I'd like to access to a web application which requires spnego authentification.
This application is running on a network on which i'm connected by VPN connection. Proxy not used.
It works fine under IE6/7/8, Chrome but not firefox 3.6.13
The matter on firefox is: I don't have the prompt message box to enter username and password
To configure my FF, i applied the following instructions, adding the domain name to the trusted and delegation uris fields.
Trying to access to the application, i get the following error message:
A browser did not respond to authentication challenge sent by a server.
Most probably your browser is not configured properly to handle SPNEGO authentication challenge or does not support SPNEGO.
Please, contact your System Administrator to deal with the problem.
Using TCPMon to get an overview of the informations received:
GET /AppName HTTP/1.1
Host: app.domain:8182
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 ( .NET CLR 3.5.30729; .NET4.0E)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: JSESSIONID=6E058E24D9E1873C80B14C56EC59B1E4
GET /AppName/ HTTP/1.1
Host: app.domain:8182
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 ( .NET CLR 3.5.30729; .NET4.0E)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: JSESSIONID=6E058E24D9E1873C80B14C56EC59B1E4
GET /AppName/logon HTTP/1.1
Host: app.domain:8182
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 ( .NET CLR 3.5.30729; .NET4.0E)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: JSESSIONID=6E058E24D9E1873C80B14C56EC59B1E4
HTTP/1.1 302 Déplacé Temporairement
Server: Apache-Coyote/1.1
Location: http://app.domain:8182/AppName/
Transfer-Encoding: chunked
Date: Tue, 14 Dec 2010 16:16:28 GMT
0
HTTP/1.1 302 Déplacé Temporairement
Server: Apache-Coyote/1.1
X-Powered-By: Servlet 2.4; JBoss-4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)/JBossWeb-2.0
Location: http://app.domain:8182/AppName/logon
Content-Type: text/html
Content-Length: 0
Date: Tue, 14 Dec 2010 16:16:28 GMT
HTTP/1.1 401 Non-Autorisé
Server: Apache-Coyote/1.1
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 01:00:00 CET
WWW-Authenticate: Negotiate
Connection: close
Content-Type: text/html
Transfer-Encoding: chunked
Date: Tue, 14 Dec 2010 16:16:28 GMT
4b9
I've checked for the other browsers and i got the same informations.
Do someone have an idea why FF can't interprete it, prompt a dialog box or enter the application ?
Thanks in advance for any help.
Best regards.
Related
I’m working on a website which is deployed kén azure and login through azure microsoft. However, it only works on login website on computer. Whenever I login to the website by some account ( on an ipad or an iphone, it turns to signin-oidc (error 500) and then I cannot access to home page or the other pages . Anybody face to this problem and is there any solution for this? Thanks
Go to my website -> login -> azure microsoft login page open -> login by azure microsoft -> return token from azure microsoft to client -> my website check access this token -> ....
Here is the content of the BeginAuth:
Summary
URL: https://login.microsoftonline.com/common/SAS/BeginAuth
Status: 200 OK
Source: Network
Address: *******
Initiator:
AjaxHandlerControl.js:110
Request
POST /common/SAS/BeginAuth HTTP/1.1
