Ricardo Batista
Ricardo Batista
WWasp-lang
Created by Ricardo Batista on 6/21/2024 in #đŸ™‹questions
Error calculating daily stats
I have commented out the use of Plausible to get the analytics:
//import { getDailyPageViews, getSources } from './plausibleAnalyticsUtils.js';
import { getDailyPageViews, getSources } from './googleAnalyticsUtils.js';
//import { getDailyPageViews, getSources } from './plausibleAnalyticsUtils.js';
import { getDailyPageViews, getSources } from './googleAnalyticsUtils.js';
However, I am getting an error every time the Daily Stats is calculated:
[ Server!] Error calculating daily stats: Error: 2 UNKNOWN: Getting metadata from plugin failed with error: error:1E08010C:DECODER routines::unsupported
[ Server!] at callErrorFromStatus (/Users/rbatista19/Documents/VSCode/AIBlogArticles/ai-blog-articles/app/node_modules/@grpc/grpc-js/src/call.ts:82:17)
[ Server!] at Object.onReceiveStatus (/Users/rbatista19/Documents/VSCode/AIBlogArticles/ai-blog-articles/app/node_modules/@grpc/grpc-js/src/client.ts:360:55)
[ Server!] at Object.onReceiveStatus (/Users/rbatista19/Documents/VSCode/AIBlogArticles/ai-blog-articles/app/node_modules/@grpc/grpc-js/src/client-interceptors.ts:458:34)
[ Server!] at Object.onReceiveStatus (/Users/rbatista19/Documents/VSCode/AIBlogArticles/ai-blog-articles/app/node_modules/@grpc/grpc-js/src/client-interceptors.ts:419:48)
(...)
[ Server!] at process.processTicksAndRejections (node:internal/process/task_queues:95:5) {
[ Server!] code: 2,
[ Server!] details: 'Getting metadata from plugin failed with error: error:1E08010C:DECODER routines::unsupported',
[ Server!] metadata: Metadata { internalRepr: Map(0) {}, options: {} }
[ Server!] }
[ Server!] Error calculating daily stats: Error: 2 UNKNOWN: Getting metadata from plugin failed with error: error:1E08010C:DECODER routines::unsupported
[ Server!] at callErrorFromStatus (/Users/rbatista19/Documents/VSCode/AIBlogArticles/ai-blog-articles/app/node_modules/@grpc/grpc-js/src/call.ts:82:17)
[ Server!] at Object.onReceiveStatus (/Users/rbatista19/Documents/VSCode/AIBlogArticles/ai-blog-articles/app/node_modules/@grpc/grpc-js/src/client.ts:360:55)
[ Server!] at Object.onReceiveStatus (/Users/rbatista19/Documents/VSCode/AIBlogArticles/ai-blog-articles/app/node_modules/@grpc/grpc-js/src/client-interceptors.ts:458:34)
[ Server!] at Object.onReceiveStatus (/Users/rbatista19/Documents/VSCode/AIBlogArticles/ai-blog-articles/app/node_modules/@grpc/grpc-js/src/client-interceptors.ts:419:48)
(...)
[ Server!] at process.processTicksAndRejections (node:internal/process/task_queues:95:5) {
[ Server!] code: 2,
[ Server!] details: 'Getting metadata from plugin failed with error: error:1E08010C:DECODER routines::unsupported',
[ Server!] metadata: Metadata { internalRepr: Map(0) {}, options: {} }
[ Server!] }
10 replies
WWasp-lang
Created by Ricardo Batista on 5/21/2024 in #đŸ™‹questions
Installing Reflio affiliate manager
I am trying to install Reflio to handle my affiliate deals. In their walkthrough, in step 6 they ask to install the following JS when a user signs up:
<script type="text/javascript">
await Reflio.signup('yourcustomer@email.com')
</script>
<script type="text/javascript">
await Reflio.signup('yourcustomer@email.com')
</script>
I am a bit lost in where to place this, since the sign up is a bit abstracted with the Google OAuth.
14 replies
WWasp-lang
Created by Ricardo Batista on 5/12/2024 in #đŸ™‹questions
Threat of clickjacking
Being a total noob into website security, I received the following email:
The server didn't return an X-Frame-Options header which means that this website could be at risk of a clickjacking attack. The X-Frame-Options HTTP response header can be used to indicate whether a browser should be allowed to render a page in a <frame> or <iframe>. This is a client-side security issue that affects a variety of browsers and platforms.

