MSXML2.ServerXMLHTTP and TLS1.2

Okay, so most webservers now have TLS 1.0 and 1.1 disabled, which of course causes code to fail. Also the case for a classic ASP script using MSXML2.ServerXMLHTTP, so Google to the rescue and found this:

It was, surprisingly, easy to convert my existing code in the actual application to use WinHTTP, which appears to work properly enforcing TLS 1.2 on all calls from XP POSReady and Windows 10 (the OS’s where this application will be deployed).

While this isn’t an answer as to why POSReady and XMLServerHTTP calls try to use TLS 1.0 on the first call (despite the registry stating that’s not desirable), it is an acceptable workaround.

For others who may stumble upon this and are hesitant, converting my code was as simple as this:

Set XMLReceive = CreateObject("Msxml2.DOMDocument.6.0")
Set XMLServer = CreateObject("Msxml2.ServerXMLHTTP.6.0")
XMLServer.setTimeouts ResolveTimeoutMs, ConnectTimeoutMs, SendTimeoutMs, ReceiveTimeoutMs

XMLServer.setRequestHeader "User-Agent", "My XML App V1.0"
XMLServer.setRequestHeader "Content-type", "text/xml"
XMLServer.Open "POST", Server_Address, False
XMLServer.send (My_XML_Request_String_or_XML_Document)
Failure = (XMLServer.Status <> 200)
If Not Failure Then XMLReceive.loadXML (XMLServer.ResponseXML.XML)

to:

Set XMLServer = CreateObject("WinHttp.WinHttpRequest.5.1")
Set XMLReceive = CreateObject("Msxml2.DOMDocument.6.0")
XMLServer.setTimeouts ResolveTimeoutMs, ConnectTimeoutMs, SendTimeoutMs, ReceiveTimeoutMs

'force TLS 1.2
XMLServer.Option(9) = 2048
XMLServer.Option(6) = True

XMLServer.Open "POST", Server_Address, False
XMLServer.setRequestHeader "User-Agent", "My XML App V1.0"
XMLServer.setRequestHeader "Content-type", "text/xml"
XMLServer.send (My_XML_Request_String_or_XML_Document)
Failure = (XMLServer.Status <> 200)
If Not Failure Then XMLReceive.loadXML (XMLServer.ResponseText)

Good luck!

PHP variables and strings

Sometimes you have to be reminded of the basics:

“How to use a dollar-sign $ in a string?”
In single quotes a dollar sign isn’t parsed as anything. Nothing is auto parsed in single quotes in php. If you use double quotes they are automatically parsed:

echo "$var"; // this will print the value of $var;
echo '$var'; // this will print $var;
echo "\$var";// this escapes the dollar sign so it will print $var;

Phonegap Build Android Splashscreen

Here we go again …
CLI-8.1.1 is new, new is better, ehm, except that the splashscreen stopped showing on Android. Stepping back to cli-7.1.0 solves this problem, but that is not really solving it.

<!-- Platforms to compile -->
    <gap:platform name="ios" />
    <gap:platform name="android" />

<!-- Define a specific version of PhoneGap to build -->
<platform name="android">
       <preference name="phonegap-version" value="cli-7.1.0" />
</platform>
<platform name="ios">
        <preference name="phonegap-version" value="cli-8.1.1" />
</platform>

Of course you search for solutions and may find out about density and qualifier, but neither keyword works. Also this link does not help by adding:

< platform name="android">
< preference name="SplashScreen" value="splash" />
< /platform>

the only “solution” so far is…

<platform name="android">
   <preference name="phonegap-version" value="cli-7.1.0" />
</platform>

sorry.

419 HTTP status code

… does not exist
https://nl.wikipedia.org/wiki/Lijst_van_HTTP-statuscodes

However it did take some of my time to figure this one out as the response code was really in my webserver logfiles and as usual… I was not the first to run into this problem, see: https://stackoverflow.com/questions/46266553/why-laravel-api-return-419-status-code-on-post-and-put-method

You get a 419 status code, if an (external) script tries to post to your Laravel application, without the o-so-needed CSRF token.

First option is to change in App\Http\Middleware\VerifyCsrfToken:
protected $except = [ ‘/*’, ];
(or maybe something more specific and a little more safe, like ‘/myapiurl/*’,)

Second option is to put the route in api.php instead of web.php, but that implies prefixing all your routes with /api/

… your choice!