Search Results

Search found 1229 results on 50 pages for 'origin'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 4/50 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • How do web servers enforce the same-origin policy?

    - by BBnyc
    I'm diving deeper into developing RESTful APIs and have so far worked with a few different frameworks to achieve this. Of course I've run into the same-origin policy, and now I'm wondering how web servers (rather than web browsers) enforce it. From what I understand, some enforcing seems to happen on the browser's end (e.g., honoring a Access-Control-Allow-Origin header received from a server). But what about the server? For example, let's say a web server is hosting a Javascript web app that accesses an API, also hosted on that server. I assume that server would enforce the same-origin policy --- so that only the javascript that is hosted on that server would be allowed to access the API. This would prevent someone else from writing a javascript client for that API and hosting it on another site, right? So how would a web server be able to stop a malicious client that would try to make AJAX requests to its api endpoints while claiming to be running javascript that originated from that same web server? What's the way most popular servers (Apache, nginx) protect against this kind of attack? Or is my understanding of this somehow off the mark? Or is the cross-origin policy only enforced on the client end?

    Read the article

  • Why is Git telling me "Your branch is ahead of 'origin/master' by 11 commits." and how do I get it t

    - by spilth
    I'm a Git newbie. I recently moved a Rails project from Subversion to Git. I followed the tutorial here: http://www.simplisticcomplexity.com/2008/03/05/cleanly-migrate-your-subversion-repository-to-a-git-repository/ I am also using unfuddle.com to store my code. I make changes on my Mac laptop on the train to/from work and then push them to unfuddle when I have a network connection using the following command: git push unfuddle master I use Capistrano for deployments and pull code from the unfuddle repository using the master branch. Lately I've noticed the following message when I run "git status" on my laptop: # On branch master # Your branch is ahead of 'origin/master' by 11 commits. # nothing to commit (working directory clean) And I'm confused as to why. I thought my laptop was the origin... but don't know if either the fact that I originally pulled from Subversion or push to Unfuddle is what's causing the message to show up. How can I: Find out where Git thinks 'origin/master' is? If it's somewhere else, how do I turn my laptop into the 'origin/master'? Get this message to go away. It makes me think Git is unhappy about something. My mac is running Git version 1.6.0.1. When I run git remote show origin as suggested by dbr, I get the following: ~/Projects/GeekFor/geekfor 10:47 AM $ git remote show origin fatal: '/Users/brian/Projects/GeekFor/gf/.git': unable to chdir or not a git archive fatal: The remote end hung up unexpectedly When I run git remote -v as suggested by Aristotle Pagaltzis, I get the following: ~/Projects/GeekFor/geekfor 10:33 AM $ git remote -v origin /Users/brian/Projects/GeekFor/gf/.git unfuddle [email protected]:spilth/geekfor.git Now, interestingly, I'm working on my project in the geekfor directory but it says my origin is my local machine in the gf directory. I believe gf was the temporary directory I used when converting my project from Subversion to Git and probably where I pushed to unfuddle from. Then I believe I checked out a fresh copy from unfuddle to the geekfor directory. So it looks like I should follow dbr's advice and do: git remote rm origin git remote add origin [email protected]:spilth/geekfor.git

    Read the article

  • Browser for cross-site-script testing (for testing Mozilla Add-On)

    - by Anthony
    I am working on a Firefox extension that will involve ajax calls to domains that would normally fail due to the same-origin policy set by Firefox (and most modern browsers). I was wondering if there is a way to either turn off the same-origin restriction (in about:config, perhaps) or if there was a standard lite-browser that developers turn to for this. I really would like to avoid using any blackhat tools, if possible. Not because I'm against them, I just don't want to add another learning curve to the process. I can use curl in PHP to confirm that the requests work, but I want to get started on writing the js that the addon will actually use, so I need a client that will execute js. I also tried spidermonkey, but since I'm doing the ajax with jquery, it threw a fit at all of the browser-based default variables. So, short version: is there a reliable browser/client for cross site scripting that isn't primarily a hacker app? Or can I just turn off same-domain policy in Firefox?

