Chrome dev tools response encoded json - json

I am trying to read a http post request data using Chrome developer tools but both payload and response is encoded instead of Json format.
request headers:
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,cy;q=0.8,fa;q=0.7,tr;q=0.6
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 88
Content-Type: application/json
Host: 192.168.88.11
Origin: http://192.168.88.11
Pragma: no-cache
Referer: http://192.168.88.11/?16550159
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36
X-Requested-With: XMLHttpRequest
response headers:
Connection: keep-alive
Content-Type: text/html
Date: Sun, 12 Jun 2022 09:15:28 GMT
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
request payload
LyZJQwGM78nstubJ5ZHF63GzcsNSIli+ntpDXOkrmPHachPL9WQaCWc6DLLaoQ8WHSch4zCLwQvj7jE745KrHQ==
How can I see this payload in Json format?

Related

Chrome "access-Control-Allow-Origin" header for origin error (CORS)

I have the following setup:
Webserver 1 https://localhost:8888
Webserver 2 https://localhost:9005
Webserver 3 https://localhost:9006
I open https://localhost:8888 from a Web browser and enter the following JS code.
(async () => {
const endpointId = '1d60eb5195725648';
const continueUrl = 'https://localhost:9006/'
const signinUrl = new URL('https://localhost:9005/_login');
signinUrl.searchParams.set('continue', continueUrl);
signinUrl.searchParams.set('endpoint', endpointId);
const response = await fetch(signinUrl.toString(), {
credentials: 'include',
headers: {
'Authorization': `Bearer ${gapi.auth.getToken().access_token}`,
},
});
})();
I'm getting this error in my Chrome Browser Version 102.0.5005.115
Access to fetch at 'https://localhost:9006/?TOKEN=0<Truncated>c&endpoint=1d60eb5195725648' (redirected from 'https://localhost:9005/_login?continue=https%3A%2F%2Flocalhost%3A9006%2F&endpoint=1d60eb5195725648') from origin 'https://localhost:8888' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://localhost:8888' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
Looks like Origin field is correct according to the info in Headers. What am I missing?
(I truncated Token to improve readability)
Requests:
Request URL: https://localhost:9005/_login?continue=https%3A%2F%2Flocalhost%3A9006%2F&endpoint=1d60eb5195725648
Request Method: OPTIONS
Status Code: 200 OK
Remote Address: [::1]:9005
Referrer Policy: origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Headers: Proxy-Authorization
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://localhost:8888
Content-Length: 0
Date: Sun, 12 Jun 2022 02:47:09 GMT
--
Accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9,es;q=0.8
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Cache-Control: no-cache
Connection: keep-alive
Host: localhost:9005
Origin: https://localhost:8888
Pragma: no-cache
Referer: https://localhost:8888/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36
Request URL: https://localhost:9005/_login?continue=https%3A%2F%2Flocalhost%3A9006%2F&endpoint=1d60eb5195725648
Request Method: GET
Status Code: 302 Found
Remote Address: [::1]:9005
Referrer Policy: origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://localhost:8888
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 360
Content-Type: text/html; charset=utf-8
Date: Sun, 12 Jun 2022 02:47:09 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Location: https://localhost:9006/?TOKEN=00cfdab4e480656ed7d71b3e58df42fe5422d85d33118a5af5fb7cc66f2d81330b46740ccbca4927ecfe841e751f0de72fdf53c4eb7d66b7c5ab857e33c6beaa270950fe0c49047fd5260db3120731d0abbfe3be1a0d316db4b0754610c81e2b070cea24e46e0e5ef76937c65832ef7c315b452b846e87f59be3124478cee49045162c&endpoint=1d60eb5195725648
Pragma: no-cache
Accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9,es;q=0.8
