Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [http-headers]

HTTP header fields are components of the message header of requests and responses in the Hypertext Transfer Protocol (HTTP). They define the operating parameters of an HTTP transaction.

HTTP header fields are components of the message header of requests and responses in the Hypertext Transfer Protocol (HTTP). They define the operating parameters of an HTTP transaction.

Refer to RFC 2616

624 questions
2
votes
1 answer

nginx reverse proxy with named location: how to override backend header?

I'm having a difficult time getting add_header to work when try_files is used to send requests to a named location which specifies a backend with proxy_pass. Basically, I want to override Content-Type for a specific set of URIs, but don't want to…
imiric
  • 143
  • 2
  • 6
2
votes
1 answer

nginx - Security headers within location block?

I have been testing the security headers (https://securityheaders.com) of my nginx setup and wanted to check peoples opinion with nginx suffix location blocks. Currently, I get 'A+' for http(s)://my.site however, 'B' when testing a suffix location…
jonny21
  • 23
  • 3
2
votes
2 answers

Authorization based on custom Header (Apache)

I have a service running behind a Apache Reverse-Proxy that uses the custom headers "username" and "role" to identify users and their role. I want Apache HTTPD to restrict access to to people whose custom HTTP-header "groupmembership" contains one…
juo
  • 33
  • 1
  • 5
2
votes
2 answers

Apache HTTP 2.2: Setting cache header when query string version exists

I've found example of how to do this all over the web, but I haven't been able to get this to work. Want to set a long future cache time on requests that have a query string of something like ?v=123. I've included my configuration below. But it just…
marcusds
  • 207
  • 2
  • 9
2
votes
1 answer

Apache Underscore in Header is overwriten

I've a service which sets the header x-user_type. Since Apache2.4.33 cannot use this, i'll transform this with the following in a .htaccess: SetEnvIfNoCase ^x.user.type$ ^(.*)$…
CasualBen
  • 161
  • 9
2
votes
1 answer

Rewriting client "Host" http header before nginx validates the field

I get following request from a device and should proxy it to hd10.vtech.com: GET http://hd10.vtech.com/test/pp_firmware/HD10-CH010_SUOTA.bin HTTP/1.1 Host: http://hd10.vtech.com/test/pp_firmware/HD10-CH010_SUOTA.bin Range:…
gspoosi
  • 131
  • 4
2
votes
1 answer

Nginx cache-control / expire headers will just not work

I've searched everywhere for a working answer to this issue, but none of the answers seem to work. I'm also sorry for the super long post but I just need to ask for help on this. I've tried to be as detailed as possible. I have an nginx webserver…
Grady
  • 31
  • 1
  • 5
2
votes
2 answers

Enable Both X-Real-IP and X-Forwarded-For in Nginx

How do I enable both X-Real-IP and X-Forwarded-For in Nginx? I currently have the following to get real IPs in Docker network. set_real_ip_from 172.18.0.0/32; real_ip_header X-Real-IP; real_ip_recursive on; I would also like to pass real IPs…
j7an
  • 21
  • 1
  • 2
2
votes
2 answers

Expires header for specific file types

How can I add an expires header just for pngs, and the ico file?
powtac
  • 639
  • 2
  • 6
  • 19
2
votes
0 answers

CORS not works on Nginx

I need my application work with backend API on other domain. I use nginx 1.12.1 on Ubuntu 16.04. I added to my host config following (to the location ~ .php$ section): add_header 'Access-Control-Allow-Origin' '*'; add_header…
atom-22
  • 121
  • 2
2
votes
1 answer

Getting HTTP response with date before request date. Is that right?

Say I sent a HTTP request at Thu, 22 Jun 2017 10:30:30 GMT. Is it right if I got Thu, 22 Jun 2017 10:30:25 GMT in response Date header? Which could be the cause?
nanocv
  • 123
  • 5
2
votes
1 answer

Why are "Request header read timeout" messages in error log when page loads are short?

I am running a Rails application with Apache 2.4.10 and mod_passenger. The site uses https exclusively. I am seeing these messages in my error log: [Wed May 31 19:05:37.528070 2017] [reqtimeout:info] [pid 11111] [client 10.100.23.2:57286] AH01382:…
user35042
  • 2,681
  • 12
  • 34
  • 60
2
votes
1 answer

Google cloud storage public object cached on the server side

I have a Google bucket with read permission for allUsers, but it's not configured as a website (and no archiving). I experience an object caching even when I send requests with no-cache control: gsutil cp test gs://mybucket # test has default meta…
xmedeko
  • 143
  • 8
2
votes
1 answer

Apache 2.4.7 ignores response header Content-Encoding: identity, instead respects Content-Encoding: none, set by PHP

I just realized my apparent problem (and the "solution" Content-Encoding: none from the StackOverflow question I referred to in my initial question, below) may very well have simply been due to a misunderstanding how things are actually working.…
Decent Dabbler
  • 171
  • 1
  • 1
  • 9
2
votes
2 answers

Why does Nginx ignore trailing dots in the "Host" header?

I've been running across an odd behavior in Nginx with requests that have a trailing dot in the hostname, i.e. domain.com. rather than domain.com alone. I set up a simple server config to test, like so: server { listen 80; server_name…
Joseph Montanaro
  • 548
  • 1
  • 4
  • 13
1 2 3
41 42