Content-Type: application/json; charset=UTF-8
Accept: application/json
Accept-Language: vi-vn
Accept-Encoding: br, gzip, deflate
Origin: https://login.microsoftonline.com
User-Agent: Mozilla/5.0 (iPad; CPU OS 12_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1.2 Mobile/15E148 Safari/604.1
Referer: https://login.microsoftonline.com/
Content-Length: 2220
Connection: keep-alive
Cookie: ESTSAUTH=AQABAAQAAABeAFzDwllzTYGDLh_qYbH8o3IjKkzc2x1r88yy-081xaEhysFzWkgE5Giluas3rg_Dp5-Fw5bh9r4-LSLhpkG14oOyEzrVVAOR4NPQXDA5JIAKdw1Xtan0t4znDHFGqQVix1O2lkm-Y2o1nlDxmM-_swpy5MAxb7yb_b2tA_b2ZMT_MoLndRqejWKdawyYST7h5bMr6ewZNg2ts52SqlXt4BveNWIWrq5mN-xO0D4_SyqC6DPun5N_4wZoyI0I7Zj5qE9qsosdLlqgBiPi_O18QoWqRWhfjJ2B6LoteSlSaF9QgRP409lFoKBDcs5eLguK1uPGPd4X-2AXixn217QIFztBBs-EQzqiJly5xXykGURHG_PUzSaCA2akgGKyD-5QDEIKA8VCniiFHwqoX8EQGdXCUeDjC5AkBk1rxhfeAM06bJ0H-Uz6KWvV5mFNhxwmUwArKSR-QBaN5soW7k63SvO8eF31GP_u2MC4QXjZnXD8YeHclcp3qt4nHGrMJ204p85hj_Lnqj5Aio23f_4WGGJoOUN5RQIrWFP2ua81ww2Cz12xSBGPmSka7F5EeB8LNF_oYx2omVhhFVKZJapnyiuEap_DOyiEntQCsIy6SY8nNyDdkDhYAmjzSS0-uJPYkpO4JCUWq5Z8FN6wrne1hgdN5f-HaHCHPqJw1b73LxWPJMMlOb1TceHvDfDahII99BFhLcGAEZJYE28o2rBopNHNDqOz1PcryTdV4IgNmtYZwq_VtGBKUN60BRuxXbBCfXKb62j9tc4HD2fEfJ7dXLv15Zt-o9hFFeJCKc04419BG9r_yeZ0yMezJv7_8jea-JG3mjyPkVbwEfoD8nSkIAAgAEAA8AEAAA; ESTSAUTHPERSISTENT=AQABAAQAAABeAFzDwllzTYGDLh_qYbH896tJrsebgq-fyKSmZvVkIpkuag5kO86qDT_eS2hkuIxJ6npcaoiZ9um5ixOHEjDUiO6wxp5f4fWs81K6-A0RVQmVmcDA9h9G-QdBz0Hwk06y7stWRwp3SfhkmEuKdYxDhuyE7pImTl_n3Wsn3Ur3196goptzdQt7dRP9Mnplc9UH5D1yPwH5AHsN0MySAO281n3E9sdk0muJOM7cD2IKRGSnSki5wV-Tt3hCSh9WiW-pkBDXn-3T0mY33ZfAOahd_rN7nkqLNmrNIHSmTEXSd-W7WO7Hbnc5Om5-_C16FD2Y8a52xTYPt11zxp4_LNw8IHxUhsRjnCz-vGGR0rYdqN9NGvYTxxKYtXX2Ws4gs8K1yDxYIAA5GvKbqikiDdeGby75flRayIzUIfbv0N86AAhpTzI1Vr2fH1Q6_16r_g9z25A8mjTI73rr6ZxBoSLxHrw3ZnFa-tJ-meYxbJyXXZYn3AALE27UVQfM8y3EC-4kcaG7jdN0m_KTv5_aEA_ih9KBYPWe8bznfYRsGpj8lOVJRqY-YfpRBauFUsjS0dvec4JrImQM3ZRXbTuEedz5OQsAwqc5tPTI4qjcQRFwKCAAIABAAEABAAA; ch=eOAhIE0-NkRYjR4kYgO1gT7y31dmx3VL9YMxYR9WdoI; ESTSAUTHLIGHT=+cf40cdde-d9b9-4c8a-a402-a73a4ec99c66; ESTSSC=00; buid=AQABAAEAAABeAFzDwllzTYGDLh_qYbH84TKiKjYi6BuVyBpssR3qZD2fNIWjWH4IUGj1tgV1CjBekKsQGEtqYNmdMRIXd7N8BOo9vpLQC07NWlPoRa1jUH_-ayS6xTMT9xGQjDEZ1UggAA; fpc=Ah-RTB1jgiFCgCfEhHxEiA42YPZ6AgAAABNet9UOAAAAElWPKAEAAABFXrfVDgAAAA; stsservicecookie=ests; x-ms-gateway-slice=prod; clrc={%2218281%22%3a[%22MGmgPvDz%22%2c%22k+8Er6ui%22]}; brcap=1; esctx=AQABAAAAAABeAFzDwllzTYGDLh_qYbH8LpxpIlSUEu2HI0fzE_V_IRZe2RNJp-f2QqQ5Q3Ier3lWomWnATFbyAXP5tkq-U9ruARvMs7F-zosSlydkgEpjXJzyEyfRACjhZ_vKuEVUEqzKoCErpAbskdeRUTjqrMo70cB4tpzTB4GZFZonBLCTk0Ml3cUT-LLTZuhiu3Y_h4gAA
Host: login.microsoftonline.com
hpgact: 2101
canary: AQABAAAAAABeAFzDwllzTYGDLh_qYbH8a9SO3xGF3g6AWJIZDi54fWSNEiKErEt6YvrvJ3Fm-lIO4Y7kO9-ACPx-kAIHTbn_u5mhreKAsiP-Hn_b2PV7QPvjMYjHNFmOtYhXtFueCuvsxD-V2agrgXRBl82z91-Vv7ketwmG5XCIAJ4RBJBnEHiv2jAc671jIueFntKCDdwcbJ2t-karKLeSSx7VYafv5aDr8MhFDm-03Io8LpfLVSAA
hpgid: 1114
hpgrequestid: aa519c8c-30f9-46dd-95bb-ee6094414d00
client-request-id: 8fa2950c-7b79-400d-ac8c-630c65ec4c48
Response
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Pragma: no-cache
Set-Cookie: fpc=Ah-RTB1jgiFCgCfEhHxEiA42YPZ6AgAAABNet9UOAAAAElWPKAEAAABFXrfVDgAAAA; expires=Wed, 19-Feb-2020 08:39:37 GMT; path=/; secure; HttpOnly