Authorization: Bearer ya29.a0ARrdaM8mfOksOCl6l4O13z5PQv1cUVgKDKWgbo_rNXDL_Fw_-aedVVJdAFOSYByUjEy1WYrAKoik0KHx_c69aCXZcuAXbYedYkZRtDb5Y3Bz98eqjrOBjT0XrWspWdGNqRvsq_L_rDERdnsUFDFKCNiFCHV4sg
Cache-Control: no-cache
Connection: keep-alive
Cookie: _ga=GA1.1.1057744305.1654277711; _gid=GA1.1.1514740287.1654641546; _gat=1
Host: localhost:9005
Origin: https://localhost:8888
Pragma: no-cache
Referer: https://localhost:8888/
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="102", "Google Chrome";v="102"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "macOS"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36
Request URL: https://localhost:9006/?TOKEN=00cfdab4e480656ed7d71b3e58df42fe5422d85d33118a5af5fb7cc66f2d81330b46740ccbca4927ecfe841e751f0de72fdf53c4eb7d66b7c5ab857e33c6beaa270950fe0c49047fd5260db3120731d0abbfe3be1a0d316db4b0754610c81e2b070cea24e46e0e5ef76937c65832ef7c315b452b846e87f59be3124478cee49045162c&endpoint=1d60eb5195725648
Referrer Policy: origin
Provisional headers are shown
Learn more
Referer: https://localhost:8888/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36

Chrome refuses to cache http response

I set max-age in Cache-Control header, but every time when I reload the webpage, it just goes out and fetches the resource again, following is an example request and response headers:
Request Headers
:authority: mydomain.com
:method: GET
:path: /.well-known/openid-configuration
:scheme: https
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
accept-encoding: gzip, deflate, br
accept-language: en
cache-control: max-age=0 // I have no idea why this is sent in request by chrome
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="98", "Google Chrome";v="98"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36
Response Headers
access-control-allow-credentials: true
cache-control: public, s-maxage=2678400, max-age=14400, immutable
cf-cache-status: DYNAMIC
cf-ray: 6e7465234fc16c30-SIN
content-encoding: br
content-type: application/json; charset=utf-8
date: Sat, 05 Mar 2022 16:58:12 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSVocqHdnD4mopGV2L7pD08hRF3MZbpmBAsNHWm2eBznl15JNgOU7bkNcBn4qgoszBpGpGoCBPSbgCLWq796dv0jta9Ajlwq0BCEyW55h3Q2NO7mfQuz8cABZLAgWam4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding

Why refresh browser the image Response Status is 200, not 304?

I write a simple code:
<?php
echo "<h1>1233422</h1>";
?>
<html>
<img src="screen.png"/>
</html>
there is an image in the html, but when I refresh the browser page the png image is 200.
theoretically the image response status should be 304, why there is 200?
Two times request's Response Header are:
HTTP/1.1 200 OK
Content-Type: image/png
server: PhpStorm 10.0.1
date: Fri, 07 Dec 2018 03:35:42 GMT
cache-control: private, must-revalidate
last-modified: Fri, 07 Dec 2018 03:34:56 GMT
content-length: 11437
the second request Headers:
GET /test03-hante/screen.png HTTP/1.1
Host: localhost:63342
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://localhost:63342/test03-hante/index.php
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9,en;q=0.8
Cookie: wp-settings-time-1=1539853185; Webstorm-b87204fd=531be1b1-a109-47c6-97d9-4dd7b886ebde
you see, there is no If-Modified-Since and If-Non-Match params, why?
In browser refresh, HTTP image response status is "200 (cache)" because in refresh the image loaded from your browser cache.
You can learn more from this answer: https://stackoverflow.com/a/1665097/6678086

Chrome HTML5 medium canceled download

I'm having serious problems with Google Chrome.
I'm using MediaElement.js for audio and video playback. Firefox seems to play everything fine, so far.
Chrome doesn't. As soon, as the file becomes bigger, it won't play.
