I have a Rails application, which uses the comfortable mexican sofa CMS. I needed server side events with ActionController::Live, so i use Puma instead of the standard Webrick.
Sometimes some of the javascript assets get served as plain/text and contain the HTTP header like in the following file:
0
HTTP/1.1 200 OK
Content-Type: application/javascript
Cache-Control: public, must-revalidate
Last-Modified: Tue, 20 May 2014 09:39:06 GMT
ETag: "9fad3cb6ef7afd353261ec38da25c2e9"
X-Request-Id: 043c6782-4e7c-471a-b6ba-6ea142242fa4
X-Runtime: 0.032228
Content-Length: 820
(function() {
$(function() {
$('form').on('ajax:success', function(e, data, status, xhr) {
...
Any ideas what's the matter and how to fix this?
As it seems this only occurs in Chrome. Firefox and Safari don't have any problems.
Related
I am trying to redirect the user to a offline page when he is disconnected but i have a problem.
I noticed that the manifest file is never loaded by the browser
this is my manifest attribute
<html lang ="fr" manifest="#Url.Action("Manifest","Acceuil")">
this is my response with fiddler when i ask the url directly
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/cache-manifest; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 23 Jul 2016 16:08:42 GMT
Content-Length: 216
and this is my manifest
CACHE MANIFEST
CACHE:
FALLBACK:
/ /OffLine/Index
NETWORK:
*
my window.applicationCache value is always equal to uncached
how can i do to fix my problem ?
thank you
There doesn't seem to be anything wrong with the manifest file itself except some extra whitespaces that you could remove.
About the headers, you should not cache the manifest file itself. So cache-control should be changed to something other, perhaps no-cache. Otherwise it's loaded only once and you will have problems updating it for you users if it will ever change.
always the same problem, I noticed that the browser does not get my action which contains my manifest.
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/cache-manifest; charset=utf-8
Expires: -1
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-SourceFiles: =?UTF-8?B?QzpcTm91dmVhdSBkb3NzaWVyXGIuZS5wLncuaVxDb3VjaGVXZWJcQWNjZXVpbFxtYW5pZmVzdA==?=
X-Powered-By: ASP.NET
Date: Mon, 25 Jul 2016 07:41:45 GMT
Content-Length: 77
I found my error, i will never forget it !!!
before
#using System.Web.Optimization
#Styles.Render("~/bundles/css/layout")
<html manifest="/Acceuil/Manifest">
<head>
after
#using System.Web.Optimization
<html manifest="/Acceuil/Manifest">
<head>
#Styles.Render("~/bundles/css/layout")
I am working on a project which requires a client to make an api call to
my
rails application and it to return XML without any http header info.
its currently returning:
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Content-Type: application/xml; charset=
X-Ua-Compatible: IE=Edge
X-Request-Id: c5602cd7eb23ca8137bef8bb1f0a4f8a
X-Runtime: 0.027900
Server: WEBrick/1.3.1 (Ruby/1.9.3/2013-11-22)
Date: Wed, 18 Jun 2014 05:27:48 GMT
Content-Length: 529
Connection: Keep-Alive
Set-Cookie: _session_id=a8039d615674feec206e6c55a7a7afc8; path=/;
HttpOnly
<?xml version="1.0" encoding="UTF-8"?>
<cXML>
<Response>
<Status code="200" text="OK"/>
<StartPage>
<URL>http://localhost:3000/foobar/BAh7DDoNYmFza2V0aWRJI...
</StartPage>
</Response>
</cXML>
Can anyone help to remove all the http headers within the controller or any
config? which is below section.
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Content-Type: application/xml; charset=
X-Ua-Compatible: IE=Edge
X-Request-Id: c5602cd7eb23ca8137bef8bb1f0a4f8a
X-Runtime: 0.027900
Server: WEBrick/1.3.1 (Ruby/1.9.3/2013-11-22)
Date: Wed, 18 Jun 2014 05:27:48 GMT
Content-Length: 529
Connection: Keep-Alive
Set-Cookie: _session_id=a8039d615674feec206e6c55a7a7afc8; path=/;
HttpOnly
I am using nginx at the moment.
I have some says that this is kind of a nonsense request, since HTTP servers by
definition uses header to talk to one another. But I have also been informed that W3 think otherwise.
http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4
I have also googled around for hours attempting other solutions changing my rails controller without any success. Is the last resort possibly changing config in Nginx and wouldn't that effect the whole rails application and not just the api calls or is there a way to single out one call?
