I have a potential project to do and i am going through research about what it takes.
Project would include viewing/controling IP cameras and DVRs. An example application i was looking at was XMEye.
I am not looking into any code or particular implementation but general directions.
Questions:
1) how does qr code autodiscovery work? is that some kond of automatic dynamic dns setting where such device has guid serial number that acts as hostname in classic dyndns? (already input into cloud db where cam reports its current ip address)
2) does xmeye app, for example, rely on devices being onvif compliant or it supports some other protocols? if so, which?
Related
With iOS 9, Apple is mandating the use of HTTPS. While this is all good and secure, it forces me to convert all my dev/testing servers to HTTPS. I'm developing for Android and iOS.
Things I've already tried/looked at:
Running iOS 8 - not a long term solution
Self signed servers - requires adding code to both platforms.
Adding root certificate - probably the way to go but expensive in terms of hours spent on this.
I'd like to know how other people are handling this. Ideally, I'd like a solution based on 3 (or not based on 1 and 2), which works well with simulator/emulator and doesn't require jumping through hoops and constant tinkering with root certificate on various devices.
I'll also take a solution for iOS only (e.g. #ifdef) as Android can stay on HTTP.
=====================================================================
Update: 20 Dec
My servers are IP address only. No domain name.
Using plist settings is an option. However, an answer would have to be specific and complete. I would expect to see something like a script that removes plist settings for 'release' builds.
I'm not a security person, but I suspect that leaving whitelisted IP addresses for attackers to use are a bad idea.
You can very easily add domain names for your development servers by using a free DNS provider. I use http://freedns.afraid.org/ and they have some shared domain names where you can add names for IP's you need. I sometimes do this just for internal servers to make it easier to remember where they are!
As for the plist; all you are doing when you whitelist a name like that is telling the phone app that it can talk to that server with HTTP. If you #ifdef DEBUG the ability for your app to talk to those endpoints, then you should have compiled out the ability of the end user to switch to it!
If you are still concerned about it and are looking to have a build step that removes the exemption then PlistBuddy is your friend. You can remove an exemption using the following command line.
/usr/libexec/PlistBuddy -c "Delete :NSAppTransportSecurity:NSExceptionDomains:my.devserver.com" Info.plist
Please put this property in your info.plist if you want to work with HTTP/HTTPS with iOS9.
App Transport Security is enabled by default when using NSURLSession, NSURLConnection in iOS9
You can opt-out of ATS for certain URLs in your Info.plist by using NSExceptionDomains. Within the NSExceptionDomains dictionary you can explicitly define URLs that you need exceptions for with ATS. The exceptions you can use are:
NSIncludesSubdomains
NSExceptionAllowsInsecureHTTPLoads
NSExceptionRequiresForwardSecrecy
NSExceptionMinimumTLSVersion
NSThirdPartyExceptionAllowsInsecureHTTPLoads
NSThirdPartyExceptionMinimumTLSVersion
NSThirdPartyExceptionRequiresForwardSecrecy
Each of these keys allows you to granularly disable ATS or particular ATS options on domains where you are unable to support them.
You can refer the answers to this question here,
How do I load an HTTP URL with App Transport Security enabled in iOS 9?
Transport security has blocked a cleartext HTTP
I use chrome://inspect page on Chrome PC to use dev tools on Chrome Mobile.
I have my js+webgl games on a "local" website, http :// 127 .0. 0.1/site/, thanks to EasyPHP.
I use to upload the game to a real web server each time I make an edit and want to test it on Android, but I really would prefer the Android device to directly access the local website on my computer.
I know it is possible with the "port forwarding" feature on chrome://inspect, but I do not get it to work.
It uses 8000 as port and localhost:8080 as address.
There is a green dot aside the name of my Android device, so port forwarding is supposed to work.
But when I open http :// 127 .0. 0.1/site/ on the Android device, it says "Oops! Google Chrome could not connect to 127.0.0.1".