Steps to reproduce:

1. Create a new HTML file
2. Put the following code inside the file
<html>
<head>
<title>ClickJacking PoC</title>
</head>
ClickJacking PoC
<iframe src=" https://meeting-reminders.com/login " height="450" width="1000"></iframe>
</body>
</html>
3. Save the file
4. Open the document in the browser

Impact:

The victim surfs the attacker’s web page intending to interact with the visible user interface but is inadvertently performing actions on the hidden page. Using the hidden page, an attacker can deceive users into performing actions they never intended to perform through the positioning of the hidden elements in the web page.
The server didn't return an X-Frame-Options header which means that this website could be at risk of a clickjacking attack. The X-Frame-Options HTTP response header can be used to indicate whether a browser should be allowed to render a page in a <frame> or <iframe>. This is a client-side security issue that affects a variety of browsers and platforms.

Steps to reproduce:

1. Create a new HTML file
2. Put the following code inside the file
<html>
<head>
<title>ClickJacking PoC</title>
</head>
ClickJacking PoC
<iframe src=" https://meeting-reminders.com/login " height="450" width="1000"></iframe>
</body>
</html>
3. Save the file
4. Open the document in the browser

Impact:

The victim surfs the attacker’s web page intending to interact with the visible user interface but is inadvertently performing actions on the hidden page. Using the hidden page, an attacker can deceive users into performing actions they never intended to perform through the positioning of the hidden elements in the web page.
Is the login page vulnerable to this?
6 replies
WWasp-lang
Created by Ricardo Batista on 4/30/2024 in #đŸ™‹questions
Disable email login
If I only want Google signup, is there a way to remove the email login? I tried commenting
email: {
fromField: {
name: "Meeting Reminders",
email: "hey@meeting-reminders.com"
},
emailVerification: {
clientRoute: EmailVerificationRoute,
getEmailContentFn: import { getVerificationEmailContent } from "@src/server/auth/email.js",
},
passwordReset: {
clientRoute: PasswordResetRoute,
getEmailContentFn: import { getPasswordResetEmailContent } from "@src/server/auth/email.js",
},
userSignupFields: import { getEmailUserFields } from "@src/server/auth/setUsername.js",
},
email: {
fromField: {
name: "Meeting Reminders",
email: "hey@meeting-reminders.com"
},
emailVerification: {
clientRoute: EmailVerificationRoute,
getEmailContentFn: import { getVerificationEmailContent } from "@src/server/auth/email.js",
},
passwordReset: {
clientRoute: PasswordResetRoute,
getEmailContentFn: import { getPasswordResetEmailContent } from "@src/server/auth/email.js",
},
userSignupFields: import { getEmailUserFields } from "@src/server/auth/setUsername.js",
},
But it generated plenty of errors.
10 replies
WWasp-lang
Created by Ricardo Batista on 4/29/2024 in #đŸ™‹questions
Where to see migration files?
I have messed up one migration (because I had to delete my local code), and now I don't know where to access the migration files. They are generated at build time, and stored on .wasp, but where are they coming from? I need to regenerate the previous files (I can access the previous migrations by the current server code).
21 replies
WWasp-lang
Created by Ricardo Batista on 4/27/2024 in #đŸ™‹questions
Getting Updates to the Open SaaS Template (not working?)
No description
17 replies
WWasp-lang
Created by Ricardo Batista on 4/24/2024 in #đŸ™‹questions
Starlight missing trailing slash
Starlight's sidebar doesn't include a trailing slash ("/") at the end of the URL, leading to a 301 redirect to the page. It is a minor thing, but SEO-wise it is not great. I tried to look it up online but couldn't find any solution đŸ˜¦
50 replies
WWasp-lang
Created by Ricardo Batista on 4/24/2024 in #đŸ™‹questions
Suggested cookie consent plugin?
I have been trying a few cookie consent plugins for React, but none seem to work well with Wasp (e.g., cookie-consent). As I am in EU, it needs to accept/decline the user consent. Is there any recommended package for it?
14 replies
WWasp-lang
Created by Ricardo Batista on 4/24/2024 in #đŸ™‹questions
Google Tag Manager
No description
8 replies
WWasp-lang
Created by Ricardo Batista on 4/12/2024 in #đŸ™‹questions
Is there any pre-defined package (or recommended) to create robots.txt?
I was wondering whether there is a quick way to configure robots.txt in Wasp.
12 replies
WWasp-lang
Created by Ricardo Batista on 4/11/2024 in #đŸ™‹questions
Deploying Wasp/Open-SaaS to Netlify
No description
37 replies