I have little problem with caching my views. The location header isn't correct when I lost my ticket and get logged out, and trying to get directly into url I was before.
Example: I'm inside /Admin/Categories, then I'm getting logged out due to being afk too long, so I'm being redirected to /Admin/Login. After log in I'm trying to go to /Admin/Categories and cache is sending me into /Admin/Login instead of /Admin/Categories.
My code:
LOGIN CONTROLLER
[OutputCache(CacheProfile = "OneDayCache", VaryByParam = "None", VaryByCustom = "url")]
public ActionResult Index()
{
return View();
}
CATEGORIES CONTROLLER
[OutputCache(CacheProfile = "OneDayCache", VaryByParam = "None", VaryByCustom = "url")]
public ActionResult Index()
{
if (validations.ValidateTicket())
{
return View();
}
else
{
return RedirectToAction("Index", "Login");
}
}
validations.ValidateTicket() is returning true or false and it's working good - it's not the problem.
GLOBAL.ASAX.CS
public override string GetVaryByCustomString(HttpContext context, string arg)
{
if (arg == "url")
{
return context.Request.RawUrl;
}
return base.GetVaryByCustomString(context, arg);
}
Web.config part inside :
<caching>
<outputCache enableOutputCache="true" omitVaryStar="true"></outputCache>
<outputCacheSettings>
<outputCacheProfiles>
<add name="OneDayCache" duration="86400" location="Client" />
</outputCacheProfiles>
</outputCacheSettings>
</caching>
Cache - Login (/Admin/Login)
HTTP/1.1 200 OK
Cache-Control: private, max-age=86400
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: Fri, 10 Feb 2017 20:35:45 GMT
Last-Modified: Thu, 09 Feb 2017 20:35:45 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-Frame-Options: SAMEORIGIN
X-AspNet-Version: 4.0.30319
X-SourceFiles: =?UTF-8?B?TTpcUHJvamVrdHlcQU1CSVQtQ01TLU1WQ1xBTUJJVCBDTVMgTVZDXEFkbWluXExvZ2lu?=
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2017 20:35:45 GMT
Content-Length: 1113
Cache - Categories (/Admin/Categories) - look at location header which is wrong...
HTTP/1.1 302 Found
Cache-Control: private, max-age=86400
Content-Type: text/html; charset=utf-8
Expires: Fri, 10 Feb 2017 20:35:39 GMT
Last-Modified: Thu, 09 Feb 2017 20:35:39 GMT
Location: /Admin/Login
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-SourceFiles: =?UTF-8?B?TTpcUHJvamVrdHlcQU1CSVQtQ01TLU1WQ1xBTUJJVCBDTVMgTVZDXEFkbWluXENhdGVnb3JpZXM=?=
X-Powered-By: ASP.NET
Date: Thu, 09 Feb 2017 20:35:39 GMT
Content-Length: 439
Ok, so the problem was that OutputCache location with VaryByCustom used as parameter needs to be set to Server or any other using Server location too.
For example:
Usage in controller:
[OutputCache(CacheProfile = "ControllerIndexCache")]
Web.config:
<caching>
<outputCache enableOutputCache="true" omitVaryStar="true"></outputCache>
<outputCacheSettings>
<outputCacheProfiles>
<add name="ControllerIndexCache" duration="10" location="Server" varyByCustom="Url" varyByParam="None" />
</outputCacheProfiles>
</outputCacheSettings>
</caching>
Global.asax.cs:
public override string GetVaryByCustomString(HttpContext context, string arg)
{
if (arg == "Url")
{
return context.Request.Url.AbsoluteUri;
}
return base.GetVaryByCustomString(context, arg);
}
This solution is working just fine.
Related
Short Version
I'm adding the response header:
Connection: keep-alive
but it's not in the resposne.
Long Version
I am trying to add a header to an HttpResponse in ASP.net:
public void ProcessRequest(HttpContext context)
{
context.Response.CacheControl = "no-cache";
context.Response.AppendHeader("Connection", "keep-alive");
context.Response.AppendHeader("AreTheseWorking", "yes");
context.Response.Flush();
}
And when the response comes back to the client (e.g. Chrome, Edge, Internet Explorer, Postman), the Connection header is missing:
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Transfer-Encoding: chunked
Expires: -1
Server: Microsoft-IIS/10.0
AreTheseWorking: yes
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 26 Feb 2022 16:29:17 GMT
What am I doing wrong?
