I have this code
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST, GET, PUT, DELETE');
use app\components\FilesHandler;
$mimeType = FilesHandler::getType();
header("Content-Type: $mimeType");
echo FilesHandler::getFile();
And on the localhost machine an image has CORS headers, although it hasn't on a remote server.
How can I fix this?
Response headers from the remote server
Accept-Ranges: bytes
Cache-Control: max-age=315360000
Content-Length: 1521987
Content-Type: image/png
Date: Fri, 31 Jul 2020 05:07:17 GMT
ETag: "5f239615-173943"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Fri, 31 Jul 2020 03:55:01 GMT
Server: nginx
Response headers from the localhost
Access-Control-Allow-Methods: POST, GET, PUT, DELETE
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Type: image/png
Date: Fri, 31 Jul 2020 03:53:10 GMT
Keep-Alive: timeout=120, max=1000
Server: Apache
Transfer-Encoding: chunked
X-Xdebug-Profile-Filename: D:\traces\cachegrind.out.13336
I am getting network failure message in chrome but working on other browser using php download script.
I have below headers set to download.
cache-control: must-revalidate, post-check=0, pre-check=0
content-disposition: attachment; filename="export.csv"
content-length: 388436
content-type: application/octet-stream
date: Thu, 19 Jul 2018 13:41:02 GMT
expires: Wed, 19 Jul 2017 13:40:59 GMT
last-modified: Thu, 19 Jul 2018 13:41:02 GMT
pragma: public
server: nginx
set-cookie: admin=p5t1vd4e4u3j9g6gto5h046ki0; path=/admin; domain=xyz.com; secure; HttpOnly
status: 200
x-powered-by: PHP/7.0.29
I am getting error in chrome version 67.3396.99
I am running a wordpress site and using an online cron job service to connect.
When i connect thru the service im getting "HTTP/1.1 404 Not Found" error.
This is the cron job link im using:
http://www.moongot.com/wp-content/plugins/WPFanMachineBasic/auto.php
This is the output:
X-Powered-By: PHP/5.5.22 Pragma: no-cache Date: Sat, 14 Apr 2018
22:00:59 GMT Content-Length: 4 Server: Apache/2 Set-Cookie:
PHPSESSID=3ef1b912c68e0502d03caccb87e0858b; path=/ Expires: Wed, 11
Jan 1984 05:00:00 GMT Cache-Control: no-cache, must-revalidate,
max-age=0 X-Endurance-Cache-Level: 2 Content-Type: text/html;
charset=UTF-8
DONE
I get the same via cURL:
curl -I http://www.moongot.com/wp-content/plugins/WPFanMachineBasic/auto.php
HTTP/1.1 404 Not Found
Date: Sat, 14 Apr 2018 22:29:13 GMT
Content-Type: text/html
Content-Length: 863
Connection: keep-alive
Keep-Alive: timeout=30
Server: Apache/2
X-Powered-By: PHP/5.5.22
Set-Cookie: PHPSESSID=2df00eb1132bf607a708d00aee845f8a; path=/
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Last-Modified: Wed, 02 Aug 2017 19:17:35 GMT
Accept-Ranges: bytes
and in Chrome:
So you'll want to figure out why your auto.php file is spitting out a 404 header.
how to change order header the following line
HTTP/1.1 200 OK
Date: Sat, 24 Aug 2013 05:10:06 GMT
Content-Length: 0
Server: apache
Pragma: no-cache
X-Powered-By: PHP5
to :
HTTP/1.1 200 OK
Pragma: no-cache
Content-Length: 0
Server: apache
X-Powered-By: PHP5
Date: Sat, 24 Aug 2013 05:10:06 GMT
in apache
If I run an audit on my sites with Google Chrome, I get this message in the Leverage browser caching section:
The following resources are missing a
cache expiration. Resources that do
not specify an expiration may not be
cached by browsers:
A list of all the pictures follows. I get a similar notice in Leverage proxy caching:
Consider adding a "Cache-Control:
public" header to the following
resources:
Apart from pictures, I also get a notice about HTML, CSS and JavaScript files:
The following resources are explicitly
non-cacheable. Consider making them
cacheable if possible:
Its funny because I've worked hard to cache all static contents (except for pictures, where I just left Apache's default settings). Firefox does indeed store all these items in cache.
Is there anything I should improve in my HTTP headers?
Here's the complete header set of some items as loaded after removing the browser caché. Pictures use default settings I didn't really check before, the rest should be cachéd for three hours. I can set headers with both .htaccess and PHP.
PNG
HTTP/1.1 200 OK
Date: Sat, 31 Jul 2010 12:46:14 GMT
Server: Apache
Last-Modified: Thu, 18 Mar 2010 21:40:54 GMT
Etag: "c48024-230-4821a15d6c580"
Accept-Ranges: bytes
Content-Length: 560
Keep-Alive: timeout=4
Connection: Keep-Alive
Content-Type: image/png
HTML
HTTP/1.1 200 OK
Date: Sat, 31 Jul 2010 12:46:13 GMT
Server: Apache
X-Powered-By: PHP/5.2.11
Expires: Sat, 31 Jul 2010 15:46:13 GMT
Cache-Control: max-age=10800, s-maxage=10800, must-revalidate, proxy-revalidate
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 24 Mar 2010 20:30:36 GMT
Keep-Alive: timeout=4
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-15
CSS
HTTP/1.1 200 OK
Date: Sat, 31 Jul 2010 12:48:21 GMT
Server: Apache
X-Powered-By: PHP/5.2.11
Expires: Sat, 31 Jul 2010 15:48:21 GMT
Cache-Control: max-age=10800, s-maxage=10800, must-revalidate, proxy-revalidate
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 18 Mar 2010 21:40:12 GMT
Keep-Alive: timeout=4
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
JavaScript
HTTP/1.1 200 OK
Date: Sat, 31 Jul 2010 12:48:21 GMT
Server: Apache
X-Powered-By: PHP/5.2.11
Expires: Sat, 31 Jul 2010 15:48:21 GMT
Cache-Control: max-age=10800, s-maxage=10800, must-revalidate, proxy-revalidate
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 18 Mar 2010 21:40:12 GMT
Keep-Alive: timeout=4
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Update
I've tested Jumby's suggestion and set my CSS's expire to 1 year:
Cache-Control:max-age=31536000, s-maxage=31536000, must-revalidate, proxy-revalidate
Connection:Keep-Alive
Content-Encoding:gzip
Content-Length:4198
Content-Type:text/css
Date:Mon, 02 Aug 2010 20:48:56 GMT
Expires:Tue, 02 Aug 2011 20:48:56 GMT
Keep-Alive:timeout=5, max=99
Last-Modified:Thu, 18 Mar 2010 20:40:12 GMT
Server:Apache/2.2.14 (Win32) PHP/5.3.1
Vary:Accept-Encoding
X-Powered-By:PHP/5.3.1
However, Chrome still claims "explicitly non-cacheable".
3 hour expiry might not be enough "time" for the yslow/page speed stuff and they might complain about it. I have seen this with static content on my sites with 4 hour expiration & yslow (havent tried with google's stuff).
Most of those want versioned static content with LONG expire times (like 1 year); see here
The problem is the "must-revalidate" part of your cache-control directive. Get rid of that, and you should be good to go.
I just got a similar issue, I discovered the very same setup and code produces a chrome audit warning when trying on my test server at 127.0.0.1, but not on the real server with a real DNS name.