I have two test files. Both Mp4. The first one plays well in Chrome:
Request Headers:
Accept: */*
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4
Connection: keep-alive
DNT: 1
Range: bytes=0-
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.117 Safari/537.36
Response Headers:
Accept-Ranges: bytes
Cache-control: max-age=31536000, private
Connection: keep-alive
Content-disposition: attachment; filename="big_buck_bunny.mp4"
Content-Length: 5510872
Content-Type: video/mp4
Date: Mon, 24 Feb 2014 04: 13: 40 GMT
ETag: "24"
Expires: Tue, 24 Feb 2015 04: 13: 39 GMT
Last-Modified: Sat, 22 Feb 2014 16: 28: 14 GMT
Server: nginx
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Powered-By: PHP/5.5.9-1~dotdeb.1
X-XSS-Protection: 1; mode=block
The 2nd one doesn't:
Request Headers:
Accept: */*
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4
Cache-Control: max-age=0
Connection: keep-alive
DNT: 1
Range: bytes=0-
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.117 Safari/537.36
Response Headers:
Accept-Ranges: bytes
Cache-control: max-age=31536000, private
Connection: keep-alive
Content-disposition: attachment; filename="test.mp4"
Content-Length: 21546967
Content-Type: video/mp4
Date: Mon, 24 Feb 2014 04: 11: 29 GMT
ETag: "31"
Expires: Tue, 24 Feb 2015 04: 11: 29 GMT
Last-Modified: Mon, 24 Feb 2014 03: 23: 48 GMT
Server: nginx
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Powered-By: PHP/5.5.9-1~dotdeb.1
X-XSS-Protection: 1; mode=block
On Google, i found several discussions regarding this or similar problems. However, i havent found a real solution for this problem.
Another (maybe important) info is, that i serve the files via PHP. If i use the direct URL of the file, it works:
Request Headers:
Accept: */*
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4
Connection: keep-alive
DNT: 1
If-Range: "9c0c52-148c7d7-4f31e800012d1"
Range: bytes=21510441-21546966
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.117 Safari/537.36
Response Headers:
Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 36526
Content-Range: bytes 21510441-21546966/21546967
Date: Mon, 24 Feb 2014 04: 19: 03 GMT
ETag: "9c0c52-148c7d7-4f31e800012d1"
Last-Modified: Mon, 24 Feb 2014 03: 23: 48 GMT
Server: nginx
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-XSS-Protection: 1; mode=block
I've tested several scenarios now. This seems to be a general problem. Streaming media files via PHP doesn't work properly. The only reliable way is to stream the files via webserver.

Why does chrome respect the cache-control header for some resources, but does not for others?

I have an AJAX application with the following setup:
Dynamic content is served by a node.js server from localhost:8000
Static content is served by a jetty server from localhost:8080
There are two kinds of dynamic content:
Truly dynamic content based on result of SQL queries
The result of the combo handler, which concatenates files. In effect this content never changes, so it may be considered as static too.
I do the following steps:
Clear the chrome browsing cache (Settings -> Clear browsing data ... -> Empty the cache)
Refresh the application
Refresh the application
The static content as well as the one produced by the combo handler all have the cache-control header and the latter also has the expires header.
I expected that the first refresh will load all resources, but the second just the truly dynamic content. And even then, nothing would be returned, since no content is modified.
In reality, the browser loads more resources, then it should.
Please, find below a summary of the requests made by the browser after the first refresh (the combo urls are very long, so I truncated them for the sake of clarity):
# Result Protocol Host URL Body Caching Content-Type Process
1 200 HTTP localhost:8000 / 14,348 text/html; charset=utf-8 chrome:3852
2 200 HTTP localhost:8000 /combo?yui/cssreset/cssreset-min.css&yui/cssfonts/cssfonts-min.css 638 public,max-age=31536000; Expires: Fri, 16 Jan 2015 02:15:49 GMT text/css; charset=utf-8 chrome:3852
