I have a domain running on example.com and https://example.com on Heroku. I have a URL redirect on my name server from www to https://example.com. I have config.force_ssl = true set in config/environment/production.rb. The domain URL redirect works only on http, not https. It works in Chrome the first time I type www.example.com. However it fails the 2nd time I use www.example.com. It gives a 'ERR_CONNECTION_REFUSED' with a 307 Internal Redirect.
Status Code: 307 Internal Redirect
Location: https://www.example.com/
Non-Authoritative-Reason: HSTS
This is despite the domain service always giving Location: https://example.com via curl. Where is Chrome getting https://www* from? I saw https://superuser.com/a/881431/130929 about deleting the HSTS entries from Chrome at chrome://net-internals/#hsts. If I do that for both example.com and www.example.com, then it works only the first time for www.example.com again. example.com and https://example.com always works. What's worse is that in Firefox, after loading the page, simply using example.com fails because Firefox automatically adds a https://www. How can I use HTTPS on the root domain and redirect www to the root domain? I don't care about handling https://www.example.com as no one would type that. They would only mistakenly type www.example.com.
OK I fixed it with this answer http://stackoverflow.com/questions/10629397/ddg#10632901
I saw in curl -i https://example.com that it was returning
Strict-Transport-Security: max-age=15552000; includeSubDomains
The max age is 6 months. includeSubDomains probably means to include www. So I added
class ApplicationController < ActionController::Base
before_action :disable_hsts_subdomains
def disable_hsts_subdomains
response.headers["Strict-Transport-Security"] = 'max-age=15552000;'
end
Which just removed includeSubDomains so it wouldn't try to redirect www without reaching out to the host first (DNS server), which would send the redirect to the proper root domain.
My web app is hosted on heroku (Ruby on Rails). I use Amazon Route 53 for DNS. I have followed the Heroku docs for configuring Automated Certificate Management so my app can serve HTTPS. I have tested this through a web browser and I am able to access the site fine with HTTPS. I'm relatively certain that a) routing to heroku is working 2) https is working.
Here is where the difficult comes in. I am trying to get my app association file to work with my mobile app. I am able to pull up the file by going to my domain: https://www.example.com/apple-app-site-association.
My ruby app serves up the file in the manner suggested by this SO post:https://stackoverflow.com/a/35588346/5357940.
I have validated that the link is working without redirects with redirectcheck.com. This shows the content type is correct and that there are no redirects happening.
https://www.example.com/apple-app-site-association
HTTP/1.1 200 OK
Server: Cowboy
Connection: close
Date: Tue, 28 Mar 2017 23:29:50 GMT
Status: 200 OK
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: no-cache
Content-Type: application/json; charset=utf-8
X-Request-Id: 21fd0610-2797-4c83-81ec-d54616086036
X-Runtime: 0.184758
Via: 1.1 vegur
When I run the apple validator, all the tests pass except for the "Link To Application" test. The error returned is:
App Name Domain
Link http://www.example.com/testlink
Bundle Id com.example.app
Universal false
Error cannot fetch app site association
I have read through all the other SO question on this topic, but can't find one that addresses the specific problem I am having.
p.s. I have replaced the name of the app with domain.
After much futzing, I found that everything was actually working despite apple's validation tool telling me otherwise. Since I did not have my app with the appropriate site applinks registered, I could not test in the app. It appears this is because Apple's validator apparently caches site association files. Even though I was changing my site file, apple kept saying it was not readable when in fact it was.
The main issue that i found in my case is that i should add ALL subdomains for Domain association capability:
I put a script tag on my html page, and run it on firefox, firebug tell me that the script is '302 Moved Temporarily',
but when I open that script in new tag on the browser, it's 200 ok(response conrrectly)~~
I saw that when 302 the server response a redirect page, here's the header:
Cache-Control max-age=2592000
Connection keep-alive
Content-Length 154
Content-Type text/html
Date Tue, 26 Mar 2013 08:10:33 GMT
Expires Thu, 25 Apr 2013 08:10:33 GMT
Location http://www.xxxx.com/error/index.html
Server nginx
if I put the script on other server(no error redirecting page settings), will not come across this question
Anyone met the same question with me?
I don't want to put the file on other server and have no permission to config this server.
Is there a solution to this?
Thanks a lot and forgive my poor English.
I am having extreme difficulty understanding what you are asking so I'm just making a guess. If a 302 has a cache control header on it that tells the browser that it's allowed to cache the redirected page, the browser may do so. For example, here's some documented improvements in IE 9 with respect to caching redirect pages: http://blogs.msdn.com/b/ie/archive/2010/07/14/caching-improvements-in-internet-explorer-9.aspx
When I look at the Network tab in Opera Dragonfly, I'm not seeing POSTEd parameters or the RESPONSE content. Here's what I see:
Raw Response
HTTP/1.1 200 OK
Server: Microsoft-IIS/5.1
Date: Thu, 15 Jul 2010 12:43:19 GMT
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 22320
In Dragonfly, is there a way to examine the parameters posted to the server and the actual response from the server?
The ability for Opera Dragonfly to get this information from the Opera rendering engine (Presto) should be included in Opera 11. We are currently working on implementing the client side code in Opera Dragonfly to support this and other Network Inspector features, such as editing headers and replaying requests.
EDIT:
As of July 2011 (Opera Dragonfly 1.1) it is possible.