    Read the article

  • solving origin of a vectors

    - by Mike
    I have two endpoints (xa,ya) and (xb,yb) of two vectors, respectively a and b, originating from a same point (xo, yo). Also, I know that |a|=|b|+s, where s is a constant. I tried to compute the origin (xo, yo) but seem to fail at some point. How to solve this?

    Read the article

  • Git aliases that are stored in origin

    - by jga
    I use git with a big development team and I'd like to have a set of aliases be common across every developer. They change every so often, so I'd like to store them in origin somehow. Is there any way to set that up in git? I'm using gitosis for the git server (not sure if that would make a difference).

    Read the article

  • Add Access-Control-Allow-Origin to header in PHP

    - by SANDeveloper
    I am trying to workaround CORS restriction on a WebGL application. I have a Web Service which resolves URL and returns images. Since this web service is not CORS enabled, I can't use the returned images as textures. I was planning to: Write a PHP script to handle image requests Image requests would be sent through the query string as a url parameter The PHP Script will: Call the web service with the query string url Fetch the image response (web service returns a content-type:image response) Add the CORS header (Add Access-Control-Allow-Origin) to the response Send the response to the browser I tried to implement this using a variety of techniques including CURL, HTTPResponse, plain var_dump etc. but got stuck at some point in each. So I have 2 questions: Is the approach good enough? Considering the approach is good enough: I made the most progress with CURL. I could get the image header and data with: $ch = curl_init(); $url = $_GET["url"]; curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HEADER, true); curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type:image/jpeg')); //Execute request $response = curl_exec($ch); //get the default response headers $headers = curl_getinfo($ch); //close connection curl_close($ch); But this doesn't actually change set the response content-type to image/jpeg. It dumps the header + response into a new response of content-type text/html and display the header and the image BLOB data in the browser. How do I get it to send the response in the format I want? Managed to get it working: $ch = curl_init(); $url = $_GET["url"]; curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HEADER, false); //Execute request $response = curl_exec($ch); //get the default response headers $headers = curl_getinfo($ch); curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); header('Content-Type: image/jpeg'); header("Access-Control-Allow-Origin: *"); // header("Expires: Sat, 26 Jul 2017 05:00:00 GMT"); //close connection curl_close($ch); flush();

    Read the article

  • AJAX, same-origin Policy and working XML Requests

    - by Joern
    Hello guys, so, currently I develop Widgets for Smartphones and am going a bit more advanced into fields of data exchange between client and server applications. My problem is: For my current project I want my client file to request data from a PHP script with the help of AJAX XmlHttpRequest and the POST method: function xmlRequestNotes() { var parameter = 'p=1234'; xmlhttp = new XMLHttpRequest(); xmlhttp.open("POST", url, true); // Http Header xmlhttp.setRequestHeader("Content-Type", "application/x-www-form-urlencoded"); xmlhttp.setRequestHeader("Content-length", parameter.length); xmlhttp.setRequestHeader("Connection", "close"); xmlhttp.onreadystatechange=function() { if (xmlhttp.readyState==4 && xmlhttp.status==200) { json = JSON.parse(xmlhttp.responseText); // Doing Stuff with the Response } }; xmlhttp.send(parameter); } This works perfectly fine on my local server set up in XAMPP and the local Widget emulator. But if it gets onto the device (also with access to the target network) I receive the 101 Network Error. And as far as I have read, this is due to the "Same-Origin Policy" of XmlHttpRequests? My problem is to really understand that. Although the idea of this policy is clear to me, I'm a bit confused by the fact that another XmlHttpRequest for a Yahoo Weather XML Feed works fine. Now, could anyone be so helpful to enlighten me? Here is the request that returns a city name from Yahoo's weather feed: function getCityName() { xmlhttp = new XMLHttpRequest(); xmlhttp.open("GET", "http://weather.yahooapis.com/forecastrss?w=645458&u=c", true); xmlhttp.onreadystatechange = function() { if (xmlhttp.readyState==4 && xmlhttp.status==200) { xmlhttp.responseXML; var yweather = "http://xml.weather.yahoo.com/ns/rss/1.0"; alert(xmlhttp.responseXML.getElementsByTagNameNS(yweather, "location")[0].getAttribute("city")); } }; xmlhttp.send(null); } Obvious differences are the POST and GET methods for once, but seeing that the Same-Origin Policy takes effect no matter what method, I can't really make much sense of it. Why does the latter request work but not the first? I would really appreciate some help here. Greetings and a merry Christmas to you guys!

