I am using ESI for not caching a fragment of page. I have written the following configuration in vcl file for not caching my fragment:
sub vcl_backend_response{
set beresp.do_esi = true;
if (bereq.url ~ "/fragment") {
set beresp.uncacheable = true;
return (deliver);
}
}
The first time when varnish brings whole page from backend, it sends
separate request for '/fragment' and puts it proper place of page.
But on refreshing the page, varnish only reuests for the main page and
it finds it in cache. Then it does not look up for esi fragment in this page and does not send request for it. Instead it is stored in the main page itself while caching main page and brings it from there while doing lookup.
I want to know how to bring the fragment from backend, everytime request for main page is made, while serving rest of content of main page from cache.
Putting unset resp.http.Etag; inside vcl_deliver subroutine worked for me.
Related
I was wondering if it is possible to restrict access to an ASPX page to http POST request method only? This restricted page will be used to render some complex content. I want to use it for ajax calls which will return that content into a div on another page. Is it possible to disable GET requests so that users won't be able to access it via URL in their browser by accident?
You can't prevent user from making a GET request. You can choose on server that you won't serve those. For example like:
if (!string.Equals(Request.HttpMethod, "POST"))
{
Response.StatusCode = 405;
Response.End();
}
This can be implemented in Page_Load event or even in HttpModule (if you need it for more pages, etc).
I set a cookie for users before I redirect them to any company partner pages.
A web beacon is fired by our partners on their respective domains later at some point after the hand-off (for us to track referrals) to a handler which reads that cookie.
The following code works fine in Firefox, but IE8 and up (and possibly other versions) return null every time.
1) my domain -> aspx page sets cookie:
HttpCookie cookie = new HttpCookie(name);
cookie.Value = value;
cookie.Expires = DateTime.Now.AddDays(5);
Response.Cookies.Add(cookie);
//now redirect to partner page
2) partner domain -> fire web request through ajax or script tag implementation
<script type='text/javascript' src='http://mydomain.com/handler.ashx'></script>
3) my domain -> ashx handler receives request and attempts to read cookie in ProcessRequest
if (context.Request.Cookies[name]!=null){ //note use of handler context to access cookie
//get cookie Works with firefox FAILS with ie
}
I even added a p3p header to the handler to avoid the evil eye of IE's cookie-blocking Sauron in the status bar assuming a correlation. That did allow me to use session, but I need the persistence of a cookie for my purpose, so it was no help.
Update I performed the same test, but using an aspx page rather than ashx to rule out any handler issues. The problem still exists!
One other thing to note is that with both ashx and aspx called from 3rd party page, ie will still display the aforementioned 'Restricted Websites' eye icon, much the same way it does on this site when viewed in IE. (my privacy settings are set to the default of medium)
I have these cache headers set
Context.Response.Cache.SetExpires(DateTime.Now.Add(refresh));
Context.Response.Cache.SetMaxAge(refresh);
Context.Response.Cache.SetCacheability(HttpCacheability.Private);
Context.Response.Cache.SetValidUntilExpires(true);
Context.Response.ContentType = "text/html";
Do i have to set anything else for the caching to work when page is refreshed as well?
For programmatically places a page content in client(browser), proxy and servers cache you need do this:
Response.Cache.SetCacheability(HttpCacheability.Public);
Response.Cache.SetExpires(DateTime.Now.AddSeconds(15));
Response.Cache.SetMaxAge(TimeSpan.FromSeconds(15));
Response.Cache.SetValidUntilExpires(true);
Response.Cache.SetLastModified(DateTime.Now);
Response.Cache.SetOmitVaryStar(true);
I need to be able to put the site in 'maintenance mode'. So I'm using a cheap hack like this one in app.php (the original app.php was moved to app.php.bak):
<?php
$key = 123;
if(isset($_GET['skip_maintenance_key']) && $_GET['skip_maintenance_key'] == $key) {
setcookie('skip_maintenance_key', $key);
}
if(isset($_COOKIE['skip_maintenance_key']) && $_COOKIE['skip_maintenance_key'] == $key) {
include 'app.php.bak';
// placeholder
} else {
//header('Cache-Control: public, maxage=30');
header('Status: 503 Service Unavailable');
include 'html/error/503.html';
}
The problem is that as soon as I hit a page that uses http cache, the page gets cached by intermediaries like Cloudflare or my own proxy and it begins to be served to everyone.
So what I would like to do is somehow disable http cache globally during maintenance, maybe adding a line of code in // placeholder?
if you have access to httpd.conf you could add:
Header set Cache-Control no-cache
Header set Expires 0
or if not, take a look to this tutorial
I read Fabien saying (in a pull request that got rejected) that this should be handled by the web server. So I changed my maintenance script to modify the server config instead of the framework.
The problem was the server was not able to remove the cache headers. But then I found the NginxHttpHeadersMoreModule which worked just fine, so problem solved.
I'm wondering how to send custom headers using a redirect, currently with no success. I’m attempting to do the following:
Response.Clear();
Response.AddHeader("X-PagePathNode", "/public/IPOs.aspx");
Response.Status = "301 Moved Permanently";
Response.StatusCode = 301;
Response.AppendHeader("Location", "default.aspx");
Response.End();
When I’m looking at the Request object’s headers, the new header isn’t there. Looking at firebug, the following is happening. The page which is doing the location change has the new header. However the page the location has redirected too doesn’t contain the new header in the Request.
My Question is how to redirect to a new location with the new headers from redirect into the Request object of the new Location.
Essentially I want to be able to: Request.Header[“X-PagePathNode"] on the page load to view the headers added from the redirect.
Appreciate any help.
There's a couple of different approaches you can try. Among your tools are Session variables, cookies, the Referrer HTTP header, and a query string.
From what I understand, you want to issue a HTTP 301 redirect from page A to page B, and from page B, you wish to acknowledge the fact that this redirect has taken place (and maybe add some additional headers or logic).
Here's a few approaches:
From page A, set a Session variable, and check for its existance in page B (then you probably want to remove said Session variable).
From page A, set a cookie, and check for its existence in page B.
From page B, check Request.UrlReferrer and see if it's page A, then do your logic.