WebSite X5Help Center

 
Andy W.
Andy W.
User

Android App Error  en

Autor: Andy W.
Besucht 859, Followers 1, Geteilt 0  

Are there any known issues with the Android app?

After selecting a website from the list, the following is displayed:

The web page at https://[domain]/admin/login.php?token=[key] could not be loaded because:

Net::ERR_BLOCKED_BY_RESPONSE

However, I am getting notifications from all of my projects on my device. o_0

I am using Android 12 on Samsung Galaxy S21 5G (Kernel 5.4.147).

Gepostet am
14 ANTWORTEN - 4 NüTZLICH - 1 KORREKT
Aleksej H.
Aleksej H.
Moderator

Hello. I sent a notification about your question to the company employees, expect an answer from them here in the comments.

Mehr lesen
Gepostet am von Aleksej H.
Andy W.
Andy W.
User
Autor

Hi, and thank you Aleksej.

I have since tried the app with Android 10 on Samsung Galaxy A9 (K. 4.4.205) also, but got the same error. This makes me think that something on my end is blocking it, but I have no idea what or where to start looking.

Previously, my gateway server was just redirecting website traffic to a specific port. I have changed this configuration now so that the gateway server is acting as a reverse proxy to the web server. I have performed further tests on the device by switching from WiFi to Mobile Data, with & without VPN. But the error has persisted throughout.

I figure the best place to start is with other users experience of the Android app, and whether their app works or not. Especially as Italy has a holiday at the moment.

If inclined, staff can investigate this issue using my test site and credentials supplied in my other thread: https://helpcenter.websitex5.com/de/post/252358

Mehr lesen
Gepostet am von Andy W.
Martin P.
Martin P.
User

Hi Andy,

did you tried to make an APP connection over your mobile phone carrier and not over WLAN?

In my case it worked, because the internet provider had some troubles... cool

Mehr lesen
Gepostet am von Martin P.
Andy W.
Andy W.
User
Autor

Hi Martin, and thanks for taking the time to post.

However, “I have performed further tests on the device by switching from WiFi to Mobile Data, with & without VPN. But the error has persisted throughout.”

May I ask if you use WX5 hosting, or a 3rd-party provider? If you have a working Android app, it would also be useful to know which versions of WX5 & WX5 Android App you are currently using.

Again, thank you greatly.

Mehr lesen
Gepostet am von Andy W.
Martin P.
Martin P.
User

Hi Andy,

my Android App Version is 1.7.14 and I have two websites at two different 3rd party providers. The US site works only with mobile data, due to some DNS locks at the German provider (but that is a different story), the other works in all data modes. But in my opinion, your Error Message is somehow related to restriction of the server configuration itself. I don't know, if you are using some filters in the .htaccess file, to block all those hacking attempts, but login.php is one of their favorites for trying to get admin access. If that is the case, you even won't get access to the admin panel over the browser interface. But if that is working, please try to scan the barcode in the admin panel (browser window) to add an automatic entry in the smartphone App.

Mehr lesen
Gepostet am von Martin P.
Andy W.
Andy W.
User
Autor

Thank you for the info Martin, it helps.

I haven’t personally done anything regarding htaccess file. I will do some digging on the topic tomorrow.

I do have Snort installed and running, which I’ve have very little experience with.

The admin pages are indeed accessible, and I have not had issues via web access at all.

All projects were added to the app via QR codes. And, I had previously manually added sites before reconfiguring ports & moving access to the reverse proxy.

It baffles me how I get notifications from the app, but I can’t do anything else lol.

Thank you ever-so much for your time Martin. Appreciated!

Mehr lesen
Gepostet am von Andy W.
Andy W.
Andy W.
User
Autor

I have had a poke-around the internet this morning regarding htaccess. From what I have read, htaccess is mainly for Apache web servers, and not even officially supported by (my) Nginx. Therefore, I can confirm that htaccess has not been implemented here.

Since my gateway server is IIS, I figured I should search for any relationship between IIS and htaccess. The information that came back mostly talked about URL Rewrite, which I am using (now).

As stated above; before, I was using IIS Redirect to forward requests to ‘https://[domain]:[port]’ I recently changed this, and now I use IIS URL Rewrite to 1) send HTTP requests to HTTPS, and 2) forward inbound requests to my Nginx web server internally via reverse proxy.