    Read the article

  • Javascript and same origin iframes

    - by hashc0de
    Is it possible to read/edit iframe contents(not only properties like src) with scripts that are on page but outside of this frame? I know that is impossible if source is from other site as it would be a big serurity hole, but I only ask whether it works for other content from the same origin.

    Read the article

  • find out the origin of function calls

    - by user560343
    Hi all, I wonder if there is a software that can help us determine all possible origins of a function call. For example: /* in file f1.c */ int f1() { x_func(); } /* in file f2.c */ int f2() { x_func(); } If we want to trace the origin of all function calls to x_func(), the output will be: f1.c:f1() f2.c:f2() This is very useful when reading the source code. All answers are appreciated. Thank in advance :D

    Read the article

  • Rotate using a transform, then change frame origin, and view expands??

    - by ZaBlanc
    This is quite the iPhone quandry. I am working on a library, but have narrowed down my problem to very simple code. What this code does is create a 50x50 view, applies a rotation transform of a few degrees, then shifts the frame down a few times. The result is the 50x50 view is now much larger looking. Here's the code: // a simple 50x50 view UIView *redThing = [[UIView alloc] initWithFrame:CGRectMake(50, 50, 50, 50)]; redThing.backgroundColor = [UIColor redColor]; [self.view addSubview:redThing]; // rotate a small amount (as long as it's not 90 or 180, etc.) redThing.transform = CGAffineTransformRotate(redThing.transform, 0.1234); // move the view down 2 pixels CGRect newFrame = CGRectMake(redThing.frame.origin.x, redThing.frame.origin.y + 2, redThing.frame.size.width, redThing.frame.size.height); redThing.frame = newFrame; // move the view down another 2 pixels newFrame = CGRectMake(redThing.frame.origin.x, redThing.frame.origin.y + 2, redThing.frame.size.width, redThing.frame.size.height); redThing.frame = newFrame; // move the view down another 2 pixels newFrame = CGRectMake(redThing.frame.origin.x, redThing.frame.origin.y + 2, redThing.frame.size.width, redThing.frame.size.height); redThing.frame = newFrame; // move the view down another 2 pixels newFrame = CGRectMake(redThing.frame.origin.x, redThing.frame.origin.y + 2, redThing.frame.size.width, redThing.frame.size.height); redThing.frame = newFrame; So, what the heck is going on? Now, if I move the view by applying a translation transform, it works just fine. But that's not what I want to do and this should work anyway. Any ideas?

