain the following information that seems to indicate that the user is not authorized to access /api/account/profile-picture.
[auth-server_f3e6eab0-2]: [14:36:07 INF] Request starting HTTP/1.1 POST https://localhost:44322/api/account/profile-picture application/json 822772
[auth-server_f3e6eab0-2]: [14:36:07 INF] CORS policy execution successful.
[auth-server_f3e6eab0-2]: [14:36:07 DBG] CORS request made for path: /api/account/profile-picture from origin: http://localhost:4200 but was ignored because path was not for an allowed IdentityServer CORS endpoint
[auth-server_f3e6eab0-2]: [14:36:07 INF] No CORS policy found for the specified request.
[auth-server_f3e6eab0-2]: [14:36:07 INF] Authorization failed. These requirements were not met:
[auth-server_f3e6eab0-2]: DenyAnonymousAuthorizationRequirement: Requires an authenticated user.
[auth-server_f3e6eab0-2]: [14:36:07 INF] AuthenticationScheme: Identity.Application was challenged.
[auth-server_f3e6eab0-2]: [14:36:07 INF] Request finished HTTP/1.1 POST https://localhost:44322/api/account/profile-picture application/json 822772 - 302 0 - 8.0785ms
- Steps to reproduce the issue:
- Generate a new microservice solution via abp suite v4.3.3 with the options below
- Run
out\MyProject\etc\docker\up.ps1 - Run
tye runinout\MyProject - Open Chrome browser on
http://localhost:4200 - Login as
admin/1q2w3E* - Click
admin>Manage your profile>Profile picture>Upload File>Choose File> Pick an image file >Save Changes>Yes - Observe error below
Note: The Microsoft.EntityFrameworkCore.Tools package was recently upgraded to 5.0.8 which seemed to cause version conflicts with 5.0.7 during the build. I worked around the issue by downgrading to 5.0.7 and editing any .csproj files that contained version 5.0.* and replaced them with 5.0.7 explicitly.
They were also able to provide a screenshot from the paloalto Threat Vault. :)
They gave me this: https://nvd.nist.gov/vuln/detail/CVE-2010-1812
Thanks, albert.
I reached out to our firewall team to see if they can provide the report you requested.
Running this command...
abp new Foo -t app-pro
...results in this error.
[14:59:07 INF] ABP CLI (https://abp.io)
[14:59:08 INF] Version 4.3.3 (Stable)
[14:59:09 INF] Creating your project...
[14:59:09 INF] Project name: Foo
[14:59:09 INF] Template: app-pro
[14:59:09 INF] Output folder: C:\Users\jogoertzen\temp1
[14:59:11 INF] Downloading template: app-pro, version: 4.3.3
Error occured while downloading source-code from https://abp.io/api/download/template/ :
Error while copying content to a stream.
[14:59:43 ERR] Error while copying content to a stream.
System.Net.Http.HttpRequestException: Error while copying content to a stream.
---> System.IO.IOException: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host..
---> System.Net.Sockets.SocketException (10054): An existing connection was forcibly closed by the remote host.
--- End of inner exception stack trace ---
at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error, CancellationToken cancellationToken)
at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.GetResult(Int16 token)
at System.Net.Security.SslStream.ReadAsyncInternal[TIOAdapter](TIOAdapter adapter, Memory`1 buffer)
at System.Net.Http.HttpConnection.FillAsync(Boolean async)
at System.Net.Http.HttpConnection.CopyToContentLengthAsync(Stream destination, Boolean async, UInt64 length, Int32 bufferSize, CancellationToken cancellationToken)
at System.Net.Http.HttpConnection.ContentLengthReadStream.CompleteCopyToAsync(Task copyTask, CancellationToken cancellationToken)
at System.Net.Http.HttpConnectionResponseContent.SerializeToStreamAsync(Stream stream, TransportContext context, CancellationToken cancellationToken)
at System.Net.Http.HttpContent.LoadIntoBufferAsyncCore(Task serializeToStreamTask, MemoryStream tempBuffer)
--- End of inner exception stack trace ---
at System.Net.Http.HttpContent.LoadIntoBufferAsyncCore(Task serializeToStreamTask, MemoryStream tempBuffer)
at System.Net.Http.HttpClient.SendAsyncCore(HttpRequestMessage request, HttpCompletionOption completionOption, Boolean async, Boolean emitTelemetryStartStop, CancellationToken cancellationToken)
at Volo.Abp.Cli.ProjectBuilding.AbpIoSourceCodeStore.DownloadSourceCodeContentAsync(SourceCodeDownloadInputDto input) in D:\ci\Jenkins\workspace\abp-framework-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\ProjectBuilding\AbpIoSourceCodeStore.cs:line 208
at Volo.Abp.Cli.ProjectBuilding.AbpIoSourceCodeStore.GetAsync(String name, String type, String version, String templateSource, Boolean includePreReleases) in D:\ci\Jenkins\workspace\abp-framework-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\ProjectBuilding\AbpIoSourceCodeStore.cs:line 112
at Volo.Abp.Cli.ProjectBuilding.TemplateProjectBuilder.BuildAsync(ProjectBuildArgs args) in D:\ci\Jenkins\workspace\abp-framework-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\ProjectBuilding\TemplateProjectBuilder.cs:line 56
at Volo.Abp.Cli.Commands.NewCommand.ExecuteAsync(CommandLineArgs commandLineArgs) in D:\ci\Jenkins\workspace\abp-framework-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\Commands\NewCommand.cs:line 192
at Volo.Abp.Cli.CliService.RunAsync(String[] args) in D:\ci\Jenkins\workspace\abp-framework-release\abp\framework\src\Volo.Abp.Cli.Core\Volo\Abp\Cli\CliService.cs:line 59
It turns out our firewall is blocking the download due to a high severity vulnerability in the file tui-editor-Editor-full.js called Apple Safari WebKit Selections Use-After-Free Vulnerability.
I have a few questions.
- Are you aware of this?
- Is there anything you can do to fix it?
- Is there anything we can do to work around it?
I have yet to find much information regarding this vulnerability, so any information you can provide would be appreciated.
Thanks!
Is there a way to generate a dependency graph of all AbpModules that appear in an DependsOn attributes throughout the solution?
For example, I can look at the direct dependencies of a particular module rather easily.
And I can drill down into any one of those modules as well.
But I was hoping there was a way to show the entire hierarchy of modules that are actually used in all the projects in a solution all at once.
Something like this would be nice.
Thanks.