What am I doing wrong ?
As long you are in the same network ( fe your home network) both devices can see each other. And if you enabled the ping-command on your operating system you can use to test this.
On the application layer they need the same ports to also talk to each other.
For this talking Easyphp runs the Apache webserver to listen the network for request.
As you remarked; Apache is listening the network on port 8080.
The flexibility of Apache is that you can change the number of that port yourself in the configuartion file. ( see https://collab.its.virginia.edu/wiki/toolbox/example%20httpd.conf%20file.html)
Once you completed this, you will get an error message that you have no access, and you should be happy because this means that both devices can already talk with each other :-)
The error message are thrown up by the build-in security-system of your webserver. This security is most of the time provided on folder level with text files ( see http://www.htaccess-guide.com/ )
Once made these changes your access your localweb folder (or htdocs in ?AMPP) from out the browser of your Android. And is the game on :-)
Is it possible to have user put in connection properties like ip address in the app to connect to Sybase. I need to find out for a test to connect to our DR Site which has a different IP address. (So user uses production system and something happens and need to switch to the DR Site to continue working.)
Thanks
Louis
I don't know much about SUP, but it seems the IP address of the server is in the generated code (Activity classes), you cam edit this code to get the IP from somewhere (e.g. the application settings).
If you don't have access to the source code of the application and this is just for a test you can configure your android device to use a proxy (How to change proxy settings in Android (especially in Chrome)) and then make a simple proxy that redirects connections to another host (such as those described in seriously simple python HTTP proxy?).
I have found several sources describing a String Format used to describe WiFi-Access Settings in the form of:
WIFI:T:WPA;S:mynetwork;P:mypass;;
(example taken from zxing documentation)
For basic WPA-Connections, this works just fine on my Android Device using the Zxing-Barcode-Scanner-App. However, I have been unable to find a way to embed WPA2/EAP-Connection Settings (Also referred to as WPA2 Enterprise) into a scannable 2D-Code. As I expected, inserting "L" (Login), "N" (Name) or "I" (Identification) Parameters at random positions did not really bring any advance.
Has anyone here succeeded in "embedding" WiFi-Connection Settings into a 2D-Scannable Code to work with an Android device?
Thanks for your help!
I found some information on how to format the WiFi config string in the following pull request at the github page of the zxing library project: https://github.com/zxing/zxing/pull/865
The first post contains a template of the string format, including an error (the prefix AI: is wrong, it must read A:, see here). The correct format according to the source is thus:
WIFI:T:WPA2-EAP;S:[network SSID];H:[hidden?];E:[EAP method];PH2:[Phase 2 method];A:[anonymous identity];I:[username];P:[password];;
When I tried this (using the command line tool qrencode) my Barcode Scanner app crashed. After some trial and error I figured that the option for hiding the SSID can be left out:
WIFI:T:WPA2-EAP;S:[network SSID];E:[EAP method];PH2:[Phase 2 method];A:[anonymous identity];I:[username];P:[password];;
With this I'm getting a working entry in the list of known wireless networks in Android 8.
As of now there is no support for declaring a certificate and the respective domain. If this is needed, one can specify it later by adjusting the settings from inside Android's WiFi menu.
I am writing an application to help test android devices' capabilities to connect to wlan's with varying security settings (ex. wpa aes peap). However, I noticed that the published android.net.wifi api does not contain fields to set parameters needed for peap and eap-fast authentication. Does anybody know how to establish a connection to peap programatically?
Below is a link that shows the WifiConfiguration() class possessing unpublished fields (ex. eap, phase2, identity, password). However, eclipse will not let me utilize these fields in my code since they are not officially in the android api.
http://www.netmite.com/android/mydroid/1.6/frameworks/base/wifi/java/android/net/wifi/WifiConfiguration.java
I was having a similar problem. The solution is to use "Reflection".
Here is a link that should be very applicable to you.
How to programmatically create and read WEP/EAP WiFi configurations in Android?