    Read the article

  • http post request with cross-origin in javascript

    - by Calamarico
    i have a problem with a http post call in firefox. I know that when there are a cross origin, firefox first do a OPTIONS before the POST to know the access-control-allow headers. With this code i dont have any problem: Net.requestSpeech.prototype.post = function(url, data) { if(this.xhr != null) { this.xhr.open("POST", url); this.xhr.onreadystatechange = Net.requestSpeech.eventFunction; this.xhr.setRequestHeader("Content-Type", "application/json; charset=utf-8"); this.xhr.send(data); } } I test this code with a simple html that invokes this function. Everything is ok and i have the response of the OPTIONS and POST, and i process the response. But, i'm trying to integrate this code with an existen application with uses jquery (i dont know if this is a problem), when the send(data) executes in this case, the browser (firefox) do the same, first do a OPTION request, but in this case dont receive the response of the server and puts this message in console: [18:48:13.529] OPTIONS http://localhost:8111/ [undefined 31ms] Undefined... the undefined is because dont receive the response, but the code is the same, i dont know why in this case the option dont receive the response, someone have an idea? i debug my server app and the OPTIONS arrive ok to the server, but it seems like the browser dont wait to the response. edit more later: ok i think that the problem is when i run with a simple html with a SCRIPT tag that invokes the method who do the request run ok, but in this app that dont receive the response, i have a form that do a onsubmit event, i think that the submit event returns very fast and the browser dont have time to get the OPTIONS request. edit more later later: WTF, i resolve the problem make the POST request to sync: this.xhr.open("POST", url, false); The submit reponse very quickly and can't wait to the OPTION response of the browser, any idea to this?

    Read the article

  • javascript to determine if page on remote domain has changed

    - by uku
    Hi, I am trying to find a client-side way to determine if a page on a remote domain has changed. I can't load the page in an iframe and examine its contents due to same origin policy. So I tried using .getResponseHeader("Content-Length") and .getResponseHeader("Last-Modified") but apparently these are also restricted by SOP even though FireBug shows Content-Length in the console. Is there a way to do this? I just need a way to know if the page has changed. Thx

    Read the article

  • SVG with external images doesn't load them when embedded with <img> tag in browsers

    - by mat3001
    I made the following observation: If I create an svg image that references an external raster image via "xlink:href" and try to load the svg in browsers, the external images are only shown if I use the tag, but not when using the tag. Rendering with the tag is quite slow and not as clean as using the img tag for images so I was wondering if there's a way to make it work through the tag. At first I thought it doesn't work because of a same origin policy, but even if the referenced image is in the same directory and I reference it through its name only, it wont load. Any ideas?

    Read the article

  • Cross-domain templating with Javascript

    - by Husky
    I'm currently building a Javascript library that can be used to easily create embeddable media based on the URL of a media file, and then be controlled using Javascript methods and events (think something like the Flash / Silverlight JW player). Of course, i could simply cat all the html tags from the Javascript library and send that to the browser: function player(url) { document.write('<object type="foo"><param name="something" value="bar">' + <param name="source" value=" + url + '/></object>'); } But i think this is a very ugly practice that tends to create unmanageable code that is unreadable when you review it a few weeks later. So, a templating solution seems to be the way to go. I've been looking to EJS because it loads the templates using AJAX, so you can manage your templates in separate file instead of directly on the HTML page. There's one 'gotcha' with that: my library needs to be completely cross-domain: the library itself could be located on foo.com while the serving site could be located on bar.com. So if bar.com would want to add a media player using the library it needs to do an AJAX call to a template located on foo.com, which won't work because of the same-origin policy in browsers. AFAIK, there's no library that uses something like JSONP to read and write templates to get around this problem. Could anyone point me to a solution for this problem?

