Node-RED on iOS

MQTT works fine, you have to have the broker on another device on your network.

Just installed the latest and the tabs in the sidebar don”t work. So you can’t switch to the Help then Debug unless you use the pull down menu.

Hi, nice app. Now on iphone, I might buy a new ipad just because of this app.
But ...

  • After installing node-red-node-mysql (which works on my network) I cannot delete this node from the palette: ‘Failed to remove, npmCommand is not defined’.

  • After importing nodes (from safari or another app) I get a sliding down pop-up every few seconds saying ‘Node pad pasted from Safari’.

How can I resolve this?

it seems fine in my devices, what ios version and device are you using so i could check it out.

Yup, sorry about that, i havent fix the uninstall part in the modules, you may still manually remove the nodes you installed by using a Files app provided by apple. Open the node-pad folder there, then select nodes folder and delete the node-red node folder that you wish to remove. You cannot remove the node-red modules that came preinstalled with node-pad

Another thing is you can edit your ipad workflows in pc, just visit your ipads ip address with port 1880, eg. http://192.168.1.2:1880

Really ? Given the more mobile nature of iPhones and iPads you could more easily expose yourself to the “raw” internet. It would be safer to limit it to local host access only by default.

2 Likes

weird, now it works. I wonder if it was in the background when I updated. I just flushed the app and tried again and it works.

Yes, I was about to give this a go but I'm going to hold off for now. It isn't safe to expose Node-RED even to the "local" network - since that might be an untrusted Wi-Fi network.

Hard to know whether the device would be exposed when on a 3/4/5G wireless network, I don't think I've ever had an app that published its own website before. Indeed, I suspect that this is one of the reasons that Apple have banned such apps in the past.

Yup, thanks for the advice guys, i was also thinking about that security issue and disable the remote access to the /ui and /dashboard by default unless he has adminAuth.json but then i just went ahead and did the default behavior of node-red, my bad. This security issue is not exclusive to ios version, it just so happen that ios could be already been connected to a mobile network. NR in ios also needs to run in foreground and its completely sandboxed and nodes that access the system was so limited it might not even work.

I think I have to do that on the next update since it’s brought up. Also, apple review team is actually strict but they are also reasonable. They actually approve the update containing nodes i created that exposes data from their low level API. Im contemplating if they will approve if i expose BLE, ive already seen apps in the app store already doing it though.

1 Like

I think a node red server on ios is like a tool for learning rather than real server, so you should spend your time on other features rather than security.

But it is also dangerous if some one could exploit core function of NR and access data on phone. So it is best to block access from outside, and let user open if they know the risk

1 Like

hi! i already closed the port by default on the latest release, also it's impossible to exploit the phone os with of its ecosystem For me I velcroed my old iPod touch plugged in the wall all the time. It works for me.. :slight_smile:

1 Like

Thanks for your answer.

I bought a new ipad today. Something strange which I also saw when testing on my iphone: every few seconds there is a message in the top of the screen that something is copied. Either from a textfile to node-pad but on my ipad also when an url was copied from firefox to safari.

Do you know how I can remove this repeating message?

The ios app continuosly feeds device information in node pad even unused, maybe thats it? Those are the blue nodes in the ios device pallete. Can you share a screenshot so i could investigate and make the fix/patch for it,