Browsing articles tagged with "httpheaders - Admins Goodies"
Nov 12, 2012
tom

Blocking HEAD, DELETE, etc. with lighttpd

So I have lighttpd installed and the site it runs only needs to respond to GET requests. I was wondering how I can return 405 responses with Allow: GET headers to anything but GET requests using lighttpd? I’ve had a quick google but even the lighttpd doesn’t turn up anything solid. Asked by Sam Since version 1.4.19, you can filter on request-method: $HTTP[“request-method”] =~ “^(PUT|POST|HEAD|PATCH|DELETE)$” { url.access-deny = (“”) } Answered by j0k Check more […]

Continue Reading »
May 22, 2012
tom

NGINX + GZIP – Altering Vary header to include User-Agent

Currently, when nginx is set to gzip outbound content as requested by the client, the “gzip_vary on” setting will set the following header: Vary: Accept-Encoding We would like to modify this to send out: Vary: Accept-Encoding, User-Agent Is this possible? Thanks. Asked by anonymous-one The module ngx_headers_more allows you to change http headers : more_set_headers -s 200 “Vary: ” “Accept-Encoding, User-Agent”; Not tested! Answered by Yohann Check more discussion of this question. Bookmark on Delicious […]

Continue Reading »
May 2, 2012
tom

what is the way to remove the REFERRER header that sent by IIS?

I have an IIS-6 and i want to find a way that the server do not send REFERRER header response. How can i do it ? 10x Asked by haim evgi X-Forwarded-For is inserted by an HTTP proxy, not by your IIS server. If you’re getting it directly from your IIS server, then it thinks it’s acting as a proxy… which is less likely. More likely is that you have a proxy somewhere that either […]

Continue Reading »
Mar 31, 2012
tom

Sending HTTP headers by webserver or PHP?

It is equally possible to send HTTP headers by webserver or script. I use PHP on Nginx. Is there any different to send HTTP headers (such as Cache-Control) by nginx or PHP? Is it faster to send headers by webserver? and does it have an effect on earlier processing the HTTP request? Asked by Ali Is there any different to send HTTP headers (such as Cache-Control) by nginx or PHP? Nope, nginx may overwrite (or […]

Continue Reading »
Mar 27, 2012
tom

Is html or php header needed for gzip?

I use gzip module of nginx to compress documents. When gzip is enabled nginx will automatically send content-ending of gzip with HTTP headers, right? Without adding any PHP header header() or HTML meta http-equiv, this works perfectly. However, I have seen on online tutorial for adding header for gzip whether by PHP or HTML meta to assist browser to process gzipped data. Is it really needed? Since I was not sure if this is needed […]

Continue Reading »
Mar 19, 2012
tom

Conditionally set Content-Disposition header

I have an image gallery on a IIS7 server. I would like to have a button to force download the currently visible image. Maybe something like setting an url parameter: http://website.com/images/img.jpg?download Globally detect this parameter and then set the Content-Disposition header to attachment. My question is, how would I do that? Can I set it in the web.config file somehow? I’m more of a frontend guy. Asked by Sindre Sorhus Yes you can, but only […]

Continue Reading »
Feb 24, 2012
tom

http headers necessary ensure cloudfront distributed files don’t get browser cached

I have a Rails-generated JS file that I want to distribute via CloudFront (using my Rails app on EC2 as the origin server). Does anyone know which headers I should use in the response for my JS file to ensure that the end user’s browser does not cache the JS file? I know CloudFront does not respect any expires headers that are less than 1 hour… but the docs say those headers are still passed […]

Continue Reading »
Feb 20, 2012
tom

In Nginx, block user based on X header value

I have 6 Nginx servers behind load balancer. Of course, if I just try to “deny” based on IP address it does not work as the app servers just see the load balancer IP. However, I learned about the Real IP module and I have that enabled in the following way: set_real_ip_from 0.0.0.0/0; real_ip_header X-Real-IP; So, now that I have the X-Real_IP header set correctly, how I can then configure Nginx to use block certain […]

Continue Reading »
Jan 19, 2012
tom

Using curl to request URL that redirects to relative URL with anchor tag

I’m using curl to request a URL that redirects to a different URL using a Location: line like: Location:/path/to/resource#name As I understand it, that line in the redirect response is invalid per the HTTP specifications, so the overall curl call understandably fails (in this case, with a 400 response code). However, requesting the URL with wget or a web browser successfully renders the page (I assume through heuristics that fill in the absolute path or […]

Continue Reading »
Jan 3, 2012
tom

What sort of magic is my ISP doing?

While trying to setup OpenDNS, and failing to make website filtering actually work, I realized my ISP is doing something nefarious with all HTTP requests. To make a long story short, if there’s a Host: header, it doesn’t matter what IP address I use, the website I get depends on the Host: header and nothing else. It also seems to automatically use HTTP/1.1 even if I specify HTTP/1.0 in the request. Examples: Connect to google.com […]

Continue Reading »
Pages:12345»