3 200 HTTP localhost:8080 /if/admin.min.css 22,176 public,max-age=31536000 text/css chrome:3852
4 200 HTTP localhost:8080 /yui/yui/yui-min.js 25,586 public,max-age=31536000 application/javascript chrome:3852
5 200 HTTP localhost:8080 /if/admin.min.js 37,889 public,max-age=31536000 application/javascript chrome:3852
6 200 HTTP localhost:8000 /combo?yui/cssgrids/cssgrids-min.css&yui/widget-base/assets/skins/sam/widget-base.css&... 6,223 public,max-age=31536000; Expires: Fri, 16 Jan 2015 02:15:49 GMT text/css; charset=utf-8 chrome:3852
7 200 HTTP localhost:8000 /combo?yui/oop/oop-min.js&yui/attribute-core/attribute-core-min.js&... 97,019 public,max-age=31536000; Expires: Fri, 16 Jan 2015 02:15:49 GMT application/javascript; charset=utf-8 chrome:3852
8 200 HTTP localhost:8000 /combo?yui/dataschema-json/dataschema-json-min.js&yui/dataschema-xml/dataschema-xml-min.js&... 46,248 public,max-age=31536000; Expires: Fri, 16 Jan 2015 02:15:50 GMT application/javascript; charset=utf-8 chrome:3852
9 200 HTTP localhost:8000 /combo?yui-gallery/gallery-querybuilder/assets/skins/sam/gallery-querybuilder.css&... 872 public,max-age=31536000; Expires: Fri, 16 Jan 2015 02:15:51 GMT text/css; charset=utf-8 chrome:3852
10 200 HTTP localhost:8000 /combo?yui-gallery/gallery-formmgr/gallery-formmgr-min.js&... 4,627 public,max-age=31536000; Expires: Fri, 16 Jan 2015 02:15:51 GMT application/javascript; charset=utf-8 chrome:3852
11 200 HTTP localhost:8000 /combo?yui-gallery/gallery-node-optimizations/gallery-node-optimizations-min.js&... 2,269 public,max-age=31536000; Expires: Fri, 16 Jan 2015 02:15:51 GMT application/javascript; charset=utf-8 chrome:3852
12 200 HTTP localhost:8000 /combo?yui/substitute/substitute-min.js 1,006 public,max-age=31536000; Expires: Fri, 16 Jan 2015 02:15:51 GMT application/javascript; charset=utf-8 chrome:3852
13 200 HTTP localhost:8000 /api/context 81,238 application/json; charset=utf-8 chrome:3852
14 200 HTTP localhost:8080 /yui/assets/skins/sam/sprite.png 2,913 public,max-age=31536000 image/png chrome:3852
15 200 HTTP localhost:8080 /yui/node-menunav/assets/skins/sam/horizontal-menu-submenu-indicator.png 157 public,max-age=31536000 image/png chrome:3852
Notes:
Requests 1 and 13 yield truly dynamic content - 1 is a jade template rendered as html and 13 is a result of an SQL query
Requests 3,4,5,14 and 15 yield static content (notice the port number is 8080)
The rest of the requests are combo requests - dynamic de jure, but static de facto.
Now here is how this summary looks like after the second refresh:
# Result Protocol Host URL Body Caching Content-Type Process
1 304 HTTP localhost:8000 / 0 chrome:3852
2 304 HTTP localhost:8000 /combo?yui/cssreset/cssreset-min.css&yui/cssfonts/cssfonts-min.css 0 public,max-age=31536000; Expires: Fri, 16 Jan 2015 02:38:55 GMT chrome:3852
3 304 HTTP localhost:8080 /if/admin.min.css 0 chrome:3852
4 304 HTTP localhost:8080 /yui/yui/yui-min.js 0 chrome:3852
5 304 HTTP localhost:8080 /if/admin.min.js 0 chrome:3852
6 304 HTTP localhost:8000 /combo?yui/cssgrids/cssgrids-min.css&yui/widget-base/assets/skins/sam/widget-base.css&... 0 public,max-age=31536000; Expires: Fri, 16 Jan 2015 02:38:55 GMT chrome:3852
7 304 HTTP localhost:8000 /combo?yui/oop/oop-min.js&yui/attribute-core/attribute-core-min.js&... 0 public,max-age=31536000; Expires: Fri, 16 Jan 2015 02:38:55 GMT chrome:3852
8 304 HTTP localhost:8000 /combo?yui/dataschema-json/dataschema-json-min.js&yui/dataschema-xml/dataschema-xml-min.js&... 0 public,max-age=31536000; Expires: Fri, 16 Jan 2015 02:38:56 GMT chrome:3852
9 304 HTTP localhost:8000 /api/context 0 chrome:3852
Notice, that the URLs of the requests 9 - 12,14 and 15 from the first summary are absent from the second summary - the browser caches them. However, why doesn't the browser also cache the requests 2 - 8 (from the first summary), which appear to have identical qualities as the cached ones?