To see POST parameters in Opera Dragonfly click on Network tab followed by Network log subtab. NOTE: It requires reloading the page, if the page was already loaded while opening Opera Dragonfly.
Not yet. Microsoft Fiddler HTTP debugger is a good replacement if you have an OS to run it on.
I have a controller in MVC serving up images from a database.
EDIT: This still happens if I serve up a file over completely standard means in MVC.
Every time I request my image, Google Chrome also searches for my favicon.ico.
To avoid unnecessary discussions about other things "I should also care about" let us assume I do not care for caching whatsoever in this example and I shall always return HTTP response 200 with the file.
In my controller I return the following:
return File(fileBytes, contentType);
After inspecting Fiddler 2, the following response is generated:
HTTP/1.1 200 OK
Cache-Control: public
Content-Type: image/gif
ETag: oYu19wKo+KEHkyxZQ2WXAA==
Server: Microsoft-IIS/7.0
X-AspNetMvc-Version: 1.0
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
Date: Tue, 16 Jun 2009 18:48:45 GMT
Content-Length: 29344
By comparison, this is the response in Fiddler from Google when I request (for the first time) the Google logo:
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Wed, 07 Jun 2006 19:42:34 GMT
Date: Tue, 16 Jun 2009 18:50:54 GMT
Expires: Wed, 16 Jun 2010 18:50:54 GMT
Cache-Control: public, max-age=31536000
Server: gws
Content-Length: 8706
Age: 2
However, in Chrome after getting my image Chrome attempts to find my favicon.ico. It does not try this after requesting the Google logo.
Any ideas why this might be happening? From my understanding on HTML, the answer must be in the response header because surely that is all the client has to go on? Please correct me!
EDIT 2: It seems a lot of people have completely misunderstood the problem. The problem is not the lack of a favicon and the erroring requests in MVC - it's the problem of requesting a favicon when only an image is being loaded, with a content type of "IMAGE/JPEG", as opposed to a webpage with a content type of "TEXT/HTML"!!
This has nothing to do with MVC. I am using webforms with a custom built log service and I stumbled upon this post wondering why I had continuous 'File does not exist' errors in my logs. This is locally on my development machine, I have no favicon.ico files in my projects, and I have tried IE, Firefox and Google trying to see which browser is the guilty party.
Every request from Google Chrome to my apps makes a request for a favicon.ico. I had to start logging browser locally to determine that it was in fact googles browser that is the culprit. I'd contact google if it bothers you. I just wanted to make sure it wasn't some new trojan infecting my chrome.
The actual answer: It's a known, verified bug. *(recently fixed!... maybe?)
Looks like a known, longstanding issue with Chrome:
http://crbug.com/39402
If you want it fixed sooner, star the issue. More people starring the issue will likely increase its priority and possibly get it fixed faster.
****UPDATE 1***: As of May 15 of this year (2013)--four years after this question was asked--it looks like the issue has been fixed in version 29:
http://crbug.com/39402#c47
Feel free to undo all your hacks and workarounds. :]
****UPDATE 2 (2015-01)***: This is apparently still an issue for some users, according to the same issue link. :/
Do you have a favicon? If not, perhaps that's why Chrome is attempting to find it every time for your website. For google it already has the favicon cached.
one thing you could do is have MVC ignore any request for *.ico so that you don't get any exceptions while debugging.
Should be something like this:
routes.MapRoute("ignore-favicon", "{*path}", null, new {path = ".*/favicon\\.ico"});
That URL pattern matches everything, but then we constrain it to only match anything ending in favicon.ico. (I haven't tested this)
I ran into this problem a while back and got around it by ignoring the specific route by adding
routes.IgnoreRoute("{*favicon}", new { favicon = ".*/favicon\\.ico" });
into the RegisterRoutes method in Global.asax.
It appears for me that Chrome requests a favicon for its own tabs - I kept getting 404s (because my favicon is somwhere else and my pages know it) till I did some tests and realized it was Chrome making direct requests to the favicon file. No real fix except making a rewrite to the real file I guess
You can add something like this within your web.config file to make sure that the favicon.ico is cached on the client and is not being requested every time.
<location path="favicon.ico">
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="Cache-Control" value="public, max-age=31536000" />
</customHeaders>
</httpProtocol>
</system.webServer>
</location>
You can/should do the same for any images / .js and css files
You should set the Expires header to tell the browser how long it should use its local copy.
If you check your project setting it says default icon somewhere. Remove that?
Chrome browser could work with Google site in another way than with any other site, so, at first, I would recommend to check if it looks for favicon.ico every time somewhere else, for example, on StackOverflow.
I would also check if Firefox does the same with your site. I think favicon.ico should be requested only one time per browser run even if it isn't present on site. This could be bug in Chrome version you use.
This SO question/answer explains how to serve the Favicon to the browser by using routes.
Its important to put in an ICON link into your masterpage or some browsers will try to find favicon.ico for all directories and not just globally once per done.
<link rel="SHORTCUT ICON" href="<%= Url.Content("~/content/images/rr-favicon.ico") %>"/>
It seems google toolbar is the guilty party judging by my logs (and IE6 of course). They both will make requests for directories other than the root
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Mozilla/4.0 (compatible; GoogleToolbar 6.2.1910.1554; Windows 6.0; MSIE 8.0.6001.18828)