Set-Cookie: x-ms-gateway-slice=prod; path=/; secure; HttpOnly
Set-Cookie: stsservicecookie=ests; path=/; secure; HttpOnly; SameSite=None
Expires: -1
Cache-Control: no-cache, no-store
Date: Mon, 20 Jan 2020 08:39:36 GMT
Content-Length: 2356
X-Content-Type-Options: nosniff
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-ests-server: 2.1.9898.20 - SIN1 ProdSlices
x-ms-request-id: 0c407fdc-ec18-4822-9d91-d3c662525100
Strict-Transport-Security: max-age=31536000; includeSubDomains
client-request-id: 8fa2950c-7b79-400d-ac8c-630c65ec4c48
Request Data
MIME Type: application/json
Encoding: UTF-8
Request Data:
Here is the content of the EndAuth:
Summary
URL: https://login.microsoftonline.com/common/SAS/EndAuth
Status: 200 OK
Source: Network
Address: *****
Initiator:
AjaxHandlerControl.js:110
Request
POST /common/SAS/EndAuth HTTP/1.1
Content-Type: application/json; charset=UTF-8
Accept: application/json
Accept-Language: vi-vn
Accept-Encoding: br, gzip, deflate
Origin: https://login.microsoftonline.com
User-Agent: Mozilla/5.0 (iPad; CPU OS 12_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1.2 Mobile/15E148 Safari/604.1
Referer: https://login.microsoftonline.com/
Content-Length: 2249
Connection: keep-alive
Cookie: clrc={%2218281%22%3a[%22k+8Er6ui%22%2c%22MGmgPvDz%22%2c%22zHWAEBZj%22]}; fpc=AqGp0xmfg8lLgos3zMYZv1E2YPZ6AQAAAD9nt9UOAAAAElWPKAEAAABzZ7fVDgAAAA; stsservicecookie=ests; x-ms-gateway-slice=prod; ESTSAUTH=AQABAAQAAABeAFzDwllzTYGDLh_qYbH8PFcC4jCAPANOfMbq-YWj9-5u5ZM2Hz4lOtVb4th1FHqBtfAlPxYXbkTjGWbI0eqbYK3yBdWUzJaf_pjfuAqipUpJKfo388tRwdsTr9CtHJCsb2Bb-gj7weggZrS9qDlSiQ5yPiNdbpi1Q3eeed7T6rOIPDkM2JzgwuQPRTy1A7OElUbdPfqV1-y03NT-Oad5niK4qIyLO3qbUiXXSWAHPvW4Qucn9u5all3U2DEgJN5oDLwy58GOvgcl3m1N6XtwA8Ty67IybRFIWQD86VrNJwoTV9PD6mXBm7LI0ITaa9a6_3V2jBkVTIgVK8BTQUPdQs5SDFD_M9ER8mLbd99HRVlw_aB0rPB_wyML3EDDtStBbbm2PpLF7-Bc9LHmNdXhVTrtUlob46GTiSput6771BBKXJ1O7fVHv85aLIHoCq31FQwDxO8CxoRa-RK1AECnEVckc8FXVUzOEpr4AzIlB85f82AyKGX0TwmssksASFUd7gCiRNVVRQCgmORCqZgW-juZjLKFBPMbS9DnavYyxTmhzNKkHSy-9cIXFfEpCXlUXyYVJSoLBvKpFY9yWaz6-G1G86YiuLIjYzJQTHv0tgq403dHQ49M10FiOPpgrtVuUQu6Vg-4UIaZ-qy8RWEFrB13CFkhalyGgFdZfVEuzUaKM1WQAQaYa0w15Zvt2rtBSJWe9lD9RN4VGDOm2fUT_h_JAUBc5IqMMurH2ZtAL5ntKaQLM7cUytZ7dzt6OPJCK1UGRfI-bRIBtnjkSD0sKeScwrGzY9kLqjYc7YiiEjx-7z3yEn5x3pCwjQUMv__dDdCA-Q8gHFtrcBQcwLaOIAAgAEAA8AEAAA; ESTSAUTHPERSISTENT=AQABAAQAAABeAFzDwllzTYGDLh_qYbH8xJRdtnbkjGoFDDkcczRP-0vt8McGva1mrQ4Hlj-urVvuUAnk3WtFW0VM9UaZC0uE3AHrqYFjQ49FnfueYD8s2uwtC89QXtud4HyBPZx7VFdcTf4nbjQqWl--UfStURhk7Jkr-hiCQo8stX1jy5xTKD91nYnkt4Jh_lhO4ul5ByQcYAiH1aWvE-2FCt1bKOxs1-DnYPhvvl9sa0s6C4Awpz7kzLn0o_FlUeVNDoQ7AU99IU6gKeetRRx8MTFUy5enxbviahbL97gIoV3FX5MuVd40d_9QCwXD2QB450NgGPRAhyM81l0bHT7anMjcDhl-7fj26i2q6EGm0LTQvRH3C3BdpJrafvkBKZaDOqdpoqgQWefiS4JAPtDRJlKCoraFryHLRKuKIwSwT_0-q0B2Wbz2eA0-uVeQoT9QRycHAIi4uWMbpSlQIoOh8uDQ4XWkKxC1qIPGH5ph6yZGr6DBs9zw8F52_ABHjQtjZeqLwOH_2tJwhHlhRjseQQ-sfPqs2unGfEqH_ea1HcT6ghJkMwKbyWw5FgO_HtElrYNn9BIQt04jPBBupWH57uw-GdKlnyk1_iUFhTIG8In4g6nfoyAAIABAAEABAAA; ch=2ZexXvpi5pBsPVR3WldndSN3Jss01W9lqt3Oo4atPto; ESTSAUTHLIGHT=+ccbda084-3cfd-4fba-a121-64822022264b; ESTSSC=00; buid=AQABAAEAAABeAFzDwllzTYGDLh_qYbH83h0-hsSMC7dM5dkdMfsldYZQhtZ_5IMn2ZWccmkXmkyQugUDrd1sqLyFIo52qI1ICYVz0_3ozkcTDV1vemApeSunFPxJEyWbLhKWIIMiRSwgAA; brcap=1; esctx=AQABAAAAAABeAFzDwllzTYGDLh_qYbH8C_SETJvY2bJWBn6b4YBwYZ7oWTYtAHOB03Kf6w7z6vx4agejzLR-KrengZwkpZuVxa46rpVJHyjKDFiK21Ze093B5qYDaOrkz3uZPgiJdYqVbjuCum0RxKS6CmtEx7u5UHUmbF28DhO-fw7SE8GiQOgk-WMKtZ5l15V323DZ2yAgAA
