I write a simple code:
<?php
echo "<h1>1233422</h1>";
?>
<html>
<img src="screen.png"/>
</html>
there is an image in the html, but when I refresh the browser page the png image is 200.
theoretically the image response status should be 304, why there is 200?
Two times request's Response Header are:
HTTP/1.1 200 OK
Content-Type: image/png
server: PhpStorm 10.0.1
date: Fri, 07 Dec 2018 03:35:42 GMT
cache-control: private, must-revalidate
last-modified: Fri, 07 Dec 2018 03:34:56 GMT
content-length: 11437
the second request Headers:
GET /test03-hante/screen.png HTTP/1.1
Host: localhost:63342
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://localhost:63342/test03-hante/index.php
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9,en;q=0.8
Cookie: wp-settings-time-1=1539853185; Webstorm-b87204fd=531be1b1-a109-47c6-97d9-4dd7b886ebde
you see, there is no If-Modified-Since and If-Non-Match params, why?
In browser refresh, HTTP image response status is "200 (cache)" because in refresh the image loaded from your browser cache.
You can learn more from this answer: https://stackoverflow.com/a/1665097/6678086
Related
I am trying to read a http post request data using Chrome developer tools but both payload and response is encoded instead of Json format.
request headers:
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,cy;q=0.8,fa;q=0.7,tr;q=0.6
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 88
Content-Type: application/json
Host: 192.168.88.11
Origin: http://192.168.88.11
Pragma: no-cache
Referer: http://192.168.88.11/?16550159
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36
X-Requested-With: XMLHttpRequest
response headers:
Connection: keep-alive
Content-Type: text/html
Date: Sun, 12 Jun 2022 09:15:28 GMT
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
request payload
LyZJQwGM78nstubJ5ZHF63GzcsNSIli+ntpDXOkrmPHachPL9WQaCWc6DLLaoQ8WHSch4zCLwQvj7jE745KrHQ==
How can I see this payload in Json format?
I have the following setup:
Webserver 1 https://localhost:8888
Webserver 2 https://localhost:9005
Webserver 3 https://localhost:9006
I open https://localhost:8888 from a Web browser and enter the following JS code.
(async () => {
const endpointId = '1d60eb5195725648';
const continueUrl = 'https://localhost:9006/'
const signinUrl = new URL('https://localhost:9005/_login');
signinUrl.searchParams.set('continue', continueUrl);
signinUrl.searchParams.set('endpoint', endpointId);
const response = await fetch(signinUrl.toString(), {
credentials: 'include',
headers: {
'Authorization': `Bearer ${gapi.auth.getToken().access_token}`,
},
});
})();
I'm getting this error in my Chrome Browser Version 102.0.5005.115
Access to fetch at 'https://localhost:9006/?TOKEN=0<Truncated>c&endpoint=1d60eb5195725648' (redirected from 'https://localhost:9005/_login?continue=https%3A%2F%2Flocalhost%3A9006%2F&endpoint=1d60eb5195725648') from origin 'https://localhost:8888' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'https://localhost:8888' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
Looks like Origin field is correct according to the info in Headers. What am I missing?
(I truncated Token to improve readability)
Requests:
Request URL: https://localhost:9005/_login?continue=https%3A%2F%2Flocalhost%3A9006%2F&endpoint=1d60eb5195725648
Request Method: OPTIONS
Status Code: 200 OK
Remote Address: [::1]:9005
Referrer Policy: origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Headers: Proxy-Authorization
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://localhost:8888
Content-Length: 0
Date: Sun, 12 Jun 2022 02:47:09 GMT
--
Accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9,es;q=0.8
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Cache-Control: no-cache
Connection: keep-alive
Host: localhost:9005
Origin: https://localhost:8888
Pragma: no-cache
Referer: https://localhost:8888/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36
Request URL: https://localhost:9005/_login?continue=https%3A%2F%2Flocalhost%3A9006%2F&endpoint=1d60eb5195725648
Request Method: GET
Status Code: 302 Found
Remote Address: [::1]:9005
Referrer Policy: origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://localhost:8888
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 360
Content-Type: text/html; charset=utf-8
Date: Sun, 12 Jun 2022 02:47:09 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Location: https://localhost:9006/?TOKEN=00cfdab4e480656ed7d71b3e58df42fe5422d85d33118a5af5fb7cc66f2d81330b46740ccbca4927ecfe841e751f0de72fdf53c4eb7d66b7c5ab857e33c6beaa270950fe0c49047fd5260db3120731d0abbfe3be1a0d316db4b0754610c81e2b070cea24e46e0e5ef76937c65832ef7c315b452b846e87f59be3124478cee49045162c&endpoint=1d60eb5195725648
Pragma: no-cache
Accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9,es;q=0.8
Authorization: Bearer ya29.a0ARrdaM8mfOksOCl6l4O13z5PQv1cUVgKDKWgbo_rNXDL_Fw_-aedVVJdAFOSYByUjEy1WYrAKoik0KHx_c69aCXZcuAXbYedYkZRtDb5Y3Bz98eqjrOBjT0XrWspWdGNqRvsq_L_rDERdnsUFDFKCNiFCHV4sg
Cache-Control: no-cache
Connection: keep-alive
Cookie: _ga=GA1.1.1057744305.1654277711; _gid=GA1.1.1514740287.1654641546; _gat=1
Host: localhost:9005
Origin: https://localhost:8888
Pragma: no-cache
Referer: https://localhost:8888/
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="102", "Google Chrome";v="102"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "macOS"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36
Request URL: https://localhost:9006/?TOKEN=00cfdab4e480656ed7d71b3e58df42fe5422d85d33118a5af5fb7cc66f2d81330b46740ccbca4927ecfe841e751f0de72fdf53c4eb7d66b7c5ab857e33c6beaa270950fe0c49047fd5260db3120731d0abbfe3be1a0d316db4b0754610c81e2b070cea24e46e0e5ef76937c65832ef7c315b452b846e87f59be3124478cee49045162c&endpoint=1d60eb5195725648
Referrer Policy: origin
Provisional headers are shown
Learn more
Referer: https://localhost:8888/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36
I set max-age in Cache-Control header, but every time when I reload the webpage, it just goes out and fetches the resource again, following is an example request and response headers:
Request Headers
:authority: mydomain.com
:method: GET
:path: /.well-known/openid-configuration
:scheme: https
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
accept-encoding: gzip, deflate, br
accept-language: en
cache-control: max-age=0 // I have no idea why this is sent in request by chrome
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="98", "Google Chrome";v="98"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36
Response Headers
access-control-allow-credentials: true
cache-control: public, s-maxage=2678400, max-age=14400, immutable
cf-cache-status: DYNAMIC
cf-ray: 6e7465234fc16c30-SIN
content-encoding: br
content-type: application/json; charset=utf-8
date: Sat, 05 Mar 2022 16:58:12 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSVocqHdnD4mopGV2L7pD08hRF3MZbpmBAsNHWm2eBznl15JNgOU7bkNcBn4qgoszBpGpGoCBPSbgCLWq796dv0jta9Ajlwq0BCEyW55h3Q2NO7mfQuz8cABZLAgWam4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
I'm having serious problems with Google Chrome.