Appendix A
Please, find below the complete headers of all the requests and responses following the first refresh (I used a new session, so the dates are different from the brief summary given above):
GET / HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Cache-Control: max-age=0
Authorization: Basic YWRtaW46MTIz
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 200 OK
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
ETag: "-1836563736"
Content-Encoding: gzip
Date: Thu, 16 Jan 2014 02:53:55 GMT
Connection: keep-alive
Transfer-Encoding: chunked
---
GET /combo?yui/cssreset/cssreset-min.css&yui/cssfonts/cssfonts-min.css HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Cache-Control: max-age=0
Authorization: Basic YWRtaW46MTIz
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 200 OK
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With
Vary: Accept-Encoding
Last-Modified: Tue, 23 Apr 2013 23:46:18 GMT
Cache-Control: public,max-age=31536000
Expires: Fri, 16 Jan 2015 02:53:55 GMT
Content-Type: text/css; charset=utf-8
ETag: "-1463284566"
Content-Encoding: gzip
Date: Thu, 16 Jan 2014 02:53:55 GMT
Connection: keep-alive
Transfer-Encoding: chunked
---
GET /yui/yui/yui-min.js HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Cache-Control: max-age=0
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 14 Jan 2014 11:59:00 GMT
ETag: W/"4gIxoOsipQY4gIw4Hu8s3Y"
Content-Length: 25586
Server: Jetty(9.1.0.v20131115)
---
GET /if/admin.min.css HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Cache-Control: max-age=0
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/css
Accept-Ranges: bytes
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 14 Jan 2014 11:59:00 GMT
ETag: W/"vSW0rAEe/b8vSW17JGA3h4"
Content-Length: 22176
Server: Jetty(9.1.0.v20131115)
---
GET /if/admin.min.js HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Cache-Control: max-age=0
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 14 Jan 2014 11:59:00 GMT
ETag: W/"7VPNTHzTc387VPMDOxNk7k"
Content-Length: 37889
Server: Jetty(9.1.0.v20131115)
---
GET /combo?yui/cssgrids/cssgrids-min.css&yui/widget-base/assets/skins/sam/widget-base.css&... HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Cache-Control: max-age=0
Authorization: Basic YWRtaW46MTIz
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 200 OK
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With
Vary: Accept-Encoding
Last-Modified: Tue, 23 Apr 2013 23:46:22 GMT
Cache-Control: public,max-age=31536000
Expires: Fri, 16 Jan 2015 02:53:55 GMT
Content-Type: text/css; charset=utf-8
ETag: "1986623550"
Content-Encoding: gzip
Date: Thu, 16 Jan 2014 02:53:55 GMT
Connection: keep-alive
Transfer-Encoding: chunked
---
GET /combo?yui/oop/oop-min.js&yui/attribute-core/attribute-core-min.js&... HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Cache-Control: max-age=0
Authorization: Basic YWRtaW46MTIz
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 200 OK
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With
Vary: Accept-Encoding
Last-Modified: Thu, 02 May 2013 22:59:53 GMT
Cache-Control: public,max-age=31536000
Expires: Fri, 16 Jan 2015 02:53:55 GMT
Content-Type: application/javascript; charset=utf-8
ETag: "1918884200"
Content-Encoding: gzip
Date: Thu, 16 Jan 2014 02:53:55 GMT
Connection: keep-alive
Transfer-Encoding: chunked
---
GET /combo?yui/dataschema-json/dataschema-json-min.js&yui/dataschema-xml/dataschema-xml-min.js&... HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Cache-Control: max-age=0
Authorization: Basic YWRtaW46MTIz
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 200 OK
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With
Vary: Accept-Encoding
Last-Modified: Tue, 23 Apr 2013 23:46:24 GMT
Cache-Control: public,max-age=31536000
Expires: Fri, 16 Jan 2015 02:53:56 GMT
Content-Type: application/javascript; charset=utf-8
ETag: "1381642784"
Content-Encoding: gzip
Date: Thu, 16 Jan 2014 02:53:56 GMT
Connection: keep-alive
Transfer-Encoding: chunked
---
GET /combo?yui-gallery/gallery-querybuilder/assets/skins/sam/gallery-querybuilder.css&... HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Authorization: Basic YWRtaW46MTIz
Accept: text/css,*/*;q=0.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 200 OK
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With