    Read the article

  • S3 browser upload via POST: unable to handle errors gracefully

    - by samf
    I am writing an app where I want the customer to be able to upload to Amazon S3 straight from the browser. I can make this work just fine. But when errors occur, I want to handle them more gracefully than splattering an XML document on the customer's screen. I have a scheme that I think would work, but it's failing. Here's what I'm trying: Create a form to do the upload, and store the form on S3 itself, in the same domain as the "action" attribute of the form. Redirect the customer to this form. Now their browser is sitting on https://<bucket>.s3.amazonaws.com/something. The page contains a hidden iframe. The form sets its target to the iframe. The load event handler looks at the contents of the iframe, and acts upon it. So, something like this: <iframe id="foo" name="foo" style="display: none" /> <form target="foo" action="https://<bucket>.s3.amazonaws.com/"> <input type="hidden" name="..." value="..." /> <input type="file" name="file" /> </form> with this javascript (using jquery): function handler() { var message = $("#foo").contents().find('message').text(); alert(message); } $("#foo").load(handler); Using firebug, I can see that the iframe contains an XML document, that contains a "message" node. However, the .find('message') always fails to find anything within the XML document. Notice that the action of the form has the same domain, port, and scheme as the document itself. So, I don't think that I should be running afoul of the same-origin policy. Right? But it fails every time. This is using Firefox and Google Chrome browsers. Thanks for any advice!

    Read the article

  • Chrome Extension - Cross-Origin XMLHttpRequest - Returning HTML/JSON

    - by Tyler
    Hi everyone, I hope you can help me :) I've created a Chrome extension (my first one) and I'm having some difficulty auto-populating a <select> with <option> that are being returned. the default_popup page is index.htm. I have two <select> (listboxes? can't remember the name) boxes. When a user first clicks the extension, it performs a XMLHttpRequest to a php script and get's a list of names from a MySQL database. It returns (onLoad) the list in the form of: <option>blah</option> When a user selects an option from the first listbox/select, it performs another XMLHttpRequest and auto-populates the second listbox/select. Then when a user selects an option from the second listbox it will eventually populate a few details further down the page. I've been testing by just running the index.htm file and seeing if just the code works correctly, which it does. However when trying to view it from the extension, it doesn't work. The onLoad doesn't fill in the first listbox, and selecting an option (one that I typed in the box for testing purposes) from the first listbox doesn't populate the second listbox. I thought maybe it was a permissions error, so I tried adding the domain to the manifest.json file; but I appear to be getting an error in the manifest.json file after doing so. In my default_popup (index.htm) file I have this script for my XMLHttpRequest: <script type="text/javascript"> function getClient(str,type) { if (str=="") { document.getElementById(type).innerHTML=""; return; } if (window.XMLHttpRequest) {// code for IE7+, Firefox, Chrome, Opera, Safari xmlhttp=new XMLHttpRequest(); } else {// code for IE6, IE5 xmlhttp=new ActiveXObject("Microsoft.XMLHTTP"); } xmlhttp.onreadystatechange=function() { if (xmlhttp.readyState==4 && xmlhttp.status==200) { document.getElementById(type).innerHTML=xmlhttp.responseText; } } xmlhttp.open("GET","http://(domain removed)/Extension/getInfo.php?q="+type+"&c="+str,true,"user","pass"); xmlhttp.send(); } </script> This is what my manifest.json file looks like: { "name": "Client Center Lite", "version": "1.0", "description": "blah", "browser_action": { "default_icon": "images/icon_19.png", "default_popup": "index.htm", "default_title": "Client Center Lite" }, "icons":{ "128":"images/icon_128.png" } "permissions": { "http://(domain removed)/" }, } Am I doing this correctly? The point of the extension is to be able to quickly view client details. The extension will only be given to employees locally in a .crx file, and not distributed online. The domain I am accessing through the PHP/MySQL is accessible from the web, but I'm currently using localhost in my mysql_connect string. Do I need to be returning the <option> elements encoded as JSON? If so, I'm completely cluesless as how to do that.

    Read the article

  • iPhone sdk, at dismissModalViewcontrollerAnimated, the parent change y origin coordinate

    - by DigitalVanilla
    Hi guys, my first post here :) I'm having a small trouble with a small but boring problem. I have a view, with a NavigationController. I load in the NC a simple view. Inside this view there's abutton where I fire the presentModalView... in the main view, not on NC, but it's parent view: ABVIEW NC NEWVIEW new attach a presentModalView... on ABVIEW, so [abview present...]; No problem till now. When it's the time to dismiss, after the temporary window (let's calls it NOTES) disappear, my ABVIEW with all the subviews change Y position from 0 to 20, the same height of the status bar. I was looking everywhere and I'm sure it's a stupid thing, but I miss a bit of knowledge here and I have no idea where to find the solution. thanks in advance!