Bonus Chatter
In addition to trying AppendHeader:
context.Response.AppendHeader("Connection", "keep-alive"); //preferred
I also tried AddHeader (which exists "for compatibility with earlier versions of ASP"):
context.Response.AddHeader("Connection", "keep-alive"); // legacy
I also tried Headers.Add:
context.Response.Headers.Add("Connection", "keep-alive"); //requires IIS 7 and integrated pipeline
What am i doing wrong?
Bonus: hypothetical motivation for the question
By default keep-alive is not allowed in ASP.net.
In order to allow it, you need to add an option to your web.config:
web.config:
<configuration>
<system.webServer>
<httpProtocol allowKeepAlive="true" />
</system.webServer>
</configuration>
This is especially important for Server-Send Events:
public void ProcessRequest(HttpContext context)
{
if (context.Request.AcceptTypes.Any("text/event-stream".Contains))
{
//Startup the HTTP Server Send Event - broadcasting values every 1 second.
SendSSE(context);
return;
}
}
private void SendSSE(HttpContext context)
{
//Don't worry about it.
string sessionId = context.Session.SessionID; //https://stackoverflow.com/a/1966562/12597
//Setup the response the way SSE needs to be
context.Response.ContentType = "text/event-stream";
context.Response.CacheControl = "no-cache";
context.Response.AppendHeader("Connection", "keep-alive");
context.Response.Flush();
while (context.Response.IsClientConnected)
{
System.Threading.Thread.Sleep(1000);
String data = DateTime.Now.ToString();
context.Response.Write("data: " + data + "\n\n");
context.Response.Flush();
}
}
I have a post controller in an MVC app returning this response:
return new HttpResponseMessage(HttpStatusCode.Accepted)
{
Content = new StringContent("test")
};
When I hit the post URL with this code:
using (WebClient client = new WebClient())
{
string result = client.UploadString(url, content);
}
result contains this response:
StatusCode: 202, ReasonPhrase: 'Accepted', Version: 1.1, Content: System.Net.Http.StringContent, Headers: { Content-Type: text/plain; charset=utf-8 }
Why isn't "test" appearing after Content:?
Thanks!
You should not return HttpResponseMessage from ASP.NET MVC action. In this case you'll get messy response like this:
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-SourceFiles: =?UTF-8?B?RDpcRHJvcGJveFxwcm9nXFN0YWNrT3ZlcmZsb3dcZG90TmV0XE12Y0FwcGxpY2F0aW9u?=
X-Powered-By: ASP.NET
Date: Sun, 04 Feb 2018 10:18:38 GMT
Content-Length: 154
StatusCode: 202, ReasonPhrase: 'Accepted', Version: 1.1, Content: System.Net.Http.StringContent, Headers:
{
Content-Type: text/plain; charset=utf-8
}
As you see, you actually get 200 HTTP response with HttpResponseMessage details in response body. This messy body content is what you deserialize into result variable.
ASP.NET MVC actions should return an instance of the class derived from System.Web.Mvc.ActionResult. Unfortunately, there is no built-in action result that allows setting both return status code and body content.
There is ContentResult class that allows to set return string content with status code of 200. There is also HttpStatusCodeResult that allows setting arbitrary status code but the response body will be empty.
But you could implement your custom action result with settable status code and response body. For simplicity, you could base it on ContentResult class. Here is a sample:
public class ContentResultEx : ContentResult
{
private readonly HttpStatusCode statusCode;
public ContentResultEx(HttpStatusCode statusCode, string message)
{
this.statusCode = statusCode;
Content = message;
}
public override void ExecuteResult(ControllerContext context)
{
if (context == null)
{
throw new ArgumentNullException(nameof(context));
}
base.ExecuteResult(context);
HttpResponseBase response = context.HttpContext.Response;
response.StatusCode = (int)statusCode;
}
}
The action would look like:
public ActionResult SomeAction()
{
return new ContentResultEx(HttpStatusCode.Accepted, "test");
}
Another possible fix is to change your controller from MVC to WEB API controller. To make this - just change base class of controller from System.Web.Mvc.Controller to System.Web.Http.ApiController. In this case you could return HttpResponseMessage as in your answer.