Host: login.microsoftonline.com
hpgact: 2101
canary: AQABAAAAAABeAFzDwllzTYGDLh_qYbH8B01oIe03wUWEzPISTHAYY9DIzppZsJdHlAJVTT_qDkwW63QTbVzZyGyuWTH8DI13YW7IQFYQyNSmc82iyDqXYnIYXKzNwTXHaKFvgefiHsMs4s_H-iKu7nbw5riTkXpshEv8RqrNzUCQ5RzPkN_DmRrl6pxzpx5PE9xy_lbhsMNJhlRHR9ydR32alGrgIUMk5jeiWnXwyn-Iv0ZeaTm_liAA
hpgid: 1114
hpgrequestid: 6046baec-30dd-4d4d-b4c0-c2a9bdd65000
client-request-id: 907865da-9681-4d95-a65a-dd40a3661f79
Response
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Pragma: no-cache
Set-Cookie: fpc=AqGp0xmfg8lLgos3zMYZv1E2YPZ6AQAAAD9nt9UOAAAAElWPKAEAAABzZ7fVDgAAAA; expires=Wed, 19-Feb-2020 09:19:24 GMT; path=/; secure; HttpOnly
Set-Cookie: x-ms-gateway-slice=prod; path=/; secure; HttpOnly
Set-Cookie: stsservicecookie=ests; path=/; secure; HttpOnly; SameSite=None
Expires: -1
Cache-Control: no-cache, no-store
Date: Mon, 20 Jan 2020 09:19:23 GMT
Content-Length: 2356
X-Content-Type-Options: nosniff
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-ests-server: 2.1.9898.20 - SIN1 ProdSlices
x-ms-request-id: be26f84b-5386-4b04-a31f-64f06db04e00
Strict-Transport-Security: max-age=31536000; includeSubDomains
client-request-id: 907865da-9681-4d95-a65a-dd40a3661f79
Request Data
MIME Type: application/json
Encoding: UTF-8
Request Data:
Here is the content of the failed signin-oidc content:
Summary
URL: https://*****/signin-oidc
Status: 500 Internal Server Error
Source: Network
Address: *****
Request
POST /signin-oidc HTTP/1.1
Cookie: ARRAffinity=b67cf4989142f516cf1224c1da63f82fb954c6d5a9d7f17d287740c0647a1f76
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Content-Type: application/x-www-form-urlencoded
Origin: https://login.microsoftonline.com
Content-Length: 1886
Accept-Language: vi-vn
Host: *******
User-Agent: Mozilla/5.0 (iPad; CPU OS 12_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1.2 Mobile/15E148 Safari/604.1
Referer: https://login.microsoftonline.com/kmsi
Accept-Encoding: br, gzip, deflate
Connection: keep-alive
Response
HTTP/1.1 500 Internal Server Error
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Date: Mon, 20 Jan 2020 08:23:38 GMT
Transfer-Encoding: Identity
Cache-Control: no-cache
Access-Control-Allow-Origin: *
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=2592000
Server: Kestrel
Request Data
MIME Type: application/x-www-form-urlencoded
id_token: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6InBpVmxsb1FEU01LeGgxbTJ5Z3FHU1ZkZ0ZwQSJ9.eyJhdWQiOiJjNjA4ZjhhYi1lZjA4LTRjYjEtYjAzMy1hNzQyMjg0ODA3NmEiLCJpc3MiOiJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vMWZkMWRmYzQtZTVlMy00ZDM3LWFkZGItM2VjYTQxMWVjYWVjL3YyLjAiLCJpYXQiOjE1Nzk1MDgyOTMsIm5iZiI6MTU3OTUwODI5MywiZXhwIjoxNTc5NTEyMTkzLCJhaW8iOiJBV1FBbS84T0FBQUFSUWhkYzc3SWNXN2dMb0RHcUVkN2pnV3hoRDdtK29Kb0NPS3A0SkRnS3VlL3JCdno2V2NYNysvOUlYYXREWURKeUp6Y0I5MWs5SjJIbVJSZ2tUVEsyNGdWM0dLS3hteXVBTnJGUk4waDJIdS9jYVN6K1FzNUc3R21kYXJSVG5jSCIsIm5hbWUiOiJOZ29jLCBMdXUgVGhpIFBodW9uZyAoU0FMRSkiLCJub25jZSI6IjYzNzE1MTA1MzMyNTE2MTI4OC5OVGRsTkdFMU1ESXRNRGRpWWkwME1tRTVMV0ppWTJZdE1URXlaak15WW1FNU5UYzVObU16WkdJM01tSXRObU5tT1MwME5qVmlMVGd4TVRndFpqY3dOMlUxT0dJNU9EVTUiLCJvaWQiOiJkZWJlNTRlNy0wOWE0LTQ2MDItYmFlZC1jNWRjN2VkM2NiMjMiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJuZ29jLmx1dXRoaXBodW9uZ0Bub3ZhbGFuZC5jb20udm4iLCJzdWIiOiJEV1E1Y0pEbVA3WHI2Szloakx1enNiS2RmUUs3cERWNzBYbmpYTkVmbzRjIiwidGlkIjoiMWZkMWRmYzQtZTVlMy00ZDM3LWFkZGItM2VjYTQxMWVjYWVjIiwidXRpIjoiMHdQNEIyUWhpa081WEJHYkxoRkxBQSIsInZlciI6IjIuMCJ9.MO2h7kO8I9ANFI9TgJZCVGpl0J7oxmeMQPMKM1Vt8AzXqLxN46CS1q4QlAR8x8Ca_D8IPpB277HpumUVc4vseffBJ9i_M_6I4Qqt2bzmHCcIRqTGluc8C-UlEBFvIBshOILCjVpS6feESboRTbWkIgVPfArlb03FtvS1HDinaWpAWRMPSNr40sYvF_3I7VT4wk52Ne1ZZRIhB71wAbeYzlcBlXQJA8yZhg2oGuoBy3B0V45v8f9Kskd7wIgvq0rI-kxSTKIo7pxHclNnvjDJm4J4DeAdA5dzKdmaCTzN4EMDsOZY0y1vM3UdJnM1BQkHip3FyRQ1Hj6eolbPwafdaQ
state: CfDJ8H2WPQdBhutNkjRYYA9J-dr_EWgqMxJ32ez0tMZ1rrPWWnow1tT8M7sqGJspDcOU08NK2Hhg12jGCXAuI8biXhycBguS-EZgJnh2pYPq7SE8Fin-XaF17rJDxNXCEp-B1Rw8sTVbNLo-cdaTf0tqKE01Ey2srTrQA3-5Y5EgsQnZ-PuhzykvglYxeBbV09e2wZ7Cw0AngaZBwTYrs-3ETv8sakZwXTX2gFjUy5q61MCxpdhHepRvd2lT7ZEAWNXGrzBBVoM-VM0C-Lztf65ZqNhP_0U8vgwHsxvzA47KWEGbdMLC80xoGNLO1p8zU3n9Yzkdp0fsc5z7ExBTVAexe6WBoALObVNPSWBOhR0BEdRFgkyPfWJBYBbQTqwv-C6CwBojTOI4e4GPGZfmJXvlKQg
session_state: 7f9db494-e7d2-4803-b8ec-979d0dad856f
Return this page and can't go anything page on my website
I'm using blobstore to serve audio files embedded in HTML5 audio element. Because I have a blobkey as a part of url I can assume that for any given url its content will never change. That looks like a perfect setup for caching.
Yesterday I implemented a solution which seemed to work. At least I remember that it worked ;). Unfortunately today I discovered, that it doesn't work with Chrome and production server. It works perfectly with Internet Explorer and Firefox. It even works with Chrome and development server - I use version 1.7.6. My solution uses Cache-Control headers, but it seems that only Firefox makes any use of it. Additionally I added an ETag header. When I discover If-None-Match request header with the same value I return 304 code. That seems to work with Internet Explorer. It also works with Chrome and development server. I remember that it had worked yesterday with Chrome and production, but I'm not completely sure. Anyway the problem I have is why both caching mechanisms are ignored by Chrome. I suspect that it may have something to do with chunked encoding which is generated only for chrome, but I don't understand why caching is disabled in that case
And now a lot of details.
Firefox
Initial request headers:
Host: eduzabawy.appspot.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:20.0) Gecko/20100101 Firefox/20.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: pl,en-us;q=0.7,en;q=0.3
Range: bytes=0-
Referer: http://eduzabawy.appspot.com/dziecko/
Cookie: children="jEDor1B8VRDRJreWmUVlUQ\075\075"; session=eyJfc2lkIjoiWk91QmlsOEJlTEd4QVFuYVFiYkpsTyJ9|1365190508|81d81772f6f409dd57ad43a9f447f92d1b56d29e
Connection: keep-alive
Initial response headers:
HTTP/1.1 206 Partial Content
Cache-Control: public max-age=100000000
Content-Range: bytes 0-37249/37250
Content-Type: audio/ogg
Date: Fri, 05 Apr 2013 19:45:47 GMT
Etag: blobstore
Server: Google Frontend
X-Firefox-Spdy: 3
On subsequent loads it seems that Firefox doesn't even try to fetch the files. This is how I thought it should work.
