Error code: ERR_RESPONSE_HEADERS_MULTIPLE_CONTENT_LENGTH - ruby-on-rails

I have a rails 2.3.8 application that worked just fine until I noticed that I'm not being able to download files from the same due to multiple Content-Length headers.
Interesting stuff is when I run the app on development mode everything works fine but when I restart the app on production mode I get this set twice.
Here are two different response headers:
When on production:
HTTP/1.1 200 OK
Date: Thu, 25 Jul 2013 07:33:42 GMT
Server: Mongrel 1.1.5
Status: 200 OK
X-Sendfile: filename.pdf
Content-length: 386742
Content-Transfer-Encoding: binary
Cache-Control: no-cache
Content-Disposition: attachment; filename="6301 OCCUPANT EMERGENCY PROCEDURES.pdf"
Content-Type: application/pdf
Content-Length: 1
Set-Cookie: *******
And on dev mode
HTTP/1.1 200 OK
Date: Thu, 25 Jul 2013 07:58:05 GMT
Server: Mongrel 1.1.5
Status: 200 OK
Content-Transfer-Encoding: binary
Cache-Control: private
Content-Disposition: attachment; filename="6301 OCCUPANT EMERGENCY PROCEDURES.pdf"
Content-Type: application/pdf
Content-Length: 386742
Set-Cookie: bssonline=f7d1552a46e499430af3367a0144267e; path=/
So on the dev mode only one Content-Length is found once whereas in the prod mode it comes twice due which Im not able to download any files.
Any idea as to how to solve this issue ?
Thanks

Related

Get Akamai Token for IPTV HLS

Can anyone solve the way I can generate akamai streaming token from the browser when the android app is not available?
I get this string from the app :
<--
POST /api/tibo324/getakamaitoken HTTP/1.1
Content-Length: 328
Content-Type: application/x-www-form-urlencoded
Host: tibodrm.appspot.com
Connection: Keep-Alive
User-Agent: Apache-HttpClient/UNAVAILABLE (java 1.4)
<--
auth=84Kwfr741QQv%252BnUMXtW%252FcbZ6aWNQKN0mCAVccmjo%252FXaf6PaB2pz7j3QqAlxHaj%252Fut%252Bu3vSzDt8NO%250AKqNBIgM7ckBedzNMkGOBRtlFfi3gAUuUzYvFN7U9ClHQKKWtfL%252F%252FyB2o1qyvGc2tY8i8lud%252F3tqg%250AhyjUvUD3Bib11V9aQqx8JOBslArMz%252FUaXLR0skPUETIeQatFmGmhFoyuyPhgbg%253D%253D%250A&AppID=v%252B10zWNKL8RJ8SY6LUSZXg%253D%253D%250A
-->
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Dec 2017 22:24:09 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 118
Vary: Accept-Encoding
X-Powered-By: Express
ETag: W/"76-zi4HHRQAuAUejh/FF9M5ZFJtPek"
Via: 1.1 google
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
-->
?__token__=ip=00.000.00.000~exp=1514332929~acl=*~hmac=e9afdfe9f6b41c0ca14a16bc60a11253aecd432243789144c1ebaa70f23c615e
When I try to fetch the following URL:
https://tibodrm.appspot.com/api/tibo324/getakamaitoken?auth=84Kwfr741QQv%2BnUMXtW%2FcbZ6aWNQKN0mCAVccmjo%2FXaf6PaB2pz7j3QqAlxHaj%2FuFjEcIocduH6Z%0Awc5ZzKaqnmHhinePCNCcvQfh68bi2UvbZq04lBalY0job9%2FyVeuV1kh4hzWnP8sVuRozO27rFhSY%0AmDB8ck%2FuN0SqKEoxzycGUGhaZy3bjy88%2BhhwEMQknGNJ2j2JdMIHMT0AcLTFoQ%3D%3D%0A&AppID=v%2B10zWNKL8RJ8SY6LUSZXg%3D%3D%0A
I get a response in the browser:
Cannot GET /api/tibo324/getakamaitoken
What am I missing?
The answer is in your question: you can't GET the URL because it's accessed via POST only. And it looks like the POST requires an authentication string that's generated via the app. Making a POST without any data returns a descriptive error string:
$ http POST https://tibodrm.appspot.com/api/tibo324/getakamaitoken
HTTP/1.1 200 OK
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Content-Encoding: gzip
Content-Type: application/json; charset=utf-8
Date: Wed, 27 Dec 2017 21:44:19 GMT
ETag: W/"31-zIZow+wVfq5Z3stS2NUNRdvP0go"
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 google
X-Powered-By: Express
{
"description": "no token at all",
"isValid": false
}
The inability to access the token generator through unauthenticated web calls is usually by design as the token is a protective tool Akamai provides customers to prevent access to content outside of the content provider's control.
In short, the content provider you're looking at doesn't want you to access their video outside of their application. If the application isn't able to access the video then you should reach out to the content provider to get that issue fixed rather than trying to circumvent their security scheme.