In both cases you will get correct HTTP response with 202 status code and string in the body:
HTTP/1.1 202 Accepted
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-SourceFiles: =?UTF-8?B?RDpcRHJvcGJveFxwcm9nXFN0YWNrT3ZlcmZsb3dcZG90TmV0XE12Y0FwcGxpY2F0aW9u?=
X-Powered-By: ASP.NET
Date: Sun, 04 Feb 2018 10:35:24 GMT
Content-Length: 4
test
On my server side I'm using web api 2 with signalr.
On my client side I'm using angularjs.
Here's the http request when I initiate the signalr connection:
> GET
> http://example.com/signalr/negotiate?clientProtocol=1.4&connectionData=%5B%7B%22name%22%3A%22main%22%7D%5D&_=1416702959615 HTTP/1.1 Host: mysite.net Connection: keep-alive Pragma: no-cache
> Cache-Control: no-cache Accept: text/plain, */*; q=0.01 Origin:
> http://lh:51408 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64)
> AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.65
> Safari/537.36 Content-Type: application/x-www-form-urlencoded;
> charset=UTF-8 Referer: http://localhost:51408/ Accept-Encoding: gzip,
> deflate, sdch Accept-Language: en-US,en;q=0.8 Cookie:
> ARRAffinity=9def17406de898acdc2839d0ec294473084bbc94a8f600c867975ede6f136080
And the response:
> HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache
> Transfer-Encoding: chunked Content-Type: application/json;
> charset=UTF-8 Expires: -1 Server: Microsoft-IIS/8.0
> X-Content-Type-Options: nosniff X-AspNet-Version: 4.0.30319
> X-Powered-By: ASP.NET Date: Sun, 23 Nov 2014 00:36:13 GMT
>
> 187
> {"Url":"/signalr","ConnectionToken":"6BKcLqjNPyOw4ptdPKg8jRi7xVlPMEgFUdzeJZso2bnXliwfY4WReQWHRpmB5YEZsbg14Au7AS5k5xS5/4qVheDxYoUkOjfFW0W8eAQsasjBaSQOifIilniU/L7XQ1+Y","ConnectionId":"f2fc7c47-c84f-49b8-a080-f91346dfbda7","KeepAliveTimeout":20.0,"DisconnectTimeout":30.0,"ConnectionTimeout":110.0,"TryWebSockets":true,"ProtocolVersion":"1.4","TransportConnectTimeout":5.0,"LongPollDelay":0.0}
> 0
However, in my javascript I'm getting the following error response when connecting:
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhos:51408' is therefore not allowed access.
On my server side my startup method looks the following:
public void Configuration(IAppBuilder app)
{
System.Web.Mvc.AreaRegistration.RegisterAllAreas();
ConfigureOAuth(app);
GlobalConfiguration.Configure(WebApiConfig.Register);
app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
}
Shouldn't this make sure that cors is used in signalr too or am I missing something?
For those who had the same issue with Angular, SignalR 2.0 and Web API 2.2,
I was able to solve this problem by adding the cors configuration in web.config and not having them in webapiconfig.cs and startup.cs
Changes Made to the web.config under <system.webServer> is as below
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="http://localhost" />
<add name="Access-Control-Allow-Methods" value="*" />
<add name="Access-Control-Allow-Credentials" value="true" />
</customHeaders>
</httpProtocol>
You can look at this snippet from here https://github.com/louislewis2/AngularJSAuthentication/blob/master/AngularJSAuthentication.API/Startup.cs
and see if it helps you out.
public void Configuration(IAppBuilder app)
{
HttpConfiguration config = new HttpConfiguration();
ConfigureOAuth(app);
app.Map("/signalr", map =>
{
// Setup the CORS middleware to run before SignalR.
