If Netflix on Apple TV shows an 139:NFErr_MC_AuthFailure error message

Did you try to view Netflix using your Apple TV? Did you manage to logon to Netflix, but does the Netflix app fail to stream movies?

In this case, you might see an error message presented by the Netflix app on your Apple TV:

139:NFErr_MC_AuthFailure

This message tells you, that the Netflix app on your Apple TV fails to connect with a certain server maintained by Netflix.

In case you use a Fritz!Box router or some other router with a parental control system, please check its respective settings.

If parental control is enabled, chances are good, that Netflix is black-listed by the parental control system. Consequently, streaming of Netflix content gets blocked by your router.

To make sure, that the parental control system really is the problem, disable the parental control system and try to stream again.

If, after that, you are able to view Netflix movies, you just discovered the problem. Congratulation!

htmlspecialchars() | htmlentities() returns empty string

Today, an PHP-based web-application suddenly misbehaved: A certain part of a web-page kept being empty.

First of all, I reviewed the logic of the code fragment. Additionally, I asked a colleague to sit down and list to my explanation of what the code fragment does. Even at that point, anything appeared to be fine.

Then, I instrumented the code in the test-system. After half an hour and inside a support method, a return value was the empty string. The method gets some text and returns correctly html-escaped text.

The web-app uses ISO-8859-1 for code and data, since we are in Europe.

The respective method called htmlspecialchars() to perform the text to html conversion.

Unfortunately, the application runs this year the first time using PHP 5.4. And as of the PHP 5.4 release, htmlspecialchars() doesn’t use ISO-8859-1 as default encoding. In fact htmlspecialchars() as of PHP 5.4 uses UTF-8.

You might expect, that htmlspecialchars() would just skip non-UTF-8 byte sequences or translate them to a ‘no found’ character.

In fact, htmlspecialchars() returns a blank string: No error gets generated, no errorcode gets returned, no exception gets raised, just a blank string gets returned if non-valid UTF-8 sequences get passed in.

Thus if you migrate to PHP 5.4, use code/data with ISO-8859-1 encoding and call htmlspecialchars() or htmlentities(), please use something like this:

htmlspecialchars($string, ENT_QUOTES,'ISO-8859-1' );

Or just migrate code and data all over to UTF-8.

 

Protecting web applications against control-flow and parameter-change highjacking

Some time ago, I found a mechanism to protect

  • the control flow
  • and all parameters

of web-application (controllers) against highjacking.

The technique provides this:

  • All parameters of request are kept at the server side
  • No parameter ever reaches any URL
  • The control flow of an application strictly gets controlled by server-side state

The base principle is this:

  • Define a controller FlowController
  • If a web page needs to include a link to another controller with certain parameters, askFlowController to prepare the link
  • FlowController does not provide the link directly, but maintains a server side state, which keeps all link-related information [controller class to be called, arguments to get passed]
  • Ultimately, FlowController returns not an actual link, but a random hash-value, which identifies the server side’s state
  • Once a hashed link comes back from the browser, it gets passed to FlowController, which looks up the related state and manages to instantiate the controller and pass arguments

Consequences:

  • No link can be predicted.
  • Thus, no controller can be called without before getting authorization by FlowController.
  • All parameters retrieved form FlowController managed state passed to controllers can safely be trusted.

Moreover:

  • FlowController manages link states using a stack
  • FlowController provides set-back points: FlowControler::TerminateFlow() forces the application to re-establish the last set-back point.
  • If FlowController gets asked to start a non-top flow, it automatically deletes all flows above. Thus, if you return to an earlier state of the application, all follow-up states automatically get invalidated.

Consequences: One can call certain workflows – sequences of controllers – in a pure subroutine fashion: Request a set-back point to get set. Run the first controller of the workflow. Eventually, some controller will call FlowControler::TerminateFlow() and the control-flow will return to the caller’s environment.

Note, that the first called controller – more general the whole workflow of several controllers – doesn’t know which other part of of the applications requested its execution. The initiator of the workflow started it using a fire-and-forget fashion: The workflow will eventually come back to me. At a certain point, the workflow signals, that it is done. Important: It does not request a certain continuation controller. Thus, the workflow is fully decoupled from any caller.

Comments?

NSMailDelivery gone since 10.5

I really wonder, why Apple dropped support for NSMailDelivery since Mac OS 10.5.  In fact, all methods of NSMailDelivery are declared as:

AVAILABLE_MAC_OS_X_VERSION_10_0_AND_LATER_BUT_DEPRECATED_IN_MAC_OS_X_VERSION_10_5

Too bad. Even worse, Apple didn’t provide an alternative – except calling ScriptingBridge as seen in the SBSendEmail sample.

Today, the best option available is CSMail from Corriolis systems. CSMail sends Emails through Apple.Mail (or some other mail clients).

For historical reasons, I mention the no longer maintained Pantomime (LGPL license), MailCore (New BSD license) and EdMessage (BSD syle license).

How to convert NSAttributedString to HTML markup

This snippet converts a NSAttributedString to HTML markup returned as NSString:

+ (NSString*) htmlForAttributedString:(NSAttributedString*) attrString {
  NSArray * exclude = [NSArray arrayWithObjects:@"doctype",
     @"html",
     @"head",
     @"body",
     @"xml",
     nil
     ];
  NSDictionary * htmlAtt = [NSDictionary
     dictionaryWithObjectsAndKeys:NSHTMLTextDocumentType,
     NSDocumentTypeDocumentAttribute,
     exclude,
     NSExcludedElementsDocumentAttribute,
     nil
   ];
  NSError * error;
  NSData * htmlData = [attrString dataFromRange:NSMakeRange(0, [attrString length])
        documentAttributes:htmlAtt error:&error
  ];
  //NSAttributedString * htmlString = [[NSAttributedString alloc]
     initWithHTML:htmlData
     documentAttributes:&htmlAtt
     ];
  NSString * htmlString = [[NSString alloc] initWithData:htmlData encoding:NSUTF8StringEncoding];
  return htmlString;
} // htmlForAttributedString