rails 4 http caching returning 200 iso 304, even with the same ETag and last_modified

I'm quite new to caching so I've been trying some different ways of caching my website. I've settled on HTTP caching now, because it's the most appropriate with sporadic updates and lots of users perusing the same pages over and over.
I'm struggling to get it working however. The site shows different content based on whether you're logged in or not, so I have to invalidate cache based on current_user as well as the latest update on the collection of models.
If I look in chrome inspect the ETag and the modified_since are the same, but the server returns a 200 instead of a 304. My code works in development environment, so I'm lost in how to troubleshoot it. Also a different page that only invalidates based on the collection of models (similar on latest update), does work as expected.
Code from the controller:
def index
...#some code
# HTTTP caching:
last_mod = #scraps.order("updated_at").last.updated_at
user = current_user ? current_user.id : 0
fresh_when etag: user.to_s, last_modified: last_mod, public: false
end
Output from chrome inspect
Response Headers:
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
Last-Modified: Sun, 23 Jul 2017 20:40:53 GMT
Cache-Control: max-age=0, private, must-revalidate
ETag: W/"6e92592bdb6c3cf610020e2b076e64b4"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Runtime: 3.187090
X-Request-Id: c698c0c6-8a0d-44ba-8ca9-3f162b766478
Date: Mon, 24 Jul 2017 14:49:38 GMT
Set-Cookie: ... [edited out]; path=/; HttpOnly
X-Powered-By: Phusion Passenger 5.0.30
Server: nginx/1.10.1 + Phusion Passenger 5.0.30
Content-Encoding: gzip
Request Headers:
GET /scraps?page=3&price_max=100&price_min=0&producer=silk+scraps HTTP/1.1
Host: www.picture-scraps.com
Connection: keep-alive
Accept: text/html, application/xhtml+xml, application/xml
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36
X-XHR-Referer: https://www.picture-scraps.com/scraps?page=4&price_max=100&price_min=0&producer=silk+scraps
Referer: https://www.picture-scraps.com/scraps?page=4&price_max=100&price_min=0&producer=silk+scraps
Accept-Encoding: gzip, deflate, br
Accept-Language: nl-NL,nl;q=0.8,en-US;q=0.6,en;q=0.4,af;q=0.2
Cookie: ... [edited out]
If-None-Match: W/"6e92592bdb6c3cf610020e2b076e64b4"
If-Modified-Since: Sun, 23 Jul 2017 20:40:53 GMT
I can imagine some additional information is needed, so please request and I'll add to the question.
Figured it out today. This post provides the answer. I saw the server used weak etags while in the dev environment strong etags were used. The latter is as expected as weak etags were only introduced from rails 5 forward.
If you use Nginx with rails 4 you might experience the same problem. Installing rails_weak_etags gem solved it for me.

Remove Http header response

I am working on a project which requires a client to make an api call to
my
rails application and it to return XML without any http header info.
its currently returning:
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Content-Type: application/xml; charset=
X-Ua-Compatible: IE=Edge
X-Request-Id: c5602cd7eb23ca8137bef8bb1f0a4f8a
X-Runtime: 0.027900
Server: WEBrick/1.3.1 (Ruby/1.9.3/2013-11-22)
Date: Wed, 18 Jun 2014 05:27:48 GMT
Content-Length: 529
Connection: Keep-Alive
Set-Cookie: _session_id=a8039d615674feec206e6c55a7a7afc8; path=/;
HttpOnly
<?xml version="1.0" encoding="UTF-8"?>
<cXML>
<Response>
<Status code="200" text="OK"/>
<StartPage>
<URL>http://localhost:3000/foobar/BAh7DDoNYmFza2V0aWRJI...
</StartPage>
</Response>
</cXML>
Can anyone help to remove all the http headers within the controller or any
config? which is below section.
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Content-Type: application/xml; charset=
X-Ua-Compatible: IE=Edge
X-Request-Id: c5602cd7eb23ca8137bef8bb1f0a4f8a
X-Runtime: 0.027900
Server: WEBrick/1.3.1 (Ruby/1.9.3/2013-11-22)
Date: Wed, 18 Jun 2014 05:27:48 GMT
Content-Length: 529
Connection: Keep-Alive
Set-Cookie: _session_id=a8039d615674feec206e6c55a7a7afc8; path=/;
HttpOnly
I am using nginx at the moment.
I have some says that this is kind of a nonsense request, since HTTP servers by
definition uses header to talk to one another. But I have also been informed that W3 think otherwise.
http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4
I have also googled around for hours attempting other solutions changing my rails controller without any success. Is the last resort possibly changing config in Nginx and wouldn't that effect the whole rails application and not just the api calls or is there a way to single out one call?
Thanks in advance.
T
This is a nonsense request, yeah. You can use the HttpHeadersMore module to remove most of the response headers. Something like this should do it:
location /your/api/path {
more_clear_headers '*';
}
However, you can't remove the Connections header without patching nginx. And even if you could, you can't remove the first line of the response ("HTTP/1.1 200 OK", in this case). Without that line, it isn't an HTTP response. You're going to have a hard time convincing an HTTP server to send non-HTTP responses.
To get what you're describing, I think you'll need a custom server that communicates over bare TCP sockets. This tutorial might help you out. Or maybe you could implement that part of your app in node.js (or another tool)?