// By default this will allow all origins. You can
// configure the set of origins and/or http verbs by
// providing a cors options with a different policy.
map.UseCors(CorsOptions.AllowAll);
var hubConfiguration = new HubConfiguration
{
// You can enable JSONP by uncommenting line below.
// JSONP requests are insecure but some older browsers (and some
// versions of IE) require JSONP to work cross domain
//EnableJSONP = true
EnableDetailedErrors = true
};
// Run the SignalR pipeline. We're not using MapSignalR
// since this branch already runs under the "/signalr"
// path.
map.RunSignalR(hubConfiguration);
});
WebApiConfig.Register(config);
app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
app.UseWebApi(config);
Database.SetInitializer(new MigrateDatabaseToLatestVersion<AuthContext, AngularJSAuthentication.API.Migrations.Configuration>());
}
I have faced the CORS issue in MVC.net
The issue is SignalR negoiate XHR request is issued with credentials = include thus request always sends user cookies
The server has to reply back with response header Access-Control-Allow-Credentials set to true
First approach and this is due the help of other people , configure it at web.config
<configuration>
<system.webServer>
<httpProtocol>
<customHeaders>
<add name= "Access-Control-Allow-Origin" value="http://yourdomain:port"/>
<add name="Access-Control-Allow-Credentials" value = "true"/>
</customHeaders>
</httpProtocol>
</system.webServer>
</configuration>
Second approach which I fought to make it work is via code using OWIN CORS
[assembly::OwinStartup(typeof(WebHub.HubStartup), "Configuration"]
namespace WebHub
{
public class HubStartUp
{
public void Configuration(IAppBuilder app)
{
var corsPolicy = new CorsPolicy
{
AllowAnyMethod = true,
AllowAnyHeader = true,
SupportsCredentials = true,
};
corsPolicy.Origins.Add("http://yourdomain:port");
var corsOptions = new CorsOptions
{
PolicyProvider = new CorsPolicyProvider
{
PolicyResolver = context =>
{
context.Headers.Add("Access-Control-Allow-Credentials", new[] { "true" });
return Task.FromResult(corsPolicy);
}
}
};
app.Map("/signalR", map =>
{
map.UseCors(corsOptions);
var config = new HubConfiguration();
map.RunSignalR(config);
});
}
}}
In ConfigureServices-method:
services.AddCors(options => options.AddPolicy("CorsPolicy", builder =>
{
builder.AllowAnyHeader()
.AllowAnyMethod()
.SetIsOriginAllowed((host) => true)
.AllowCredentials();
}));
In Configure-method:
app.UseCors("CorsPolicy");
app.UseSignalR(routes =>
{
routes.MapHub<General>("/hubs/general");
});
I have an ASPX page that issues a Response.Redirect that points to an image file.
The redirect response headers look like this:
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://www.site.com/folder/file.jpg
Server: Microsoft-IIS/8.0
Date: Tue, 29 Apr 2014 08:29:58 GMT
Content-Length: 241
Is it possible to force the client and any proxy servers to cache this response for say 30 days? Should I do this with Cache-Control, ETags or both? If so, how?
I have figured this out and tested it. The following code adds the ETags and cache-control:
protected void Page_Load(object sender, EventArgs e)
{
var absoluteUrl = GetUrlFromDatabase(Request["fileId"]);
CacheResponse(absoluteUrl);
Response.Redirect(absoluteUrl);
}
private static void CacheResponse(string absoluteLocation)
{
// you need to clear the headers that ASP.NET automatically adds
HttpContext.Current.Response.ClearHeaders();
// now get the etag (hash the
var etag = GetETag(absoluteLocation);
// see if the etag matches what was sent
var requestedETag = HttpContext.Current.Request.Headers["If-None-Match"];
if (requestedETag == etag)
{
HttpContext.Current.Response.Status = "304 Not Modified";
HttpContext.Current.ApplicationInstance.CompleteRequest();
return;
}
// otherwise set cacheability and etag.