This issue has persisted throughout. Could it be that my gateway isn’t handling the requests from the WX5 app properly and needs some special configuration?

Again, I am getting notifications from the app, which makes no sense to me. And, the /admin section of the website(s) is available via browser.

Mehr lesen
Gepostet am von Andy W.
Martin P.
Martin P.
User

Hi Andy,

I am sorry, but I am not an expert in IIS. On the other hand, if the web browser admin panel works over your gateway configuration, it means for me that web server, php scripts etc. are not the source of the error. Do you have a chance to make an extended IIS log and filter only for the port and/or the smartphone IP? Otherwise it seems to be challenging to track down the issue.

Mehr lesen
Gepostet am von Martin P.
Andy W.
Andy W.
User
Autor

I agree, and believe the issue is caused by the web server config. But I am shooting in the dark at the moment lol.

I’m just investigating the option: add_header X-Frame-Options "SAMEORIGIN"; (nginx/php on the web server)

If the app wants to load data in a frame/iframe, then this option might be blocking the request.

Since the only real options are SAMEORIGIN or DENY, I’m not sure. ALLOW-FROM is not recommended and considered obsolete.

I’ll keep searching, and resort to trawling the various logs before the end of the day if I’m not getting anywhere.

Thanks again Martin.

Mehr lesen
Gepostet am von Andy W.
Andy W.
Andy W.
User
Autor

I thought I'd just quickly take a look at the nginx error.log...

2022/08/16 11:44:10 [error] 51696#51696: *1454 FastCGI sent in stderr: "PHP message: PHP Warning:  Undefined array key "email" in /var/www/[CENSORED DIR]/res/x5engine.php on line 8157PHP message: PHP Warning:  Undefined array key "column" in /var/www/[CENSORED DIR]/res/x5engine.php on line 6548" while reading response header from upstream, client: [CENSORED GATEWAY IP], server: [CENSORED DOMAIN], request: "GET /admin/login.php?token=[CENSORED KEY] HTTP/1.1", upstream: "fastcgi://unix:/run/php/php8.0-fpm.sock:", host: "[CENSORED DOMAIN]"

Now to figure out my next move lol

Mehr lesen
Gepostet am von Andy W.
Andy W.
Andy W.
User
Autor

Apparently, ‘Undefined array key’ can be caused by missing ‘assignment operator’ in the code. Namely: ‘ = ’.

This makes me now think that it’s a php language issue.

If you are reading this Martin, could you please tell me which PHP version your hosting provider is using? 8.1 wouldn’t work for me, so based on advice from Incomedia, I have downgraded to PHP 8.0.22 (which I was lead to believe is fully supported).

Mehr lesen
Gepostet am von Andy W.
Incomedia
Stefano G.
Incomedia

Hello Andy

I can confirm that if you're still having the issue:

"Net::ERR_BLOCKED_BY_RESPONSE"

This is due to the hosting configuration. In order for the App to work, the hosting server must be configured to allow your website to be displayed inside something called "iframe". If it isn't allowed, this error will appear

In order to solve this though, you mandatorily need to consult your hosting provider since this is something that is configured by them

Let me know what I reported here and keep me updated on what they say

Thank you

Stefano

Mehr lesen
Gepostet am von Stefano G.
Andy W.
Andy W.
User
Autor

Hi Stefano, I hope you enjoyed your day off yesterday!

I just installed php7.1-fpm and was about to configure it for further testing.

But, if what you say is true, then I need to turn my attention back to ‘Header set X-Frame-Options’ (currently set to "SAMEORIGIN"). I’ll be assuming that this needs to be “ALLOW-FROM [gateway server]”.

I’ll complete the php7.1 configuration since I’m halfway there already, then I need to research the implications of using ALLOW-FROM X-frame option.

I’ll be back!

Thank you.

Mehr lesen
Gepostet am von Andy W.
Andy W.
Andy W.
User
Autor

I can confirm that it was indeed ‘X-Frame-Options’ interfering with the Android app.

I will have to do some more digging around tomorrow, because I was unable to get ‘Content-Security-Policy’ setup correctly. But I’m almost there!

Thanks guys, you’re awesome.

Mehr lesen
Gepostet am von Andy W.