I have an Apache server with MultiViews, here's my directory layout:
/style.css [text/css]
/style.xsl [text/xsl]
/index.xml [application/xml]
In my index.xml file, I reference the XSL:
<?xml-stylesheet href="/style"?>
In the XSL, I reference the CSS:
<link rel="stylesheet" href="/style" />
This approach doesn't work in any browser that I have tried.
In Firefox-16.0.1 I see the following message:
Error loading stylesheet: An XSLT stylesheet does not have an XML mimetype:
I debug the HTTP conversation, I notice that Firefox is sending:
Accept: */*
Firefox is requesting any type of content, so Apache chooses to send /style.css.
I would expect web browsers who require specific content types to send explicit Accept headers for those content-types.
I was prepared to submit a bug, when I found two others which explicitly documented getting rid of the Accept constraints.
reduce verbosity of Accept header for fetching XSLT
stylesheet link header doesn't support official XSLT media type
I can work around this by putting the extensions in the file names, but this should work the same way as content negotiation for images, as discussed in the W3C blog. The benefit is that they can add a new content type later without having to update any of their documents.
Is this a bug, or am I getting something wrong?
Related
I am integrating react-google-maps in nextjs. Every thing works fine but when map is opened the images are not loaded:
I get Refused to load image because it violates the following content security policy directive : "img-src *"
What does this mean and how to resolve this? Is this related to my domain or my app server?
Note, Locally every thing works fine
You need to set you Content Security Policy Header to accept from the locations
Header set Content-Security-Policy "default-src 'self' https://www.googletagmanager.com *.images.google.com
something like that (not sure what ones you will need to add)
I'm trying to implement CesSharp for browser support inside of a Winform/WPF application and running into an issue getting the styles to apply on the page. I'm able to embed the browser into the page, but the styles are completely missing. When I check the log file, I see that they were blocked due to a strict MIME checking, but am unsure where I should go to intercept that check.
"Refused to apply style from 'https://example.com/styles/ig_panel.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.", source: https://example.com/myPage.aspx (0)
If I browse to myPage in the example, above I see that the type is showing as css not html, so I'm not sure where the incorrect MIME type is coming from. Is this something that can be addressed from the CefSharp RequestHandler or does it require changes on the server?
UPDATE: It appears that the css request in question when accessed through CefSharp is getting a http 405 causing the mime type to come out as text/html instead of text/css. Now to determine what's causing the 405.
I have PDFs, images, and text files in S3. I want the ability to create a download link to the file, but only sometimes. Sometimes my users want to view files on the web, but sometimes they want to click a "download" button to grab them in a single step (vs opening them and clicking the disk icon in the PDF viewer or hitting CTRL + S, etc.). For the latter case, I'd like to be able to generate a link that tells S3 what to do. It'd be nice if I could also control the name of the attachment, but I'd be more than happy to just be able to make an attachment.
Footnote
I am aware that you can add such headers to your files ahead of time, but this removes the ability for me to choose "download" or "view online" after the fact.
You can dynamically add headers to response based on the URL, by passing extra parameters response-content-disposition=attachment; filename='mycustomFileName' as described in the s3 Get Obejct docs.
That, however, only works for the authenticated (time limited) URLS, otherwise, user will receive InvalidRequest error similar to the following:
<Error>
<Code>InvalidRequest</Code>
<Message>
Request specific response headers cannot be used for anonymous GET requests.
</Message>
<RequestId>C5066C8E8F647EA2</RequestId>
<HostId>
ik5oj4QfcJX+5+F/PdootFuq47bh6hLpDqhbeyWlw+AADvMPpOPio6eYwXW7Fnx+H/zpVBM7DbA=
</HostId>
</Error>
If you want this to work with a non-authenticated users, download tag might be an option. As it described in this example, you can specify user-friendly filename instead of hash:
<a href="/images/490/736d910771bc3ee2.jpeg" download="some_nice_image_name.jpg">
although that clearly helps scrapers to automatically annotate your content.
I want to call attention to this issue which is almost a month old and hasn't been acknowledged:
https://code.google.com/p/googleappengine/issues/detail?id=9940
I'm wondering if there's any plans to fix or known workarounds - e.g to force the images to be served in jpg format always via some url modification.
Full issue description below
We've had some complaints that in Firefox and Safari images aren't showing up. These images have urls that were returned from the get_serving_url(blob_key, ... function listed here:
https://developers.google.com/appengine/docs/python/images/functions
For example, this image:
http://lh6.ggpht.com/b8DBpggeo8eZ7TMlJiUJFnMUuBXIkDe_5NZaEtpjfNh9_1BMjxReNBIyU9WMhhb96LDuzndsvdqBaiDiIGIJ=s470-c
Was not rendering in Safari - upon closer inspection using the developer console, I could see it was being served with content-type 'webp', even though Safari isn't saying it accepts image/webp in the request 'accepts' header. Attaching a screenshot of the request / response headers of an image served as webp to safari.
Unfortunately the issue is intermittent - the same image when loaded later may be served as a jpg.
Is it possible the image serving infrastructure is improperly sending back webp images even when the accepts header isn't present? Or perhaps there's some caching server along the way that isn't taking the accepts header into account?
The only way I know to take the contents of a local file and push those bytes to a server is to set up a form post with an <input> of appropriate type to prompt the user to select a file.
I would like to do the same thing only pushing the data through XMLHttpRequest (no cross-scripting tricks).
Currently, we do this with an iframe to get the post behavior.
My sense is the iframe is the only solution, but I post here in case I've missed something.
You could use the JavaScript File API (available in Firefox 3.6 or later and latest versions of Chrome and Safari). Basically, you can add an event listener to the <input> tag that will fire when a user selects a file. Then, you can upload it using an XMLHttpRequest. Also, the File API can allow you to do other fancy stuff, such as drag-and-drop uploads, getting information about a file before it is sent to the server, and providing a progress bar as a file is uploading.More info: https://developer.mozilla.org/en/using_files_from_web_applications
This is not a good cross-browser solution because it doesn't have good support in all the popular browsers (Internet Explorer), but you could use feature detection in JavaScript to detect if the File API is available and revert back to your iframe method if it is not.