Vary: Accept-Encoding
Last-Modified: Thu, 02 May 2013 22:59:53 GMT
Cache-Control: public,max-age=31536000
Expires: Fri, 16 Jan 2015 02:53:56 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 872
Date: Thu, 16 Jan 2014 02:53:56 GMT
Connection: keep-alive
---
GET /combo?yui-gallery/gallery-formmgr/gallery-formmgr-min.js&yui-gallery/gallery-overlay-extras/gallery-overlay-extras-min.js HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Authorization: Basic YWRtaW46MTIz
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 200 OK
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With
Vary: Accept-Encoding
Last-Modified: Thu, 02 May 2013 22:59:53 GMT
Cache-Control: public,max-age=31536000
Expires: Fri, 16 Jan 2015 02:53:56 GMT
Content-Type: application/javascript; charset=utf-8
ETag: "264489472"
Content-Encoding: gzip
Date: Thu, 16 Jan 2014 02:53:56 GMT
Connection: keep-alive
Transfer-Encoding: chunked
---
GET /combo?yui-gallery/gallery-node-optimizations/gallery-node-optimizations-min.js&... HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Authorization: Basic YWRtaW46MTIz
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 200 OK
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With
Vary: Accept-Encoding
Last-Modified: Thu, 02 May 2013 22:59:53 GMT
Cache-Control: public,max-age=31536000
Expires: Fri, 16 Jan 2015 02:53:56 GMT
Content-Type: application/javascript; charset=utf-8
ETag: "946735146"
Content-Encoding: gzip
Date: Thu, 16 Jan 2014 02:53:56 GMT
Connection: keep-alive
Transfer-Encoding: chunked
---
GET /combo?yui/substitute/substitute-min.js HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Authorization: Basic YWRtaW46MTIz
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 200 OK
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With
Vary: Accept-Encoding
Last-Modified: Tue, 23 Apr 2013 23:46:22 GMT
Cache-Control: public,max-age=31536000
Expires: Fri, 16 Jan 2015 02:53:56 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 1006
Date: Thu, 16 Jan 2014 02:53:56 GMT
Connection: keep-alive
---
GET /api/context HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Authorization: Basic YWRtaW46MTIz
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
X-Requested-With: XMLHttpRequest
Accept: */*
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 200 OK
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
ETag: "1217632044"
Content-Encoding: gzip
Date: Thu, 16 Jan 2014 02:53:56 GMT
Connection: keep-alive
Transfer-Encoding: chunked
---
GET /yui/assets/skins/sam/sprite.png HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Accept: image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: public,max-age=31536000
Content-Type: image/png
Last-Modified: Tue, 23 Apr 2013 23:46:18 GMT
ETag: W/"oHo6+Hf6zcMoHo7xE6wr7I"
Content-Length: 2913
Server: Jetty(9.1.0.v20131115)
---
GET /yui/node-menunav/assets/skins/sam/horizontal-menu-submenu-indicator.png HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Accept: image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: public,max-age=31536000
Content-Type: image/png
Last-Modified: Tue, 23 Apr 2013 23:46:20 GMT
ETag: W/"jvhF7Fl3QdUjvhE0GA9Mag"
Content-Length: 157
Server: Jetty(9.1.0.v20131115)
---
Appendix B
Please, find below the complete headers of all the requests and responses following the second refresh (I used a new session, so the dates are different from the brief summary given above):
GET / HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Cache-Control: max-age=0
Authorization: Basic YWRtaW46MTIz
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
If-None-Match: "-1836563736"
HTTP/1.1 304 Not Modified
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With
Vary: Accept-Encoding
ETag: "-1836563736"
Date: Thu, 16 Jan 2014 03:03:44 GMT
Connection: keep-alive
---
GET /combo?yui/cssreset/cssreset-min.css&yui/cssfonts/cssfonts-min.css HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Cache-Control: max-age=0
Authorization: Basic YWRtaW46MTIz
Accept: text/css,*/*;q=0.1
If-None-Match: "-1463284566"
If-Modified-Since: Tue, 23 Apr 2013 23:46:18 GMT
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 304 Not Modified
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With
Vary: Accept-Encoding
Last-Modified: Tue, 23 Apr 2013 23:46:18 GMT
Cache-Control: public,max-age=31536000