D2L Dropbox - Posting issue

I'm getting an error trying to post a file to the dropbox in D2L. I'm using HttpRequest in PHP. The Org ID and Folder ID are both valid - I am retrieving the folder ID from the API (using the OrgID).
Here is the HttpRequest output:
POST /d2l/api/le/1.1/61381/dropbox/folders/677320/submissions/mysubmissions/?x_a=d0RNh1RjRGSMJu-dyj_wmw&x_b=_098IyP4bzkow_G-7Ke4Dv&x_c=3_L5VOX5RarK7mztTyX67sL_TyceBOK5r18GnRu9VbE&x_d=jVPR_DXuVf1JIl-YLe3Ad_OM2Ph8xG8UiMYriJVRc2w&x_t=1350769323 HTTP/1.1
User-Agent: PECL::HTTP/1.6.1-dev (PHP/5.2.6)
Host: <hostname>
Accept: */*
Content-Type: multipart/mixed; boundary=65ace1fa6e1f
Content-Length: 251
--65ace1fa6e1f
Content-type: application/json
{"Text":"test","HTML":null}
--65ace1fa6e1f
Content-Disposition: form-data; name=""; filename="file.txt"
Content-Type: application/octet-stream
eyAiVGVztCI6IlRsaXMgfXMgdGVzdYBkYXRhLiIgfQ==
--65ace1fa6e1f--
And the response:
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 131
Content-Type: text/html; charset=utf-8
Location: /d2l/error/404
Server: Microsoft-IIS/6.0
X-XSS-Protection: 0
X-Powered-By: ASP.NET
Date: Sat, 20 Oct 2012 21:42:26 GMT
It appears to be a 404 (No such dropbox folder, or no such org unit), but I know both values to be valid.
I've logged into D2L and the OrgID and DropboxID are both correct in the URL when I'm editing the dropbox settings. The user in question has permission to access the dropbox, and can do so in D2L.
Any help would be appreciated!

enabling rails page caching causes http header charset to disappears

I need charset to be utf-8, which seem to be the case by default. Recently I enabled page caching for a few static pages:
caches_page :about
The caching works fine, and I see the corresponding about.html and contact.html pages generated in my /public folder, except when the page renders, it's no longer in utf-8.
After googling for a bit I tried looking at the http headers with wget, before and after caching:
first time:
$wget --server-response http://localhost:3000/about
HTTP request sent, awaiting response...
1 HTTP/1.1 200 OK
2 X-Ua-Compatible: IE=Edge
3 Etag: "f7b0b4dea015140f3b5ad90c3a392bef"
4 Connection: Keep-Alive
5 Content-Type: text/html; charset=utf-8
6 Date: Sun, 12 Jun 2011 03:44:22 GMT
7 Server: WEBrick/1.3.1 (Ruby/1.8.7/2009-06-12)
8 X-Runtime: 0.235347
9 Content-Length: 5520
10 Cache-Control: max-age=0, private, must-revalidate
cached:
$wget --server-response http://localhost:3000/about
Resolving localhost... 127.0.0.1
Connecting to localhost[127.0.0.1]:3000... connected.
HTTP request sent, awaiting response...
1 HTTP/1.1 200 OK
2 Last-Modified: Sun, 12 Jun 2011 03:34:42 GMT
3 Connection: Keep-Alive
4 Content-Type: text/html
5 Date: Sun, 12 Jun 2011 03:39:53 GMT
6 Server: WEBrick/1.3.1 (Ruby/1.8.7/2009-06-12)
7 Content-Length: 5783
as a result the page displays in ISO-8859-1 and I get a bunch of garbled text. Does anyone know how I can prevent this undesirable result? Thank you.
The solution will depend on the server used.
When you use page cache, the servers reads the server directly, so the rails stack does not provide encoding information to the server. Then the server default apply.
If you're using apache with passenger, add to the configuration:
AddDefaultCharset UTF-8
If you need specific charsets, use a solution like the one in http://www.philsergi.com/2007/06/rails-page-caching-and-mime-types.html
<LocationMatch \/(rss)\/?>
ForceType text/xml;charset=utf-8
</LocationMatch>
<LocationMatch \/(ical)\/?>
ForceType text/calendar;charset=utf-8
</LocationMatch>

Resources