Problems reaching host with oHTTPWorker

Scotte Meredith spomacguy at gmail.com
Fri Apr 15 16:57:57 UTC 2022


Hi, Doug --

The way this CC processor works is that initially, we do a POST with our customer ID in the URL and a "Bearer" with our pass-string in the headers to retrieve a token. This token is passed back into  the Javascript library that sits on their site that does the actual processing. We call out to it from the JS form using the code they provided. It pops up a little window where the user enters their CC information. So no CC information sits on our side, but it communicates directly between the user and the CC processor.

I now have it getting back the token using 10.2 (31315) on the Mac side. On the Windows side, I was using a slightly older version that was not working. Once I get it here I'll try on Windows again.

So there appears to be some discrepancy between the Omnis versions on which work and which don't.

I'm now trying to determine why the JS form doesn't seem to be loading the html template in the JS form. It was working before, but not now. The client-side code is trying to run the Javascript on their site and can't find it because the html from the template is not loading, which is what loads the script. No script... no call can be made.

Thanks for helping me clarify where things are going wrong.


> On Apr 14, 2022, at 4:31 PM, Doug Easterbrook <doug at artsman.com> wrote:
> 
> hi Scotte.
> 
> we use the oW3 workers to talk to credit card providers these days.  Admittedly, it is on the desktop and I think you are implying that you are sending directly from a web page in a remote form.
> 
> 
> The possible problem is that the PCI council ratcheted up the requirement to connect with TLS 1.2 or better to credit card companies servers.     Run the URL at the end of the email and it shows that the site at 13.227.76.18 requires TLS 1.2 or 1.3.    If the JS form does not allow cconnection using TLS 1.2, then thats part of your problem.
> 
> if you are using the OW3 worker because the JS form sends the request back to your server, then there are parameters you can put in the oW3 worker to require TLS 1.2 connection
> 
> 
> 
> 
> 
> 
> The other things is that DNS resolves to 12 separate IP addresses (a few IPv4 and ipV6).  so that likely means there is some load balancer in front ….  but it is odd, to me, that you get 12 publicly exposed sites.
> 
> 
> and they are slow to give up their SSL information when I used the following to determine what might be at the end of the line at the URL. who knows if they misconfigured something.
> 
> 
> https://www.ssllabs.com/ssltest/analyze.html?d=api.emergepay%2dsandbox.chargeitpro.com&hideResults=on&latest <https://www.ssllabs.com/ssltest/analyze.html?d=api.emergepay%2dsandbox.chargeitpro.com&hideResults=on&latest>
> 
> 
> 
> 
> this is what we did in the OW3 worker to test for TLS 1.2, assuming that could be part of the problem
> 
> 
> 
> Do $objects.oHTTPWorker.$newref($cinst().$ref) Returns HttpWorker
> Calculate HttpWorker.$followredirects as kTrue
> 
> # # Add "cURL Options" which allows custom options to be set from cURL "easy" constants
> # # Ref: https://github.com/curl/curl/blob/master/include/curl/curl.h#L963 <https://github.com/curl/curl/blob/master/include/curl/curl.h#L963>
> Do CurlOptions.$define(CurlOption,CurlValue)
> Do CurlOptions.$add(32,"6") ## CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2
> Calculate HttpWorker.$curloptions as CurlOptions
> 
> Do HeaderList.$define(HeaderName,HeaderValue)
> 
> Calculate Content as ''
> 
> # ask for the http header to see if we get a response.  if not, we couldn't communicate with TLS 1.2 or later
> Do HttpWorker.$init(pURL,kOW3httpMethodHead,HeaderList,Content)
> Do HttpWorker.$run() Returns OK
> If not(OK)|HttpWorker.$isCanceled
> # TODO: Check HttpWorker.$errortext or HttpWorker.$errrocode
> Quit method kFalse
> End If
> 
> Calculate TLSFailCode as 35
> Calculate TLSFailMessage as 'Could not negotiate an SSL cipher suite'
> Calculate Response as HttpWorker.$response
> 
> Calculate pErrorCode as Response.errorCode
> Calculate pErrorMessage as Response.errorInfo
> 
> # Determine if this is a failure for TLS reasons.  It's confusing, but a non-failure is a success for TLS, even if it's𯿾non-200 errors.
> Calculate TLSFail as Response.errorCode=TLSFailCode&pos(low(TLSFailMessage),low(pErrorMessage))>0
> Quit method not(TLSFail)
> 
> 
> 
> 
> 
> Doug Easterbrook
> Arts Management Systems Ltd.
> mailto:doug at artsman.com <mailto:doug at artsman.com>
> http://www.artsman.com <http://www.artsman.com/>
> Phone (403) 650-1978
> 
>> On April 14, 2022, at 1:15 PM, Scotte Meredith <spomacguy at gmail.com <mailto:spomacguy at gmail.com>> wrote:
>> 
>> I have some code that has been working to access a credit card processor from a JS remote form. It has been working for a while, but in the last month has quit. Talked with the credit card processor and they swear nothing has changed on their end.
>> 
>> I've $init'd the worker and called $run. I put a breakpoint in the $completed method. The row is returning errorCode=6 and errorInfo=Could not resolve host: api.emergepay-sandbox.chargeitpro.com <http://api.emergepay-sandbox.chargeitpro.com/>
>> 
>> Sure enough, if I try to go to that site in a browser, it says it cannot connect.
>> 
>> However, the code in the $init passed in https://api.emergepay-sandbox.chargeitpro.com <https://api.emergepay-sandbox.chargeitpro.com/>. If I try to go to that URL in a browser, it is successful. It seems like the "https://" is not being respected. If I step back through the code a number of times, sometimes I will get a connection and the right info is returned.
>> 
>> This occurs with using either $run or $start. 
>> 
>> Any ideas on what I should be looking for? 
>> 
>> This is occurring on both Studio 8.1.6 and 10.2 (30204) in Windows with similar issues on Mac. I'm going to install (31315) on that machine and see if it makes a difference.
>> 
>> 
>> 
>> Scotte Meredith
>> spomacguy at gmail.com <mailto:spomacguy at gmail.com>
>> 509/998-0991
>> 
>> 
>> 
>> 
>> _____________________________________________________________
>> Manage your list subscriptions at https://lists.omnis-dev.com <https://lists.omnis-dev.com/>
>> Start a new message -> mailto:omnisdev-en at lists.omnis-dev.com <mailto:omnisdev-en at lists.omnis-dev.com> 
> 



Scotte Meredith
spomacguy at gmail.com
509/998-0991






More information about the omnisdev-en mailing list