I made a curl request to a PHP file on my server from my machine and it returns the following response.
HTTP/1.1 200 OK
Content-Length: 317
Content-Type: application/json
Server: Microsoft-IIS/7.5
Last-Modified: Wed, 19 Feb 2014 11:30:16 GMT
Via: 1.1 SC10100_83_75
Connection: keep-alive
Date: Wed, 19 Feb 2014 12:00:47 GMT
The problem is, this seems to be caching my request and is not returning the latest values. I suspect it is due to the Via header (read that it is about proxies). What is it and how can I remove it?
Looks like via - indicates that you have been routed via a proxy - however - this is information only - you need to make sure you caching headers are being set correctly so that the proxy takes the correct action.
Currently there is no caching headers being set on your request.
If you do not want it to be cached - then set the following header:
Cache-Control: no-cache
See http://www.w3.org/Protocols/HTTP/Issues/cache-private.html
Related
I am trying to send an AJAX-request from a page hosted on Github Pages (with https) to a php script hosted on a different domain (also https).
This is the code I am using in my AngularJS controller (although I don't think that is the problem):
$http.get('//thorin.epizy.com/cors.php?url=Place%2FGetClosestPlacesExtension%3Fcoordinates%3Dx%3D'+Math.round(vm.coords[0])+'%2Cy%3D'+Math.round(vm.coords[1])+'%26proposals%3D12').success(function (data) {
vm.success = true;
console.log('Recieved data from Ruter:',data);
});
The request fails and gives this error in the console:
When opening the Network panel in Chrome I see that the CORS headers are not present:
However, when I visit the page directly in the browser (typing the url into the url field) and open the Network panel all the correct headers are present:
I have tried sending the request from pages on other domains as well, bu I get the same error and no CORS headers. This makes very little sense to me and I have no idea how to fix it. I would really appreciate any help.
For a strange reason, thorin.epizy.com/cors.php doesn't send CORS headers without cookies:
curl -I 'http://thorin.epizy.com/cors.php?[...]' <other headers>
Date: Sun, 04 Dec 2016 16:42:57 GMT
Content-Type: text/html
Content-Length: 920
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
With cookies, we get the correct headers:
curl -I -H 'Cookie: __test=b142b58439ba4f78e04c32cd1ba0a991' 'http://thorin.epizy.com/cors.php?[...]' <other headers>
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2016 16:45:04 GMT
Content-Type: application/json;charset=utf-8
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS
Cache-Control: max-age=0
Expires: Sun, 04 Dec 2016 16:45:04 GMT
When you do a cross site request and want cookies, you need to ask for them with withCredentials (withCredentials: true with angularjs).
Then, the server will need to change two things:
add Access-Control-Allow-Credentials: true in the response
change Access-Control-Allow-Origin: * to Access-Control-Allow-Origin: your-web-site.com (usually taken from the Origin request header)
If you don't you will get the following message:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at ‘http://thorin.epizy.com/cors.php?url=[...]’. (Reason: Credential is not supported if the CORS header ‘Access-Control-Allow-Origin’ is ‘*’).
I have a server with more site , after install varnish I tested if cache works, but for one web site not work varnish (have response of max-age=0). If I try to insert a simple php page (not correlated to main website) in same folder of this website, the response works.
This is a header when try :
HTTP/1.1 200 OK
Server: Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips
X-Powered-By: PHP/5.2.17
Set-Cookie: PHPSESSID=ragejao4sm1kckjn1trvap3ft0; path=/
Vary: User-Agent,Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Cache-Control: max_age=8600
magicmarker: 1
Content-Length: 11863
Accept-Ranges: bytes
Date: Fri, 12 Jun 2015 12:28:15 GMT
X-Varnish: 1250916100
Age: 0
Via: 1.1 varnish
Connection: keep-alive
Varnish by default doesn't cache responses where cookies are set.
If you want to change this behaviour you need to consider how the cookie is being used (it looks like a session cookie) and either use the session id as part of the cache hash (ie so other users don't get a cached response from someone else's session) or use something like ESI to allow the "common" parts of the page to be cached while the session specific parts are fetched independently.
