Home Community Blog Buy Now
Blog

Misty Community Forum

Cannot connect to Misty remotely via REST API

(NOTE I am using VSCode to launch the server for the index.html file I’m using, I don’t know if that makes a difference)

I am on a different network entirely (I’m at my house and Misty is at another right now), and whenever I try to connect to her via the public IP address of the network she is connected to in the other house using her REST API, I keep encountering the following error:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http:///api/device. (Reason: CORS request did not succeed).

Get Http Error:
Object { readyState: 0, getResponseHeader: getResponseHeader(e), getAllResponseHeaders: getAllResponseHeaders(), setRequestHeader: setRequestHeader(e, t), overrideMimeType: overrideMimeType(e), statusCode: statusCode(e), abort: abort(e), state: state(), always: always(), catch: catch(e)
, … }
error < empty string >

Additionally, I tried connecting to her personal IP address and that fails too with a very similar CORS error. Is this a common issue, and if so, how do I go about fixing it? Any help would be greatly appreciated as I’m very new to this stuff so I am kind of at a loss!

Hey, @sgmesidor, thanks for posting your question here!

Your computer must be on the same local area network as your robot in order for you to connect to Misty’a Wi-Fi IP address and issue commands with her REST API.

It is possible to design your own system for connecting to Misty from a remote location – @slivingston’s rerobots project is one example, and @wspeerbrecker has developed another project ( a proof-of-concept]. I’ve also seen folks use a service like ngrok to set Misty up for access from a remote network. But all of these are solutions that you have to invent yourself.

I hope that explanation helps a bit – let us know if you have other questions!

@sgmesidor I am happy to provide tips to help you achieve your goal. There are many different ways to remotely connect to a Misty robot, but none of them are “official”. Can you sketch a story of what you want to do? We can iterate on a solution that facilitates the story.

For example, do you want to leave the Misty robot on and unattended in one house, while you interact with the Misty robot from another house?

Is this a long-running (> 48 hours) remote access, or will you be near the robot again within the same day?

Regarding existing tools, rerobots is a sophisticated platform (not a “proof-of-concept”) that is not unique to Misty robots. It is possible to connect your Misty robot through rerobots, but it might not be the best choice vs. a quick hack of port-forwarding (like ngrok).

1 Like

Probably the simplest approach is to create a private VPN into the router to which Misty is connected.

Hello, @slivingston @johnathan I am jumping in here, to help provide extra details about our situation.

I am working with @sgmesidor and @kywelch17

Quick overview of our mission:

We are working with Misty for our senior capstone at UAlbany alongside Living Resources a company that takes care of people with disabilities. We are creating a Web User Interface where staff members from Living Resources can control and manage Misty while Misty is interacting with a resident.

With that being said…

Misty is currently at my house and because of the current pandemic we are sort of forced to work remotely. We have to spend 9 hours a week with Misty.

Misty is connected to my WIFI at home so in an attempt to get @sgmesidor connected remotely I port forwarded the IP that we use to connect to Misty and then I gave @sgmesidor my public IP address. He gets a CORS error and stale response. I am unsure as to why this is not working.

Our intent is to keep Misty at my house and for @sgmesidor to be able to work on Misty while I am working from home.(For at least 9 hours a week)

I am unfamiliar with ngrok and rerobots, will take a look!

Thank you guys!

Will take a look into this, how difficult is it to set this up?

@sollazzo08 I’ve not personally used the method of creating private VPN into a router – I can try to set this up on Monday and write up steps if no one beats me to sharing instructions – but I imagine the process may differ from router to router.

In the meantime, here’s a few quick steps to start using ngrok with Misty:

  1. Download ngrok
  2. Start a new command line / terminal in the directory where you have ngrok unzipped, and run the following:
./ngrok http <misty-ip-address>
  1. ngrok will expose the host at <misty-ip-address> and give you a “Forwarding” address that you can use (something like 478e24ed.ngrok.io).