Internet Explorer
Initial request headers:
Accept: */*
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Referer: http://eduzabawy.appspot.com/dziecko/
Accept-Language: pl-PL
Accept-Encoding: gzip, deflate
Host: eduzabawy.appspot.com
Connection: Keep-Alive
Cookie: children="WyzUQwHEzwX6qnjfn21KEw\075\075"; session=eyJfc2lkIjoia2VOd0llR0hvRHU1cUN0cE1QSWRpWCJ9|1365192921|f2279f82b21947c4d064dbf44a5ce9e1bd95cc0d
Initial response headers:
HTTP/1.1 200 OK
Cache-Control: public max-age=100000000
ETag: blobstore
Content-Type: audio/mpeg
Date: Fri, 05 Apr 2013 20:15:23 GMT
Server: Google Frontend
Content-Length: 4637
Subsequent request headers:
Accept: */*
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Referer: http://eduzabawy.appspot.com/dziecko/
Accept-Language: pl-PL
Accept-Encoding: gzip, deflate
Host: eduzabawy.appspot.com
If-None-Match: blobstore
Connection: Keep-Alive
Cookie: children="WyzUQwHEzwX6qnjfn21KEw\075\075"; session=eyJfc2lkIjoia2VOd0llR0hvRHU1cUN0cE1QSWRpWCJ9|1365192921|f2279f82b21947c4d064dbf44a5ce9e1bd95cc0d
Subsequent response headers:
HTTP/1.1 304 Not Modified
ETag: blobstore
Content-Type: audio/mpeg
Content-Length: 4637
Chrome + development server
Initial request headers:
Host: localhost:8080
Connection: keep-alive
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.43 Safari/537.31
Accept: */*
Referer: http://localhost:8080/dziecko/
Accept-Language: pl-PL,pl;q=0.8,en-US;q=0.6,en;q=0.4
Accept-Charset: ISO-8859-2,utf-8;q=0.7,*;q=0.3
Cookie: children="xYNsqzfdtZ-2Z764lFSzk1Ed8-g1QoNlcaexsD79gSY\075"; session=eyJfc2lkIjoiTE9CZDc0SHJENHF4OWJua1J4S3dTQSJ9|1365192253|37815772acab0bf44a0c501ea0fd0dc7c617dd09
Range: bytes=0-
Initial response headers:
HTTP/1.1 206 Partial Content
etag: blobstore
cache-control: public max-age=100000000
content-type: audio/mpeg
Content-Range: bytes 0-4636/4637
Content-Length: 4637
Server: Development/2.0
Date: Fri, 05 Apr 2013 20:32:19 GMT
Subsequent request headers:
Host: localhost:8080
Connection: keep-alive
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.43 Safari/537.31
Accept: */*
Referer: http://localhost:8080/dziecko/
Accept-Language: pl-PL,pl;q=0.8,en-US;q=0.6,en;q=0.4
Accept-Charset: ISO-8859-2,utf-8;q=0.7,*;q=0.3
Cookie: children="xYNsqzfdtZ-2Z764lFSzk1Ed8-g1QoNlcaexsD79gSY\075"; session=eyJfc2lkIjoiTE9CZDc0SHJENHF4OWJua1J4S3dTQSJ9|1365192253|37815772acab0bf44a0c501ea0fd0dc7c617dd09
Range: bytes=0-4636
If-None-Match: blobstore
Subsequent response headers:
HTTP/1.1 304 Not Modified
Content-Type: text/html
Server: Development/2.0
Date: Fri, 05 Apr 2013 20:33:08 GMT
Chrome + production server
Initial request headers:
Host: eduzabawy.appspot.com
Connection: keep-alive
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.43 Safari/537.31
Accept: */*
Referer: http://eduzabawy.appspot.com/dziecko/
Accept-Language: pl-PL,pl;q=0.8,en-US;q=0.6,en;q=0.4
Accept-Charset: ISO-8859-2,utf-8;q=0.7,*;q=0.3
Cookie: children="sU9aqnqEf67eZFpS7BKSMw\075\075"; session=eyJfc2lkIjoieFlGWlJLMnRwSHJuOVFCb1haTnJLUCJ9|1365194193|2a13cd9eb7aceeb40c43bd82a763d893436d9f1f
Range: bytes=0-
Initial response headers:
HTTP/1.1 206 Partial Content
Cache-Control: public max-age=100000000
ETag: blobstore
Content-Type: audio/mpeg
Content-Range: bytes 0-4636/4637
Date: Fri, 05 Apr 2013 20:36:35 GMT
Server: Google Frontend
Transfer-Encoding: chunked
Subsequent requests and responses are the same as initial.
Your max-age seems too long and going over 3 years... I read from somewhere the maximum you should set in GAE is no more than 1 year.
Anyway, there's one more header you should try to set (Pragma: Public), which worked for me (I'm caching image from blobstore though, here's a few lines from my source code):
httpResponse.Header().Set("Cache-Control", "public, max-age=600")
httpResponse.Header().Set("Pragma", "Public")
blobstore.Send(httpResponse, project.ImageBlobKey)
By the way the above also cause Google to delivery your file from the edge cache, which really speed static resources up a lot!
