Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [http-headers]

HTTP header fields are components of the message header of requests and responses in the Hypertext Transfer Protocol (HTTP). They define the operating parameters of an HTTP transaction.

HTTP header fields are components of the message header of requests and responses in the Hypertext Transfer Protocol (HTTP). They define the operating parameters of an HTTP transaction.

Refer to RFC 2616

624 questions
0
votes
0 answers

HTTP_IF_NONE_MATCH Missing on Server Side with Chrome Requests to NGINX

I'm trying to add etag based cache verification to a web app I've developed that runs on Apache via an NGINX reverse proxy. The web app is written in Perl. In the Perl script, I check for the $ENV{'HTTP_IF_NONE_MATCH'} header and then test the etag…
Timothy R. Butler
  • 703
  • 2
  • 11
  • 22
0
votes
1 answer

Setting Nginx expires epoch header selectively

I have a folder containing imagery on my server that is used to service both a mobile app, via a CDN, and to work with a backend webapp used to manage the content delivered to the app. For the latter - the backend webapp - I want to ensure that…
DroidOS
  • 173
  • 7
0
votes
1 answer

Remove "Via" response header from "ledge"

I have an Openresty web-server that is also working as caching server by using ledge. ledge is setting a "Via" response header that exposing the hostname of the server which is fqdn. Via: 1.1 xyz.example.com I have these in my openresty and ledge…
Minhaj
  • 177
  • 4
  • 14
0
votes
1 answer

iptables not working with "x-forwarded-for" (behind Cloudflare)

I have a webserver (Ubuntu with Apache) running behind Cloudflare. I want to block a user using the iptables. Here I want to implement the string match extension of iptables and drop the connection if x-forwarded-for matched. I am adding the rule…
Ajaib Singh
  • 53
  • 6
0
votes
0 answers

how to allow POST to php file in apache only from same-origin?

I have a website with a HTML form that, when submitted, successfully sends a POST request to a .php file on the server (Apache 2.4.48). However, when I let Javascript handle the submitting through a JS fetch(), the server responds with a 405…
Tai
  • 1
  • 3
0
votes
1 answer

CORS prevent js window.onerror from subdomain reporting informations

To log Javascript errors i have set up a function with window.onerror which trigger an ajax request and inform me about script errors. I load all my static files from a subdomain and if an error occurs from a file outside of the main domain, CORS…
delato468
  • 103
  • 4
0
votes
0 answers

How to set header in request for HAProxy based on script output?

I have haproxy which runs fine, but we have backend, which validate token against our identity service. I want to move that logic to HAProxy, where we can run some python or sh script, and get the user name and its ldap groups. Then we don't have to…
Nilesh
  • 255
  • 1
  • 6
  • 18
0
votes
0 answers

What is an HTTP Proxy (forward not reverse) required to do with a client's request headers?

1 Could someone help me distill down what, exactly, the minimum requirements are for a proxy server (just a forward proxy not reverse) with regard to headers? What headers absolutely must be deleted from the client request before it's passed…
AdjunctProfessorFalcon
  • 101
  • 5
0
votes
1 answer

How to Avoid Crazy Caching with "Vary: Cookie" Header in NGINX

I know Vary: Cookie is not well liked, since it causes caching of every variation of cookies a user might report. On the other hand, without it, I've had to use Cache-Control: no-cache to tell my NGINX caching server to skip caching content entirely…
Timothy R. Butler
  • 703
  • 2
  • 11
  • 22
0
votes
0 answers

HTTP redirect not working

My website: https://www.louiswebsdale.co.uk/ keeps giving the "400 bad request invalid header" error when trying to visit it without the https. So www.louiswebsdale.co.uk or http://www.louiswebsdale.co.uk give the "400 bad request invalid header"…
Louis Websdale
  • 1
  • 2
0
votes
0 answers

Add headers in nginx config on AWS Elastic Beanstalk

I'm trying to have the nginx on my Elastic Beanstalk application add some headers to every response. I've edited my 00_application.conf file (in .ebextensions/nginx/conf.d/elasticbeanstalk) to include: location / { # snip other config …
Jorn
  • 501
  • 1
  • 4
  • 14
0
votes
0 answers

Can anyone explain the Forwarded header to me?

I am a little confused on the this current standard for headers (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Forwarded). I tried reading the specification (https://datatracker.ietf.org/doc/html/rfc7239#section-4) and it seems a little…
Adam Johnston
  • 101
0
votes
2 answers

Apache .htaccess set a header if Request URI does not exactly match a desired value

Goal: using a .htaccess file in /directory/, if request URI does NOT exactly match "/directory/" then set a header. For example, the header SHOULD be set if the request URI is "/directory/index.php", "/directory/?something", or…
Displayname71
  • 109
  • 1
  • 7
0
votes
1 answer

How to send a HTTP header on all server blocks in nginx?

Let's say I have a running nginx instance with several server blocks (on a linux server), and that I would like to send an extra HTTP header like Permissions-Policy: interest-cohort=() on all responses because I agree with Google's FLOC being a bad…
IvanSanchez
  • 103
  • 1
  • 4
0
votes
1 answer

asp.net Secure Cookies behind load balancer

This is a hybrid MVC/webforms asp.net application using framework 4.8, forms authentication and Membership. I need to implement secure cookies. The web site is behind a Coyote load balancer which I do not have access to (and never will have access…
Tom Regan
  • 133
  • 1
  • 9
1 2 3
41 42