Thanks in advance.
T
This is a nonsense request, yeah. You can use the HttpHeadersMore module to remove most of the response headers. Something like this should do it:
location /your/api/path {
more_clear_headers '*';
}
However, you can't remove the Connections header without patching nginx. And even if you could, you can't remove the first line of the response ("HTTP/1.1 200 OK", in this case). Without that line, it isn't an HTTP response. You're going to have a hard time convincing an HTTP server to send non-HTTP responses.
To get what you're describing, I think you'll need a custom server that communicates over bare TCP sockets. This tutorial might help you out. Or maybe you could implement that part of your app in node.js (or another tool)?
I recently deployed an app -- http://jobs.atlas-china.com
If you go on to http://jobs.atlas-china.com/jobs/2 , you'll notice that the glyphicon for the resume upload does not show up in firefox.
This is because of the Cross Site Header issue. I've tried to fix this by defining a default header, but it's still being wacky.
My application.rb looks like so --
module Atlas
class Application < Rails::Application
config.assets.precompile += %w(*.png *.jpg *.jpeg *.gif)
config.action_dispatch.default_headers = {
'X-Frame-Options' => 'ALLOWALL',
'X-XSS-Protection' => '1; mode=block',
'X-Content-Type-Options' => 'nosniff',
'Access-Control-Allow-Origin' => ENV['APP_URL']
}
end
end
The font assets are being loaded from cloudfront, so I though this could be a caching issue. However, if I try to make a curl request to the equivalent heroku url, I get --
~$ curl -i http://jobs.atlas-china.com/assets/bootstrap/glyphicons-halflings-regular-fcc658a3dec1be1cb0a9bb81f4c7c6de.woff
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=315360000
Cache-Control: public
Content-Type: font/x-woff
Date: Fri, 30 May 2014 05:13:52 GMT
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Wed, 16 Apr 2014 06:51:18 GMT
Server: nginx/1.4.7
Content-Length: 23320
Connection: keep-alive
I still don't see anything about an Access-Control-Allow-Origin
What should I be doing here?
update
When I make a curl request to the root url, I do see it though!
curl -i http://jobs.atlas-china.com
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://jobs.atlas-china.com
Cache-Control: max-age=0, private, must-revalidate
Content-Type: text/html; charset=utf-8
Date: Fri, 30 May 2014 05:21:10 GMT
Etag: "a73e238bf8cb6ccb7fdf53ae108e11c6"
Server: nginx/1.4.7 + Phusion Passenger 4.0.41
Set-Cookie: _atlas_session=UkVHc0ZSVko2QmdZMWp3djhuelpvUEtMRXVlU1FJclRSN1dpcTR6QWlDS0gyUU15UmdBY0dZWTMya0FtUnFST2RkVnBiWURUdkRTZVJLNk9JcUxlUnZKWHRWaWoxZnZPdThVVTVMMU5qRlpkQnJxUUVBWHQ3WjUreVZ4VENWeTE1WHF3Sit3ZVFQSzMxYmFRVER0aUpsNUN3OW5IOHJQenIzcU9ZcSt5cndwaWlQRXRheVA3dVZMbTVaek5CRFphLS1SNHo4YjlWQ0JXc0U1MlN5R1NjTVlnPT0%3D--0b975a5008287efb7f8114cbcbedd57b34b7d0f9; path=/; HttpOnly
Status: 200 OK
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: ALLOWALL
X-Powered-By: Phusion Passenger 4.0.41
X-Request-Id: 964dee7f-d49b-4d68-9a35-f8cd0f6371dc
X-Runtime: 0.147926
X-Xss-Protection: 1; mode=block
transfer-encoding: chunked
Connection: keep-alive
Seems to work for me?
CORS
FYI
Seems like you know already, but CORS is basically a way to protect domains / servers from external AJAX requests. The standard setup is the server will deny requests from external domains automatically, regardless of the headers you send
The way to accept / deny any CORS request is to set the policy options on the Rails server, to allow requests from the domains you want. Rails has a gem to help you do this, called Rack-CORS:
#config/application.rb
config.middleware.use Rack::Cors do
allow do
origins 'your_domain.com' #-> has to be exact domain
resource '/your/url', :headers => :any, :methods => [:get, :post, :options]
end
end
I don't know if this will help you or not, but it will certainly give you some ideas as to how to DRY up your CORS headers, as well as giving you the ability to accept requests as you require
There are quite a few SO questions (1, 2, 3, etc.) that go over the same problem I am having (fonts are not displaying on FireFox due to CORS issue). I have tried all of the proposed solutions in the above questions as well as various blog posts that come up when Googling the issue.