    Read the article

  • How mod_cache working with "must-revalidate" and "max-age"?

    - by Dmitriy Sosunov
    Quick question before I will explain my flow: ?an mod_cache perform revalidate with if-none-match only if max-age is expired in case if it configured in reverse proxy mode? My goal is to reduce a number of revalidation requests to our the origin server. For instance: The first request goes to the origin server and then mod_cache save a response in to the cache according to header cache-control: max-age. And only when max-age is expired then mod_cache will revalidate with if-none-match. Currently, mod_cache revalidate each request, regardless that max-age is defined or not. My configuration of Apache 2.4.3 (Windows), on linux I see the same behavior that I will show below. ServerName proxy.lo ProxyRequests Off ProxyPreserveHost Off Header set Vary "Accept, Content-Type, Content-Encoding, Accept-Language" RequestHeader set X-Forwarded-Proto "http" # modify header for user agent's Header set Cache-Control "private, no-cache, no-store, no-transform" CacheQuickHandler off CacheDefaultExpire 300 # the origin server do not provide last-modified CacheIgnoreNoLastMod On CacheIgnoreCacheControl On # the origin server define cache-control: private, no-store only for user agents # Therefore, I would like ignore those headers on the proxy server. CacheStorePrivate On CacheStoreNoStore On CacheEnable disk / CacheRoot "C:/Apache.Cache" CacheDirLevels 5 CacheDirLength 4 CacheMinExpire 15 CacheDetailHeader on CacheHeader on KeepAlive Off ProxyPass / http://origin.lo/ ProxyPassReverse / http://origin.lo/ Also, I have turned on debug log level to see how mod_cache handles a content for caching: I provided this to show that mod_proxy always decides that a content isn't fresh. Why?I provided this to show that mod_proxy always decide that a content isn't fresh. Why? max-age was provided (see below). [Sun Nov 04 11:58:42.899890 2012] [cache:debug] [pid 6492:tid 1400] cache_storage.c(624): [client 192.168.1.100:63741] AH00698: cache: Key for entity /testpage?(null) is http://proxy.lo/testpage? [Sun Nov 04 11:58:42.899890 2012] [cache_disk:debug] [pid 6492:tid 1400] mod_cache_disk.c(569): [client 192.168.1.100:63741] AH00709: Recalled cached URL info header http://proxy.lo/testpage? [Sun Nov 04 11:58:42.899890 2012] [cache_disk:debug] [pid 6492:tid 1400] mod_cache_disk.c(865): [client 192.168.1.100:63741] AH00720: Recalled headers for URL http://proxy.lo/testpage? [Sun Nov 04 11:58:42.899890 2012] [cache:debug] [pid 6492:tid 1400] cache_storage.c(320): [client 192.168.1.100:63741] AH00695: Cached response for /testpage isn't fresh. Adding/replacing conditional request headers. [Sun Nov 04 11:58:42.899890 2012] [cache:debug] [pid 6492:tid 1400] mod_cache.c(414): [client 192.168.1.100:63741] AH00757: Adding CACHE_SAVE filter for /testpage [Sun Nov 04 11:58:42.899890 2012] [cache:debug] [pid 6492:tid 1400] mod_cache.c(448): [client 192.168.1.100:63741] AH00759: Adding CACHE_REMOVE_URL filter for /testpage [Sun Nov 04 11:58:42.899890 2012] [proxy:debug] [pid 6492:tid 1400] mod_proxy.c(1068): [client 192.168.1.100:63741] AH01143: Running scheme http handler (attempt 0) [Sun Nov 04 11:58:42.899890 2012] [proxy:debug] [pid 6492:tid 1400] proxy_util.c(1976): AH00942: HTTP: has acquired connection for (origin.lo) [Sun Nov 04 11:58:42.899890 2012] [proxy:debug] [pid 6492:tid 1400] proxy_util.c(2029): [client 192.168.1.100:63741] AH00944: connecting http://origin.lo/testpage to origin.lo:80 [Sun Nov 04 11:58:42.901890 2012] [proxy:debug] [pid 6492:tid 1400] proxy_util.c(2151): [client 192.168.1.100:63741] AH00947: connected /testpage to origin.lo:80 [Sun Nov 04 11:58:42.901890 2012] [proxy:debug] [pid 6492:tid 1400] proxy_util.c(2554): AH00962: HTTP: connection complete to 192.168.1.100:80 (origin.lo) [Sun Nov 04 11:58:42.903890 2012] [proxy:debug] [pid 6492:tid 1400] proxy_util.c(1991): AH00943: http: has released connection for (origin.lo) [Sun Nov 04 11:58:42.903890 2012] [headers:debug] [pid 6492:tid 1400] mod_headers.c(800): AH01502: headers: ap_headers_output_filter() [Sun Nov 04 11:58:42.903890 2012] [cache:debug] [pid 6492:tid 1400] mod_cache.c(1190): [client 192.168.1.100:63741] AH00769: cache: Caching url: /testpage [Sun Nov 04 11:58:42.903890 2012] [cache:debug] [pid 