HttpContext.Current.Response.Cache.SetValidUntilExpires(true);
HttpContext.Current.Response.Cache.SetCacheability(HttpCacheability.ServerAndPrivate);
HttpContext.Current.Response.Cache.SetExpires(DateTime.Now.AddMonths(1));
HttpContext.Current.Response.Cache.SetLastModified(DateTime.UtcNow);
HttpContext.Current.Response.Cache.SetETag("\"" + etag + "\"");
}
private static string GetETag(string url)
{
var guid = StringToGuid(url);
var etag = new ShortGuid(guid); // see reference to ShortGuid below
return etag.Value.Replace("-", string.Empty);
}
private static Guid StringToGuid(string value)
{
// Create a new instance of the MD5CryptoServiceProvider object.
var md5Hasher = MD5.Create();
// Convert the input string to a byte array and compute the hash.
var data = md5Hasher.ComputeHash(Encoding.Default.GetBytes(value));
return new Guid(data);
}
Reference: ShortGuid.
The initial HTTP response headers are now:
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Expires: Thu, 29 May 2014 09:07:41 GMT
Last-Modified: Tue, 29 Apr 2014 09:07:41 GMT
ETag: "k28kbGNuxkWzP6gmLO2xQ"
Location: https://www.site.com/folder/file.jpg
Date: Tue, 29 Apr 2014 09:07:41 GMT
Content-Length: 241
My web app generates a CSV file on the fly, but whenever I use GZIP compression, the download fails:
HTTP/1.1 200 OK
Cache-Control: private, s-maxage=0,no-store, no-cache
Transfer-Encoding: chunked
Content-Type: text/csv;charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 3.0
Content-Disposition: attachment;filename="filename.csv"
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3p: CP="CAO PSA OUR"
Date: Fri, 03 Feb 2012 11:27:27 GMT
The download appears as "Interrupted" in Google Chrome, and in Internet Explorer appears an error that says "Content decoding has failed" .
HTTP/1.1 200 OK
Cache-Control: private, s-maxage=0,no-store, no-cache
Transfer-Encoding: chunked
Content-Type: text/csv;charset=utf-8
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 3.0
Content-Disposition: attachment;filename="filename.csv"
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3p: CP="CAO PSA OUR"
Date: Fri, 03 Feb 2012 11:23:30 GMT
The solution is disabling compression on that action, but... why does this happen?
Cheers.
UPDATE: The compression filter that I use:
public class EnableCompressionAttribute : ActionFilterAttribute
{
const CompressionMode compress = CompressionMode.Compress;
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (filterContext.IsChildAction)
return;
var actionAttributes = filterContext.ActionDescriptor.GetCustomAttributes(true);
if (actionAttributes != null && actionAttributes.Any(attr => attr is SkipCompressionAttribute))
return;
HttpRequestBase request = filterContext.HttpContext.Request;
HttpResponseBase response = filterContext.HttpContext.Response;
String acceptEncoding = request.Headers["Accept-Encoding"];
if (acceptEncoding == null || response.Filter == null)
return;
if (acceptEncoding.ToLower().Contains("gzip"))
{
response.Filter = new GZipStream(response.Filter, compress);
response.AppendHeader("Content-Encoding", "gzip");
response.AppendHeader("Vary", "Accept-Encoding");
}
else if (acceptEncoding.ToLower().Contains("deflate"))
{
response.Filter = new DeflateStream(response.Filter, compress);
response.AppendHeader("Content-Encoding", "deflate");
response.AppendHeader("Vary", "Accept-Encoding");
}
}
}
Try:
Response.Headers.Remove("Content-Encoding");
Response.AppendHeader("Content-Encoding", "gzip");
Another problem may be the caching: what if a client accepts compressed content, but the next client doesn't, and the server cached the compressed data? what the second client will get? A cached compressed page that won't decode!
To fix that, add another method:
public override string GetVaryByCustomString(HttpContext context, string custom)
{
if (custom == "GZIP")
{
string acceptEncoding = HttpContext.Current.Response.Headers["Content-Encoding"];
if (string.IsNullOrEmpty(acceptEncoding))
return "";
else if (acceptEncoding.Contains("gzip"))
return "GZIP";
else if (acceptEncoding.Contains("deflate"))
return "DEFLATE";
return "";
}
return base.GetVaryByCustomString(context, custom);
}