I'm using MediaElement.js for audio and video playback. Firefox seems to play everything fine, so far.
Chrome doesn't. As soon, as the file becomes bigger, it won't play.
I have two test files. Both Mp4. The first one plays well in Chrome:
Request Headers:
Accept: */*
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4
Connection: keep-alive
DNT: 1
Range: bytes=0-
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.117 Safari/537.36
Response Headers:
Accept-Ranges: bytes
Cache-control: max-age=31536000, private
Connection: keep-alive
Content-disposition: attachment; filename="big_buck_bunny.mp4"
Content-Length: 5510872
Content-Type: video/mp4
Date: Mon, 24 Feb 2014 04: 13: 40 GMT
ETag: "24"
Expires: Tue, 24 Feb 2015 04: 13: 39 GMT
Last-Modified: Sat, 22 Feb 2014 16: 28: 14 GMT
Server: nginx
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Powered-By: PHP/5.5.9-1~dotdeb.1
X-XSS-Protection: 1; mode=block
The 2nd one doesn't:
Request Headers:
Accept: */*
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4
Cache-Control: max-age=0
Connection: keep-alive
DNT: 1
Range: bytes=0-
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.117 Safari/537.36
Response Headers:
Accept-Ranges: bytes
Cache-control: max-age=31536000, private
Connection: keep-alive
Content-disposition: attachment; filename="test.mp4"
Content-Length: 21546967
Content-Type: video/mp4
Date: Mon, 24 Feb 2014 04: 11: 29 GMT
ETag: "31"
Expires: Tue, 24 Feb 2015 04: 11: 29 GMT
Last-Modified: Mon, 24 Feb 2014 03: 23: 48 GMT
Server: nginx
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Powered-By: PHP/5.5.9-1~dotdeb.1
X-XSS-Protection: 1; mode=block
On Google, i found several discussions regarding this or similar problems. However, i havent found a real solution for this problem.
Another (maybe important) info is, that i serve the files via PHP. If i use the direct URL of the file, it works:
Request Headers:
Accept: */*
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4
Connection: keep-alive
DNT: 1
If-Range: "9c0c52-148c7d7-4f31e800012d1"
Range: bytes=21510441-21546966
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.117 Safari/537.36
Response Headers:
Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 36526
Content-Range: bytes 21510441-21546966/21546967
Date: Mon, 24 Feb 2014 04: 19: 03 GMT
ETag: "9c0c52-148c7d7-4f31e800012d1"
Last-Modified: Mon, 24 Feb 2014 03: 23: 48 GMT
Server: nginx
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-XSS-Protection: 1; mode=block
I've tested several scenarios now. This seems to be a general problem. Streaming media files via PHP doesn't work properly. The only reliable way is to stream the files via webserver.
I'm having an issue where the Places Search API returns ZERO_RESULTS on the m.site whatever the parameter. API Response attached. The search function had been working correctly until January when we began experiencing problems despite no change to the coding. I would appreciate any help. Thanks, Kyle.
GET https://maps.googleapis.com/maps/api/js/PlaceService.FindPlaces?1m6&1m2&1d53.46731217725638&2d-2.2817558287549673&2m2&1d53.46731217725638&2d-2.2817558287549673&2sen-GB&3sphones%204u&6sstore&8e1&callback=_xdc_._7otmgw&token=86621 HTTP/1.1
Host: maps.googleapis.com
Referer: http://m.phones4u.co.uk/stores/my-phones4u-stores/53.46731217725638/-2.2817558287550095/?mweb=640-0-3
Proxy-Connection: keep-alive
Accept-Encoding: gzip, deflate
Accept: */*
Accept-Language: en-gb
Connection: keep-alive
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 6_0_1 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A525 Safari/8536.25
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Date: Fri, 25 Jan 2013 11:25:45 GMT
Server: mafe
Cache-Control: private
Content-Length: 115
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
_xdc_._7otmgw && _xdc_._7otmgw( {
"html_attributions" : [],
"results" : [],
"status" : "ZERO_RESULTS"
}
)