Expires: Fri, 16 Jan 2015 03:03:44 GMT
ETag: "-1463284566"
Date: Thu, 16 Jan 2014 03:03:44 GMT
Connection: keep-alive
---
GET /if/admin.min.css HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Cache-Control: max-age=0
Accept: text/css,*/*;q=0.1
If-None-Match: W/"vSW0rAEe/b8vSW17JGA3h4"
If-Modified-Since: Tue, 14 Jan 2014 11:59:00 GMT
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 304 Not Modified
Vary: Accept-Encoding
ETag: W/"vSW0rAEe/b8vSW17JGA3h4"
Server: Jetty(9.1.0.v20131115)
---
GET /yui/yui/yui-min.js HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Cache-Control: max-age=0
Accept: */*
If-None-Match: W/"4gIxoOsipQY4gIw4Hu8s3Y"
If-Modified-Since: Tue, 14 Jan 2014 11:59:00 GMT
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 304 Not Modified
Vary: Accept-Encoding
ETag: W/"4gIxoOsipQY4gIw4Hu8s3Y"
Server: Jetty(9.1.0.v20131115)
---
GET /if/admin.min.js HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Cache-Control: max-age=0
Accept: */*
If-None-Match: W/"7VPNTHzTc387VPMDOxNk7k"
If-Modified-Since: Tue, 14 Jan 2014 11:59:00 GMT
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 304 Not Modified
Vary: Accept-Encoding
ETag: W/"7VPNTHzTc387VPMDOxNk7k"
Server: Jetty(9.1.0.v20131115)
---
GET /combo?yui/cssgrids/cssgrids-min.css&yui/widget-base/assets/skins/sam/widget-base.css&... HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Cache-Control: max-age=0
Authorization: Basic YWRtaW46MTIz
Accept: text/css,*/*;q=0.1
If-None-Match: "1986623550"
If-Modified-Since: Tue, 23 Apr 2013 23:46:22 GMT
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 304 Not Modified
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With
Vary: Accept-Encoding
Last-Modified: Tue, 23 Apr 2013 23:46:22 GMT
Cache-Control: public,max-age=31536000
Expires: Fri, 16 Jan 2015 03:03:44 GMT
ETag: "1986623550"
Date: Thu, 16 Jan 2014 03:03:44 GMT
Connection: keep-alive
---
GET /combo?yui/oop/oop-min.js&yui/attribute-core/attribute-core-min.js&... HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Cache-Control: max-age=0
Authorization: Basic YWRtaW46MTIz
Accept: */*
If-None-Match: "1918884200"
If-Modified-Since: Thu, 02 May 2013 22:59:53 GMT
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 304 Not Modified
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With
Vary: Accept-Encoding
Last-Modified: Thu, 02 May 2013 22:59:53 GMT
Cache-Control: public,max-age=31536000
Expires: Fri, 16 Jan 2015 03:03:44 GMT
ETag: "1918884200"
Date: Thu, 16 Jan 2014 03:03:44 GMT
Connection: keep-alive
---
GET /combo?yui/dataschema-json/dataschema-json-min.js&yui/dataschema-xml/dataschema-xml-min.js&... HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Cache-Control: max-age=0
Authorization: Basic YWRtaW46MTIz
Accept: */*
If-None-Match: "1381642784"
If-Modified-Since: Tue, 23 Apr 2013 23:46:24 GMT
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
HTTP/1.1 304 Not Modified
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With
Vary: Accept-Encoding
Last-Modified: Tue, 23 Apr 2013 23:46:24 GMT
Cache-Control: public,max-age=31536000
Expires: Fri, 16 Jan 2015 03:03:45 GMT
ETag: "1381642784"
Date: Thu, 16 Jan 2014 03:03:45 GMT
Connection: keep-alive
---
GET /api/context HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Authorization: Basic YWRtaW46MTIz
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
X-Requested-With: XMLHttpRequest
Accept: */*
Referer: http://localhost:8000/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
If-None-Match: "1217632044"
HTTP/1.1 304 Not Modified
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With
Vary: Accept-Encoding
ETag: "1217632044"
Date: Thu, 16 Jan 2014 03:03:46 GMT
Connection: keep-alive
---
EDIT
The reason I mention Chrome, is because this is the browser I am using. Other browsers may behave differently, right now I am specifically interested in Chrome.
It did cache them, but whenever you press the refresh button it forces a revalidation of all resources. You'll notice that it sent If-None-Match and If-Modified-Since headers so that the server could conditionally respond, and the server sent back 304 indicating that the cached copies were still fresh. I'm not sure why some of the resources didn't get revalidated.
If you want to do a "reload" without revalidating, just select the URL bar and press enter.