http://www.varnish-cache.org/trac/wiki/VCLExampleCacheCookies
https://www.varnish-cache.org/trac/wiki/ESIfeatures
When I did a networks course I learned about HTTP Request and Response messages and I know how to code in php reasonably enough to get around. Now my question is, the PHP has to have some link to HTTP request and response message but how. I can't seem to see the link between the two. My reasoning for asking this is that I am using the Twitter API console tool to query their api. The tool sends the following HTTP request:
GET /1.1/search/tweets.json?q=%40twitterapi HTTP/1.1
Authorization:
OAuth oauth_consumer_key="DC0se*******YdC8r4Smg",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1410970037",oauth_nonce="2453***055",oauth_version="1.0",oauth_token="796782156-ZhpFtSyPN5K3G**********088Z50Bo7aMWxkvgW",oauth_signature="Jes9MMAk**********CxsKm%2BCJs%3D"
Host:
api.twitter.com
X-Target-URI:
https://api.twitter.com
Connection:
Keep-Alive
and then I get a HTTP response:
HTTP/1.1 200 OK
x-frame-options:
SAMEORIGIN
content-type:
application/json;charset=utf-8
x-rate-limit-remaining:
177
last-modified:
Wed, 17 Sep 2014 16:07:17 GMT
status:
200 OK
date:
Wed, 17 Sep 2014 16:07:17 GMT
x-transaction:
491****a8cb3f7bd
pragma:
no-cache
cache-control:
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-xss-protection:
1; mode=block
x-content-type-options:
nosniff
x-rate-limit-limit:
180
expires:
Tue, 31 Mar 1981 05:00:00 GMT
set-cookie:
lang=en
set-cookie:
guest_id=v1%3A14109******2451388; Domain=.twitter.com; Path=/; Expires=Fri, 16-Sep-2016 16:07:17 UTC
content-length:
59281
x-rate-limit-reset:
1410970526
server:
tfe_b
strict-transport-security:
max-age=631138519
x-access-level:
read-write-directmessages
So how do these HTTP request and response messages fit into PHP? Does PHP auto generate this? How do I add authorization to PHP requests etc? I'm confused about the deeper workings of PHP
When the client sends the HTTP request to the server, there has to be something to receive the HTTP request, which is called a web server. Examples of web servers are Apache, IIS, Nginx, etc. You can also write your own server, which can handle input however it wants. In this case, I'll assume that you are requesting a PHP file.
When the web server captures the HTTP request, it determines how it should be handled. If the file requested is tweets.json, it will go make sure that file exists, and then pass control over to PHP.
PHP then begins its execution, and performs any logic that the script needs to do, meaning it could go to the database, it reads, writes and makes decisions based cookies, it does math, etc.
When the PHP script is done, it will return a HTML page as well as a bunch of headers back to the web server that called it. From there, the web server turns the HTML page and headers back into a HTTP request to respond.
That is a pretty simple overview, and web servers can work in many different ways, but this is a simple example of how it could work in a introductory use-case. In more complex scenarios, people can write their own web servers, which perform more complex logic inside of the web server software, rather than passing it off to PHP.
When it comes down to it, PHP files are just scripts that the web server executes when they are called, they provide the HTTP request as input, and get a web page and headers as output.
I am trying to use curl to download a torrent file the url is
http://torcache.net/torrent/006DDC8C407ACCDAF810BCFF41E77299A373296A.torrent
You will notice that upon getting to the page the download of the file is blocked for a few seconds via javascript, I was wondering if there is anyway to bypass this while using curl and php?
Thanks
The file is not blocked via javascript, that's just an informal message if you request that file. The redirect then is done via javascript.
You can simulate the request your own, the important part here is that you add the HTTP Referrer request header. Example:
$ curl -I -H 'Referer: http://torcache.net/torrent/006DDC8C407ACCDAF810BCFF41E77299A373296A.torrent' http://torcache.net/torrent/006DDC8C407ACCDAF810BCFF41E77299A373296A.torrent
HTTP/1.1 200 OK
Server: nginx/1.3.0
Date: Sun, 10 Jun 2012 17:13:59 GMT
Content-Type: application/x-bittorrent
Content-Length: 10767
Last-Modified: Sat, 09 Jun 2012 22:17:03 GMT
Connection: keep-alive
Content-Encoding: gzip
Accept-Ranges: bytes
Referrer is one thing to check, mind the typo in the HTTP specs, see Wikipedia.
I have a big problem.
I have some applications made on an unix based system, and I use PHP with cURL to post an XML question to an IIS server with asp.net.
Every time I ask the server something I get error:
HTTP/1.1 500 Internal Server Error
Date: Tue, 04 May 2010 07:36:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 3032
But if I ask same question on another server, almost identically to this one (BOTH configured by me) I get results like it should and the headers:
HTTP/1.1 200 OK
Date: Tue, 04 May 2010 07:39:37 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 9169
I tried everything, searched hundreds of forums, but i don't find anything.
In IIS logs I only get:
2010-05-04 07:36:08 W3SVC1657587027 80.xx.xx.xx POST /XML_SERV/XmlAPI.aspx - 80 - 80.xx.xx.xx Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1 500 0 0
any ideas where to look what is going on?
I forgot to mention! If I use an XML request software, and ask same question, it works.
Try reducing your asp page to the minimum, with the first try with an empty page. If this succeed, begin to add the real bits until it fails, so you can narrow the error.