6492:tid 1400] mod_cache.c(1196): [client 192.168.1.100:63741] AH00770: cache: Removing CACHE_REMOVE_URL filter. [Sun Nov 04 11:58:42.904890 2012] [cache_disk:debug] [pid 6492:tid 1400] mod_cache_disk.c(1318): [client 192.168.1.100:63741] AH00737: commit_entity: Headers and body for URL http://proxy.lo/testpage? cached. The first request to the origin server without mod_proxy to http://origin.lo/ GET http://origin.lo/testpage HTTP/1.1 Host: origin.lo Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4 Accept: application/json Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 The first response from the origin without mod_proxy HTTP/1.1 200 OK Cache-Control: must-revalidate, proxy-revalidate, max-age=30 Content-Type: application/json; charset=utf-8 ETag: "7cf651e2-176f-4ac1-808e-0e0c17cfd0a2" Server: Microsoft-IIS/7.5 X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET Date: Sun, 04 Nov 2012 10:11:01 GMT Content-Length: 1877 So, I assumed that revalidation must be occur only in 30 seconds after the success response. Is't right? Let's check it:) Within 30 sec, the Google Chrome didn't perform any requests to the origin server to revalidate a request and has return the response from local cache. When max-age is expired, the Google Chrome perform a request to revalidate: GET http://origin.lo/testpage HTTP/1.1 Host: origin.lo Connection: keep-alive Cache-Control: max-age=0 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4 Accept: application/xml If-None-Match: "7cf651e2-176f-4ac1-808e-0e0c17cfd0a2" Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 and response: HTTP/1.1 304 Not Modified Cache-Control: must-revalidate, proxy-revalidate, max-age=30 ETag: "7cf651e2-176f-4ac1-808e-0e0c17cfd0a2" Server: Microsoft-IIS/7.5 X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET Date: Sun, 04 Nov 2012 10:16:20 GMT As you can see, all works as expected. User agent revalidates request only when max-age is expired. Let's now try perform the folling flow though mod_proxy (see configuration above). The first request: GET http://proxy.lo/testpage HTTP/1.1 Host: proxy.lo Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4 Accept: application/json Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 and the response was: HTTP/1.1 200 OK Date: Sun, 04 Nov 2012 10:23:36 GMT Server: Apache Cache-Control: private, no-cache, no-store, no-transform Content-Type: application/json; charset=utf-8 ETag: "7cf651e2-176f-4ac1-808e-0e0c17cfd0a2" Content-Length: 1932 Vary: Accept,Content-Type,Content-Encoding,Accept-Language X-Cache: MISS from proxy.lo X-Cache-Detail: "cache miss: attempting entity save" from proxy.lo Connection: close Ok, let's see to the disk cache and try to see how request and response was stored. (I cut binary data) http://proxy.lo/testpage? Cache-Control: private, no-cache, no-store, no-transform Content-Type: application/json; charset=utf-8 ETag: "7cf651e2-176f-4ac1-808e-0e0c17cfd0a2" Date: Sun, 04 Nov 2012 10:27:15 GMT Content-Length: 1932 Vary: Accept, Content-Type, Content-Encoding, Accept-Language Host: proxy.lo User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4 Accept: application/json Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 X-Forwarded-Proto: http Cache-Control: max-age=300, must-revalidate X-Forwarded-For: 192.168.1.100 X-Forwarded-Host: proxy.lo X-Forwarded-Server: origin.lo Ok, what we see? We see that the first request was performed with max-age=300 & must-revalidate Ok, looks good, as for me, lets perform the next call: GET http://proxy.lo/testpage HTTP/1.1 Host: proxy.lo Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4 Accept: application/json Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3 and the second response from mod_proxy: HTTP/1.1 200 OK Date: Sun, 04 Nov 2012 10:31:58 GMT Server: Apache Cache-Control: private, no-cache, no-store, no-transform ETag: "7cf651e2-176f-4ac1-808e-0e0c17cfd0a2" Content-Length: 1932 Vary: Accept,Content-Type,Content-Encoding,Accept-Language X-Cache: REVALIDATE from proxy.lo X-Cache-Detail: "conditional cache hit: entity refreshed" from proxy.lo Connection: close Content-Type: application/json; charset=utf-8 SO, MY QUESTION IS: WHY mod_proxy perform revalidation on each request regardless that max-age is defined? N.B. Apache 2.4.3 Thanks, I would be grateful for any help.

