Android App Error
Autor: Andy W.
Visitado 865,
Seguidores 1,
Compartilhado 0
Are there any known issues with the Android app?
After selecting a website from the list, the following is displayed:
The web page at https://[domain]/admin/login.php?token=[key] could not be loaded because:
Net::ERR_BLOCKED_BY_RESPONSE
However, I am getting notifications from all of my projects on my device. o_0
I am using Android 12 on Samsung Galaxy S21 5G (Kernel 5.4.147).
Publicado em
Hello. I sent a notification about your question to the company employees, expect an answer from them here in the comments.
Autor
Hi, and thank you Aleksej.
I have since tried the app with Android 10 on Samsung Galaxy A9 (K. 4.4.205) also, but got the same error. This makes me think that something on my end is blocking it, but I have no idea what or where to start looking.
Previously, my gateway server was just redirecting website traffic to a specific port. I have changed this configuration now so that the gateway server is acting as a reverse proxy to the web server. I have performed further tests on the device by switching from WiFi to Mobile Data, with & without VPN. But the error has persisted throughout.
I figure the best place to start is with other users experience of the Android app, and whether their app works or not. Especially as Italy has a holiday at the moment.
If inclined, staff can investigate this issue using my test site and credentials supplied in my other thread: https://helpcenter.websitex5.com/pt/post/252358
Hi Andy,
did you tried to make an APP connection over your mobile phone carrier and not over WLAN?
In my case it worked, because the internet provider had some troubles...
Autor
Hi Martin, and thanks for taking the time to post.
However, “I have performed further tests on the device by switching from WiFi to Mobile Data, with & without VPN. But the error has persisted throughout.”
May I ask if you use WX5 hosting, or a 3rd-party provider? If you have a working Android app, it would also be useful to know which versions of WX5 & WX5 Android App you are currently using.
Again, thank you greatly.
Hi Andy,
my Android App Version is 1.7.14 and I have two websites at two different 3rd party providers. The US site works only with mobile data, due to some DNS locks at the German provider (but that is a different story), the other works in all data modes. But in my opinion, your Error Message is somehow related to restriction of the server configuration itself. I don't know, if you are using some filters in the .htaccess file, to block all those hacking attempts, but login.php is one of their favorites for trying to get admin access. If that is the case, you even won't get access to the admin panel over the browser interface. But if that is working, please try to scan the barcode in the admin panel (browser window) to add an automatic entry in the smartphone App.
Autor
Thank you for the info Martin, it helps.
I haven’t personally done anything regarding htaccess file. I will do some digging on the topic tomorrow.
I do have Snort installed and running, which I’ve have very little experience with.
The admin pages are indeed accessible, and I have not had issues via web access at all.
All projects were added to the app via QR codes. And, I had previously manually added sites before reconfiguring ports & moving access to the reverse proxy.
It baffles me how I get notifications from the app, but I can’t do anything else lol.
Thank you ever-so much for your time Martin. Appreciated!
Autor
I have had a poke-around the internet this morning regarding htaccess. From what I have read, htaccess is mainly for Apache web servers, and not even officially supported by (my) Nginx. Therefore, I can confirm that htaccess has not been implemented here.
Since my gateway server is IIS, I figured I should search for any relationship between IIS and htaccess. The information that came back mostly talked about URL Rewrite, which I am using (now).
As stated above; before, I was using IIS Redirect to forward requests to ‘https://[domain]:[port]’ I recently changed this, and now I use IIS URL Rewrite to 1) send HTTP requests to HTTPS, and 2) forward inbound requests to my Nginx web server internally via reverse proxy.
This issue has persisted throughout. Could it be that my gateway isn’t handling the requests from the WX5 app properly and needs some special configuration?
Again, I am getting notifications from the app, which makes no sense to me. And, the /admin section of the website(s) is available via browser.
Hi Andy,
I am sorry, but I am not an expert in IIS. On the other hand, if the web browser admin panel works over your gateway configuration, it means for me that web server, php scripts etc. are not the source of the error. Do you have a chance to make an extended IIS log and filter only for the port and/or the smartphone IP? Otherwise it seems to be challenging to track down the issue.
Autor
I agree, and believe the issue is caused by the web server config. But I am shooting in the dark at the moment lol.
I’m just investigating the option: add_header X-Frame-Options "SAMEORIGIN"; (nginx/php on the web server)
If the app wants to load data in a frame/iframe, then this option might be blocking the request.
Since the only real options are SAMEORIGIN or DENY, I’m not sure. ALLOW-FROM is not recommended and considered obsolete.
I’ll keep searching, and resort to trawling the various logs before the end of the day if I’m not getting anywhere.
Thanks again Martin.
Autor
I thought I'd just quickly take a look at the nginx error.log...
2022/08/16 11:44:10 [error] 51696#51696: *1454 FastCGI sent in stderr: "PHP message: PHP Warning: Undefined array key "email" in /var/www/[CENSORED DIR]/res/x5engine.php on line 8157PHP message: PHP Warning: Undefined array key "column" in /var/www/[CENSORED DIR]/res/x5engine.php on line 6548" while reading response header from upstream, client: [CENSORED GATEWAY IP], server: [CENSORED DOMAIN], request: "GET /admin/login.php?token=[CENSORED KEY] HTTP/1.1", upstream: "fastcgi://unix:/run/php/php8.0-fpm.sock:", host: "[CENSORED DOMAIN]"
Now to figure out my next move lol
Autor
Apparently, ‘Undefined array key’ can be caused by missing ‘assignment operator’ in the code. Namely: ‘ = ’.
This makes me now think that it’s a php language issue.
If you are reading this Martin, could you please tell me which PHP version your hosting provider is using? 8.1 wouldn’t work for me, so based on advice from Incomedia, I have downgraded to PHP 8.0.22 (which I was lead to believe is fully supported).
Hello Andy
I can confirm that if you're still having the issue:
"Net::ERR_BLOCKED_BY_RESPONSE"
This is due to the hosting configuration. In order for the App to work, the hosting server must be configured to allow your website to be displayed inside something called "iframe". If it isn't allowed, this error will appear
In order to solve this though, you mandatorily need to consult your hosting provider since this is something that is configured by them
Let me know what I reported here and keep me updated on what they say
Thank you
Stefano
Autor
Hi Stefano, I hope you enjoyed your day off yesterday!
I just installed php7.1-fpm and was about to configure it for further testing.
But, if what you say is true, then I need to turn my attention back to ‘Header set X-Frame-Options’ (currently set to "SAMEORIGIN"). I’ll be assuming that this needs to be “ALLOW-FROM [gateway server]”.
I’ll complete the php7.1 configuration since I’m halfway there already, then I need to research the implications of using ALLOW-FROM X-frame option.
I’ll be back!
Thank you.
Autor
I can confirm that it was indeed ‘X-Frame-Options’ interfering with the Android app.
I will have to do some more digging around tomorrow, because I was unable to get ‘Content-Security-Policy’ setup correctly. But I’m almost there!
Thanks guys, you’re awesome.