In my specific case I am using Cloudfront on Heroku but I am not using S3 (my assets are pulled to the CDN on first request). I am also using site-wide SSL (and I'm not sure if this is what is causing my issues as all the other examples seem to be for http:// sites). Currently I am trying to use the font_assets gem but when I curl one of my font files (or even a jpg file) I am getting a 301 Moved Permanently instead of a 200.
curl -i https://d2loy3ox2q4ikr.cloudfront.net/assets/fontawesome-webfont-9a3b8f90662fe9149f07a059f1a4c782.woff
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 09 Apr 2014 12:27:33 GMT
Location: https://www.transdraft.com/assets/fontawesome-webfont-9a3b8f90662fe9149f07a059f1a4c782.woff
Status: 301 Moved Permanently
X-Cache: Miss from cloudfront
Via: 1.1 1316c66c042cd4b103a533bbf48877a5.cloudfront.net (CloudFront)
X-Amz-Cf-Id: NciaYbAYVS7OpY6ORzjeZMurd_cyBo-B1WfN1QZbSexbM2DoD0vWqg==
curl -i https://d2loy3ox2q4ikr.cloudfront.net/assets/transdraft-hp-2-0fa26dc608ff6a3ea83a093dce8e6338.jpg
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 09 Apr 2014 12:28:47 GMT
Location: https://www.transdraft.com/assets/transdraft-hp-2-0fa26dc608ff6a3ea83a093dce8e6338.jpg
Status: 301 Moved Permanently
X-Cache: Miss from cloudfront
Via: 1.1 c8b893f88c46deef2c0f22aefa2d3ecc.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 897u3X7te5f167cZlJiBME1UlBp5NYtGrKm18D4FWOHlTEFMITYTLw==
Any idea what I might be doing wrong?
I fixed this same issue by modifying my application.css.scss to use SCSS imports instead of requires.
From:
//= require font-awesome
To:
#import 'font-awesome';
This may not work for you if you're not using SCSS.
I need charset to be utf-8, which seem to be the case by default. Recently I enabled page caching for a few static pages:
caches_page :about
The caching works fine, and I see the corresponding about.html and contact.html pages generated in my /public folder, except when the page renders, it's no longer in utf-8.
After googling for a bit I tried looking at the http headers with wget, before and after caching:
first time:
$wget --server-response http://localhost:3000/about
HTTP request sent, awaiting response...
1 HTTP/1.1 200 OK
2 X-Ua-Compatible: IE=Edge
3 Etag: "f7b0b4dea015140f3b5ad90c3a392bef"
4 Connection: Keep-Alive
5 Content-Type: text/html; charset=utf-8
6 Date: Sun, 12 Jun 2011 03:44:22 GMT
7 Server: WEBrick/1.3.1 (Ruby/1.8.7/2009-06-12)
8 X-Runtime: 0.235347
9 Content-Length: 5520
10 Cache-Control: max-age=0, private, must-revalidate
cached:
$wget --server-response http://localhost:3000/about
Resolving localhost... 127.0.0.1
Connecting to localhost[127.0.0.1]:3000... connected.
HTTP request sent, awaiting response...
1 HTTP/1.1 200 OK
2 Last-Modified: Sun, 12 Jun 2011 03:34:42 GMT
3 Connection: Keep-Alive
4 Content-Type: text/html
5 Date: Sun, 12 Jun 2011 03:39:53 GMT
6 Server: WEBrick/1.3.1 (Ruby/1.8.7/2009-06-12)
7 Content-Length: 5783
as a result the page displays in ISO-8859-1 and I get a bunch of garbled text. Does anyone know how I can prevent this undesirable result? Thank you.
The solution will depend on the server used.
When you use page cache, the servers reads the server directly, so the rails stack does not provide encoding information to the server. Then the server default apply.
If you're using apache with passenger, add to the configuration:
AddDefaultCharset UTF-8
If you need specific charsets, use a solution like the one in http://www.philsergi.com/2007/06/rails-page-caching-and-mime-types.html
<LocationMatch \/(rss)\/?>
ForceType text/xml;charset=utf-8
</LocationMatch>
<LocationMatch \/(ical)\/?>
ForceType text/calendar;charset=utf-8
</LocationMatch>