I'm trying to access the REST Disqus API using the following url:
http://disqus.com/api/3.0/threads/listPosts.json
?api_key=myKey
&forum=myForum
&thread:ident=myIdent
When I go to the url in Chrome, it works fine. When I try to download it in WebClient, I have difficulty:
WebClient data = new WebClient();
Uri queryUri = new Uri(DisqusQuery + ident, UriKind.Absolute);
data.DownloadStringCompleted += new DownloadStringCompletedEventHandler(onDownloadCompleted);
data.DownloadStringAsync(queryUri);
The DownloadStringCompletedEventArgs contain the following error:
{"The remote server returned an error: NotFound."}
at System.Net.Browser.ClientHttpWebRequest.InternalEndGetResponse(IAsyncResult asyncResult)
at System.Net.Browser.ClientHttpWebRequest.<>c__DisplayClass2.<EndGetResponse>b__1(Object sendState)
at System.Net.Browser.AsyncHelper.<>c__DisplayClass4.<BeginOnUI>b__1(Object sendState)
at System.Reflection.RuntimeMethodInfo.InternalInvoke(RuntimeMethoThe thread '<No Name>' (0xfc10086) has exited with code 0 (0x0).
What could I be doing wrong?
Update: Looking in Fiddler shows that the response is this:
HTTP/1.1 400 BAD REQUEST
Date: Sun, 28 Aug 2011 14:51:39 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Cookie,Accept-Encoding
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Length: 68
Connection: close
Content-Type: application/json
X-Pad: avoid browser bug
{"code": 11, "response": "Your API key is not valid on this domain"}
Here is the response when the request is from Chrome Incognito (not logged in to disqus):
HTTP/1.1 200 OK
Date: Mon, 29 Aug 2011 17:00:29 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Ratelimit-Remaining: 1000
Content-Encoding: gzip
Vary: Cookie,Accept-Encoding
X-Ratelimit-Limit: 1000
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Ratelimit-Reset: 1314640800
Content-Length: 3120
Connection: close
Content-Type: application/json
/* expected JSON response */
Update 2: The above error is using my public key. Using the secret key results in:
HTTP/1.1 403 FORBIDDEN
Date: Sun, 28 Aug 2011 20:40:32 GMT
Server: Apache/2.2.14 (Ubuntu)
Vary: Cookie,Accept-Encoding
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: close
Transfer-Encoding: chunked
Content-Type: application/json
2a
{"code": 5, "response": "Invalid API key"}
0
FIX:
Add something similar to the following line to your HttpRequest:
client.Headers[HttpRequestHeader.Referer] = "http://mywebsite.com";
Longer Description:
The problem has to do with the way Windows Phone is setting the HTTP Referer header.
When running the successful request from the browser address bar, Fiddler showed me this:
GET /api/3.0/forums/listPosts.json?forum=disqus&api_key=jRml... HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate, peerdist
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; Zune 4.7; InfoPath.3; MS-RTC LM 8)
Connection: Keep-Alive
Host: disqus.com
Cookie: disqus_unique=...
X-P2P-PeerDist: Version=1.0
When I examined the request sent by Silverlight in Fiddler, I saw the following:
GET /api/3.0/forums/listPosts.json?forum=disqus&api_key=jRml... HTTP/1.1
Accept: */*
Referer: file:///Applications/Install/9036AAF3-F213-4CFB-B57E-576A05E1896D/Install/
Accept-Encoding: identity
User-Agent: NativeHost
Host: disqus.com
Connection: Keep-Alive
By removing the Referer header and resubmitting via Fiddler, the query worked as I expected! So... all you need to do is manually set the HTTP Referer header to something you control (rather than letting Silverlight do it for you) and you should be good to go.
Oh - and also make sure you're using your public key, not the secret key.
/ck
Looks like the browser is getting additional info like username or something: X-User: anon:182210122933. This is missing when WebClient gets its response back. I guess this has something todo with the fact that you are logged in in the browser or that you have a typo in your api key.
Another interesting pointroject for you would be a library like http://disqussharp.codeplex.com/ which handles authentication most of the time.
Good luck!
I tried googling this by hard but was unsuccessful so far.
I've got an apache 2.2.16 on Debian with mod_deflate loaded and enabled like this:
LoadModule deflate_module /usr/lib/apache2/modules/mod_deflate.so
and
AddOutputFilterByType DEFLATE text/html text/css text/javascript application/x-javascript
DeflateFilterNote Input instream
DeflateFilterNote Output outstream
DeflateFilterNote Ratio ratio
LogFormat '"%r" %{outstream}n/%{instream}n (%{ratio}n%%) "%{User-agent}i"' deflate
CustomLog /var/log/apache2/deflate_log deflate env=!trash
When I open a page the log file says that it's compressing my CSS file (and others):
"GET / HTTP/1.1" -/- (-%) "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.17) Gecko/20110420 Firefox/3.6.17"
"GET /www/js/dojoToolkit/dijit/themes/claro/claro.css HTTP/1.1" 17244/118618 (14%) "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.17) Gecko/20110420 Firefox/3.6.17"
"GET /www/css/basis-min.css HTTP/1.1" 10877/61154 (17%) "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.17) Gecko/20110420 Firefox/3.6.17"
But Firebug and also Chrome do still get the uncompressed files, although the explicitly accept gzip and deflate encoding.
