I'm having this situation where image requests are made to an image endpoint, passing in reference and width as arguments and the server returns a 302 redirect to the image resource. At the moment that 302 triggers a 301 to another domain, and then after 2 redirects the image is loaded. The image filesize is 18KB.
Now the "problem"/question I have is when looking at firefox debugger tools (network tab) for this 3 requests, I see that it is showing me that 3 times 18KB were transferred, but the redirects should be much much smaller (range of 100B-300B).
the screen shot of the firefox network tab
Is this a bug in the firefox developer tools or am I missing some concept here and the browser actually downloads so much for every image?
Looking at the same page in the chrome developer tools, I see something more like what I would expect:
And then I ran the same request also using ARC and the response(s) I see there are shown on the next image (and also get the responses along the same lines using curl).
I'm using firefox 62.0.2 (64 bit) browser and chrome 68.0.3440.106.
Any ideas?
Related
I have a legacy web application. The app needs to be opened in IE while the user opens it from Edge Chromium. I've added the URL to the EM site list XML on a NAS share. This works great for other legacy applications we have.
However, this application uses a HTTP POST request.
When a user navigates in Edge to the web application, it loads fine in a new IE11 screen.
But when you use the search, it opens in a new Window and it seems the parameters from the HTTP POST request are not included. This results in a null request.
Is there any setup needed to include the HTTP post request in IE mode? I can't find this anywhere in the MS documentation.
We've replaced the post request with a get request and solved the issue this way
We had the same symptoms. I did not verify that the http method was changed from POST to GET, but the form variables from a POST operation were not being transmitted to the next page.
We were able to get this working by adding the source page (the one with the form variables in it) to the Enterprise Mode Site List in Edge.
In Edge, paste the following into the address bar (without the quotes): "edge://compat/SiteListManager"
I checked the box to Allow Redirects and also used IE5 Document mode as the Compat Mode because that is what was indicated by f12 tools when running the same page in real IE 11.
See also https://learn.microsoft.com/en-us/deployedge/edge-ie-mode-site-list-manager
And https://learn.microsoft.com/en-us/deployedge/edge-ie-mode-faq
Mixed Content: The page at 'https://yourwebsite.com/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://otherwebsite.com/'. This request has been blocked; the content must be served over HTTPS.
After running into this error a few times, I have learned in modern web browsers you cannot have mixed content. That means an https site cannot make a request to one that is just http.
So my issue is enabling this in safari.
However in the development stages I am able to enable this in chrome
1) Click on the shield.
2) Click "Load Unsafe Scripts"
3) Now you should be able to see the blocked content. but of course the website will no longer be secure.
I am also able to do this in firefox.
1) Click on the upside-down !
2) Click on the > arrow.
3) Disable protection for now.
4) Now the site is not secure, but your request/ content is available.
However, I have looked forever and cannot find this in safari for any of the recent versions. Even when enabling developer tools, I am unable to find it. I looked through some of the release logs to see if this feature was deprecated, and could not find anything.
Is there any way to do this in safari?
Mixed contents are disabled from Safari 9+
so this is not possible. you need to use workaround like proxy
Navigates to your Safari "Privacy Settings" and disable the 'Block Third Party Cookies' and 'Disable Cross-site tracking' settings.
Bassically it is what the question says, It is like my website it is not save for the clients. (I do not have online payments or somethig like that)
The thing is that this only happen sometimes, and it is not always in the same device, for example it could happen in my pc once a week and the rest of the time works just fine.
I have beeing reading and it could be a lot of causes, but in this way that it is sometime I thing it is really weird, my ssl expires in four day, but this problem has been happen for about two months (the site has been 1 year online).
When I call to external links (for javascript or css) I checked and it is always https.
I also read that could be the browser or the OS but this has happened in chrome, mozilla and IE as browser and Windows 10, windows 8, ubuntu (last version at this time), android 5.0.1 as SO and my web server is linux.
I do not know what other information it is relevant, I try to give all I read could be relevant in this case.
To get more details you can :
Click on the slashed https
Open the console (The security tabs and the network tabs could help you too)
What could cause it:
Unsecure (http) requests
Unsecure ciphers ( check it with ssllabs.com )
Forms with http target
How can I distinguish whether resource was served via http/1 or http/2? The BE guys implemented it on their side. and what I can see in dev tools network tab that a lot of images (80 items) is loaded in parallel. But when I look at XHR tab they seem to be loaded by smaller portions. like wait for first 6, than go for another. And it seems that before migration to http/2 it was the same. I cant see any headers indicatin which version of protocol was used
You can view that in Chrome using the 'Network' tab in 'Developer Tools', in the 'Protocol' column. If it isn't present, right click on one of the headers ('Status' for example), and select 'Protocol'.
In Firefox, in the same 'Developer'/'Network' panel, when you select one of the queries, in addition to the URL and status code, it displays the version:
Finally, each of these two browsers has a handy status indicator extension:
Firefox: https://addons.mozilla.org/en-us/firefox/addon/spdy-indicator/
Chrome: https://chrome.google.com/webstore/detail/http2-and-spdy-indicator/mpbpobfflnpcgagjijhmgnchggcjblin?hl=en
I'm trying to set my images to cache. With no settings, I'm getting a 304 response from the server, which means that while 100 requests are being made for each of my images, the image isn't actually being transferred.
Great.
Now I want to tell the browser to use the image from cache without making the request to see if it was modified.
I go into IIS7 and click on the folder with my images, select the HTTP Response Headers and click Set Common Headers.
On the dialog the apears I check off the "Expire Web Content" box and I select the "After" option and I select 1 Day(I also tried 2 days).
I click OK and run a iisreset (although I don't think this is nessesary). I open up internet explorer with the network tab active and load the page. The browser loads the images. They are 200 responses and I check the headers and find "Cache-Control:max-age=172800" Great.
Now I reload the page (clicking on a link that loads the same page, or clicking in the address bar and pressing enter... NOT clicking refresh) and check the network tab again. I'm still getting 304 repsonses from the server, the browser is not directly loading the image from cache.
What do I need to do to get the browser to load this from cache?
Note: This works correctly in Chrome (Of course, story of my life)
Note2:
Someone noted that sometime IE says 304 even though it is really going strait to cache.
I don't see it going through Fiddler, HOWEVER, I see in the network tab of IE9 it is saying the Response time is 327 milliseconds. This time seems to increase for the images that are loaded later. So out of the 100 images the first 10 had respnses between 16-70 ms and the last 10 had responses of over 800 ms. The one that took 327ms was somewhere in the middle. Is IE really this inefficient retrieving from the cache?
Also, I should note there are files, such as some css files, that IE says are 304, however the response time is <1ms, which I'm assuming means it actually got it from cache without going over the network. That's different than this case for my images where IE actually shows a response time of hundreds of milliseconds.