2 Replies Latest reply: May 19, 2017 8:01 AM by Rasmus Nielsen RSS

    Issue with custom proxy and iOS

    Rasmus Nielsen

      Hello,

       

      Our setup is a Qlik Sense server and we have a virtual proxy where the "authentication module redirect URI" is pointing to a node.js server (HTTP) which is using the qlik-auth (qlik-auth) node.js module to handle authentication with tickets.

       

      We have a web application which is linking to some qlik reports directly in the HUB, so the link to a qlik report would look like:

      http://qlikserver/proxyname/sense/app/appid/sheet/sheetid/state/analysis

       

      This works very well when we use a Desktop browser to access our web application, but when we use an iPad (4th gen, iOS 10.3.1), our authentication server is flooded with requests and the http headers contain a "Upgrade-Insecure-Requests: 1" header field. I'm aware that iOS does not like unsigned https requests and will block them, but as I understand the qlik authentication API, it is only the path between the auth server and the qlik proxy which is using HTTPS (the qps auth api).

       

      When I examine the requests, the same targetId sometimes appear (guess that is pointing to some resource that was requested by the client?) and sometimes the qlik proxy will respond with a "Specified targeted was not valid!". I have also noticed that the "Referer" http header is sometimes the URL of my web app client and other times it will be the URL of the qlik report that I am requesting.

       

      I don't understand why we get so many requests on our auth server and I dont understand why this does not work on the iPad. Maybe someone can clarify and point out what we are doing wrong? We are also getting reports from our users that it does not work on other tablets (samsung/android) as well and I am guessing that it is the same issue.

       

      I have tried setting up our authentication server on HTTPS with a valid certificate and access the qlik reports via HTTPS as well, and then it all works as expected.

       

      Hopefully someone can shed some light of what the problem is?

       

      Thanks,

      Rasmus