One interesting fact is also that the
Vary: Accept-Encoding
header is still set, unlike the Content-Encoding:
GET /www/js/dojoToolkit/dijit/themes/claro/claro.css HTTP/1.1
Host: www.getabstract.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.17) Gecko/20110420 Firefox/3.6.17
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,de-ch;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.getabstract.com/
Cookie: __utma=73758084.1377620539.1310985055.1310989511.1310990668.3; __utmz=73758084.1310985055.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); fpc10001731534234=Y63gTWM9|aCXc2doLaa|fses10001731534234=|aCXc2doLaa|Y63gTWM9|fvis10001731534234=Zj1odHRwJTNBJTJGJTJGd3d3LmdldGFic3RyYWN0LmNvbSUyRiZiPUhvbWVwYWdlJTIwRU4=|8M8Y7oT7YH|8M8Y7oT7YH|8M8Y7oT7YH|8|8M8Y7oT7YH|8M8Y7oT7YH; __ar_v4=262MD4C3UNHKBELB3VUEGS%3A20110717%3A20%7CTBE3U4YYEBCGHJ2QAUBVE4%3A20110717%3A20%7CXVIJYAN7KFDQXPECC3AI7E%3A20110717%3A20; JSESSIONID=abcKrMR5EVQv68Os6h9et; __utmc=73758084
Pragma: no-cache
Cache-Control: no-cache
Response:
HTTP/1.1 200 OK
Date: Mon, 18 Jul 2011 13:54:45 GMT
Server: Apache
Last-Modified: Wed, 04 May 2011 10:49:12 GMT
Etag: "28023a-1cf5a-4a27101cc1a00"
Accept-Ranges: none
Cache-Control: max-age=600
Expires: Mon, 18 Jul 2011 14:04:45 GMT
Vary: Accept-Encoding
Content-Length: 118618
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/css
Any ideas?
Thanks in advance.
Marc
Long shot: is apache treating your css file correctly - i.e. are the mime types configured correctly?
Where is your output filter set, in an included config or in an .htaccess [check that .htaccess is allowed to override]
Can you remove the filter & see if it will compress all content?
Lastly - is there a public URL we can test?
-sean
EDIT:
Hi Again, what are you using to test locally? I can see the correct content encoding in firefox/firebug/yslow. - [I also see several other issues] - if you are not using firebug, I suggest checking it out [strongly!] - but otherwise, yes, it appears your compression is working correctly.
-sean
I'm having problems getting SharePoint 2010/IIS 7.5 to respect byte-range requests. I'm developing a SharePoint 2010 Web Part using Silverlight, and am trying to retrieve part of a document stored inside SharePoint.
When I request a byte range of a file in SharePoint, the server responds with the entire file. However, if I request the same byte range from a file sitting on an Apache server, everything works as expected. Below are the http headers observed with Fiddler.
Any help would be really appreciated! Thanks.
Sent:
GET http://example.com/file.abc HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: http://example.com/index.html
Accept-Encoding: identity
Range: bytes=1061285-1064594
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.127 Safari/533.4
Host: example.com
Connection: Keep-Alive
SharePoint also takes login credentials:
Authorization: Negotiate TlRMTVNTUAABAAAAl4II4gAAAAAAAAAAAAAAAAAAAAAGAbAdAAAADw==
Received from Apache:
HTTP/1.1 206 Partial Content
Date: Wed, 25 Aug 2010 22:40:34 GMT
Server: Apache/2.0.54
Last-Modified: Fri, 20 Aug 2010 23:27:18 GMT
ETag: "b68e346-103ea9-a3c20180"
Accept-Ranges: bytes
Content-Length: 3310
Vary: User-Agent
Content-Range: bytes 1061285-1064594/1064617
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/x-zip
Received from SharePoint 2010 / IIS 7.5
HTTP/1.1 200 OK
Cache-Control: private,max-age=0
Content-Length: 1064617
Content-Type: application/octet-stream
Expires: Tue, 10 Aug 2010 22:40:56 GMT
Last-Modified: Wed, 25 Aug 2010 19:28:39 GMT
ETag: "{5A1DF927-D8CD-4BC0-9590-8188CF777A3D},1"
Server: Microsoft-IIS/7.5
SPRequestGuid: 99799011-5bdc-489f-99fd-d060a56d3ae4
Set-Cookie: WSS_KeepSessionAuthenticated={7703be10-bb56-4fa1-ba8b-cd05f482859f}; path=/
X-SharePointHealthScore: 5
ResourceTag: rt:5A1DF927-D8CD-4BC0-9590-8188CF777A3D#00000000001
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename=file.abc
X-Download-Options: noopen
Public-Extension: http://schemas.microsoft.com/repl-2
Set-Cookie: WSS_KeepSessionAuthenticated={7703be10-bb56-4fa1-ba8b-cd05f482859f}; path=/
Persistent-Auth: true
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 14.0.0.4762
Date: Wed, 25 Aug 2010 22:40:56 GMT
The problem is that SharePoint caching is off be default, and needs to be turned on to enable byte-range requests. See Disk-Based Caching for Binary Large Objects.
Note http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35.2:
"A server MAY ignore the Range header."
Thus whenever you are using a Range header you must be able to handle a 200 response. The fact that your server doesn't appear to support range serving is unfortunate, but conformant.