You should be able to use this address instead of Misty’s Wi-Fi IP to connect to the robot from devices that aren’t on the same network as the robot. This address ought to work anywhere Misty’s IP would work – with Misty’s web-based tools, and with REST API commands (for example, you’d use GET <ngrok-forwarding-address>/api/device to obtain your robot’s device information).

Screen Shot 2020-03-21 at 10.33.03 AM

Your approach is feasible. In terms of HTTP, ngrok will not offer you anything more. So, if you want to continue with trying to forward through your house router, we can try to debug it together.

We should confirm that the robot can be reached at all. Suppose that your public IP address is x. Then, in your Web browser, go to http://x/api/battery

Does that work?

Hey @johnathan

So I attempted this solution by putting my computer on my cell phone personal hotspot so that it wasn’t on my routers IP.

Here is what the outcome was.

Screen Shot 2020-03-21 at 4.03.07 PM

I am trying this by having my computer on my cell phones personal hotspot, that shouldn’t be an issue right?

Anyways I tired the GET request and there is no response, just says “connecting…” forever.

No console response.

Right. Here is a list of things to check, in order:

  1. Can you GET /api/battery from the local network? In your web browser on the local net (not the cell phone tether), go to http://192.168.1.151/api/battery
  2. Verify that the router forwards port 80.
  3. Try to listen for incoming connections on your main host. For example, in one terminal, enter netcat -l 127.0.0.1 8080 (or if you do not have netcat, try nc -l 127.0.0.1 8080). Then, configure the router to forward to port 8080 on your main host. Then, try http://x:8080/api/battery where x is the public IP address of your router.
1 Like

Also, before you invest much more time into this, it is worth considering a disadvantage of port-forwarding from your router and of using ngrok: unless additional protections are added, your Misty robot will begin to receive attack attempts via HTTP if you leave it exposed for a while. Creating a VPN or using rerobots provides a much more secure option, but it comes with more upfront setup cost.

2 Likes
  1. Yes it works
  2. I actually have it forward port 22, maybe this is the issue

YUP #2 was the issue I had to set it to 80

It is working now!

1 Like

How can I go about adding additional protections for this ? Other then the VPN and rerobots way.

Also what harm could be done to Misty if someone does get a hold of her through my router

Does the router support limiting the addresses of incoming connections? The basic idea is to port-forward only for requests coming from a fixed list of IP addresses, while dropping all other requests. If this is supported, then you can add the home addresses of your collaborators.

tl;dr

Unless I missed something, this is an open question.

Details

The typical assumption for Misty robots is that they are accessed from local area networks that are trusted. Here, “trusted” means that there are no bad actors who are

  1. recording network traffic
  2. attempting to break into websites.

Both fail to hold on the Internet in general. Because Misty robots are not wildly popular yet, almost surely any attacks will not be Misty-specific. Nonetheless, there might be attacks that are relevant to Misty robots because, after all, the Misty REST API involves an HTTP server.

While it is not likely that a human will actively attack your IP address, there are bots that scan the Internet and automatically try various attack vectors. I think that, at this time, the main risk is that the Misty HTTP server configuration is somehow incomplete in a way that one of the bots will find and exploit. The precise details of “exploit” vary; for example, it could mean installing a program that runs from inside a Misty robot and sends spam emails. In a more extreme example, this could be a rootkit that is ultimately difficult to identify and remove.

However, because you are using the standard SSH port (22) rather than a standard HTTP port (80 or 443) for port-forwarding, I expect that you will observe ssh sign-in attempts. Like HTTP bots, there are SSH break-in bots that try to sign-in using common account names and weak passwords. I do not expect much risk from these hitting an HTTP server.

1 Like

@sollazzo08 has this been a sustainable solution for you?

If not, you might want to try a new tool for sharing robots that I am developing. hardshare allows you to make your Misty robot available via the rerobots infrastructure (mentioned above). Let me know if you want to try it.

2 Likes

@slivingston Hey!

So yes the port forwarding from my router has worked for me and we have been using this method with no issues.

I would like to try out what you have been working on though! I can probably get around to trying it out sometime next week.

Thank you again for all your help!