    Read the article

  • millions of 3d points how to 10 closest to origin

    - by Kazoom
    A point in 3-d is defined by (x,y,z). Distance d between any two points (X,Y,Z) and (x,y,z) is d= Sqrt[(X-x)^2 + (Y-y)^2 + (Z-z)^2]. Now there are a million entries in a file, each entry is some point in space, in no specific order. Given any point (a,b,c) find the nearest 10 points to it. How would you store the million points and how would you retrieve those 10 points from that data structure.

    Read the article

  • How to verify mail origin?

    - by MrZombie
    I wish to code a little service where I will be able to send an e-mail to a specific address used by my server to send specific commands to my server. I'll check against a list of permitted e-mail addresses to make sure no one unauthorized will send a command to the server, but how do I make sure that, say, an e-mail sent by "[email protected]" really comes from "thezombie.net"? I thought about checking the header for the original e-mail server's IP and pinging the domain to make sure it is the same, but would that be reliable? Example: Server receives a command from [email protected] [email protected] is authorized, proceed with checks Server checks "thezombie.net"'s IP from the header: W.X.Y.Z Server pings "thezombie.net" for it's IP: A.B.C.D The IPs do not correspond, do not process command Is there any better way to do that?

    Read the article

  • Determine branch of origin from bzr blame

    - by Dave Aaron Smith
    I had a complicated change that affected a bunch of files. I don't remember what bazaar branch I wrote that change in. We have a somewhat complicated merge setup, so the branch I'm in now lumps that change in with a lot of other changes. I'd like to do some very similar work so it would be nice to pull the original diff. I feel like I should be able to use bzr blame. I run this command on one of the files bzr blame --long path/to/file and I find one of the pertinent lines and get something like 1107.6.213 dsmith@satie 20091202 | tinyMCE.init({ Can I use that to figure out what branch and revision the original change came from? What do the 6 and 213 stand for?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >