We have an online learning management system hosted in IIS. A common problem is learners have to clear browser cache to resume an online course that had minor updates in recent history.
The LMS is classic ASP, the server is Windows 2012, IIS 7.
What I am hoping is that IIS has a setting to serve files with a timeout on the cache expiration that the client browser will honor.
Any help appreciated.
You could use "httpExpires" attribute which specifies a date and time that the content should expire, You need to add an HTTP "Expires" header to the response.
To configure a cache expiration date for a Web site or application you could follow the below steps:
Open Internet Information Services (IIS) Manager.
In the Connections pane, go to the site for which you want to
disable caching.
From the feature view, select HTTP Response Headers.
In the HTTP Response Headers pane, click Set Common Headers... in the
Actions pane.
In the Set Common HTTP Response Headers dialog box, check the box to
expire Web content, select the option to expire after a specific
interval or at a specific time, and then click OK.
You could also refer below article for more detail information:
Client Cache
Regards,
Jalpa
Related
My Application is using CDN which is a caching server. Now when I use JMETER for recording the functional flow. Browser doesn't load any CSS,JS or image being cached at CDN server. Removing CDN is alo not good option because I need to judge performance with CDN in place. Please Guide
JMeter records only HTTP requests sent by browser, so if you have already visited this page your browser may already have these resources in its own cache therefore it doesn't send actual requests. If you want these requests to be recorded - you should clear your browsing history and especially delete cache. The procedure differs from browser to browser so check your browser documentation for details or check out How do I clear my web browser's cache, cookies, and history? article.
In general you should not be recording these calls as real browsers download these images, scripts and styles using concurrent thread pool, i.e. one main request followed by parallel requests to get the resources. The same behavior can be set up in JMeter using "Advanced" tab of the HTTP Request sampler (or even better HTTP Request Defaults, this way the setting will be applied to all HTTP Request samplers in scope)
I accepted the Security certificate for CDN server through browser only. And problem was solved.
I'm using Spring MVC, MySql and Tomcat 7.
Currently the application I'm developing can be accessed by 2 URLs namely IP:PORT/APP and www.app.com.
When accessing via www.app.com I see a session being created for every page/link that I open but it doesn't happen when I access via IP:PORT/APP.
I have a check for logged-in user in every page and due to too many sessions that check is failing and I'm being re-directed to my login page even after logging in.
Also when opening the www.app.com index page I see a jsessionid on the address bar and not when i open it via IP.
Any help/guidance is appreciated.
It seems that when you are accessing the page via domain name (www.app.com), cookie support is not found and hence the url rewriting is being done (i.e. appending jsessionid at the end of the url). But this is not observed while accessing the same page via IP Address (IP:PORT/APP), meaning cookie support is enabled at this time.
You can check if you have enabled some security settings that is not allowing cookies.
Further to this, it seems that even url rewriting is not helping as sessions are being created for every request.
You can use some HTTP Interceptors to analyze the request being sent and response being received in each case. You can use Developer Tool in Chrome to inspect this. Load you page in Google Chrome, Right Click on Page and Click 'Inspect Element'. Open the 'Network' tab. Reload the page. You can now inspect the HTTP Request Headers sent and Response Headers received for each request. Analyze the difference between the request using IP Address and requests using Domain Name.
Also, share the architecture of the application and the environment where you are testing the application.
Some of my users are getting the following error sometimes when they request some of the pages of my site:
Bad Request - Request Too Long HTTP Error 400. The size of the request headers is too long
It seems to happen only in Firefox.
Deleting the users cookies does help.
What I don't understand is the following: I thought that cookies are appended to every request. Why is it that only one or two of my pages show this error and most do never?
It is also not dependent on the server page. If the user requests
http://example.com/user/Myname
he might get the error.
If he just changes the capitalization of the URL it works again (like http://example.com/user/myname). (I am running IIS which does not care too much about capitalization).
For the browser the two URLs are different, for the server they aren't.
Any idea what is happening?
It seems that there were too many cookies after all. I made sure that there were not so many and it is working now.
Some of our users also ran into this same exception on IE 8 for some our our intranet sites hosted in IIS. The issue turned out to be related to using Kerberos authentication where a user belongs to many active directory groups.
We found solutions from the following Microsoft Support Articles:
HTTP 400 - Bad Request (Request Header too long)" error in Internet Information Services (IIS)
Problems with Kerberos authentication when a user belongs to many groups
The fix for us was to set the following registry keys with increased values and/or create them if they didn't exist:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters\MaxFieldLength DWORD (32bit) - assigned value data 32000 (Decimal)
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters\MaxRequestBytes DWORD (32bit) - assigned value data 8777216 (Decimal)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HTTP\Parameters] "MaxFieldLength"=dword:00007d00 "MaxRequestBytes"=dword:0085ee00
Solution 1
delete all domain cookie from your browser
In Firefox 53
Alt -> Tools -> Page Info
Security
View Cookies
Remove All
In Chrome
check this superuser solution
Solution 2
Install Web Developer extension ( Firefox ,Chrome , Opera)
go to cookies tab -> Delete Domain Cookies like below screenshot
Solution 3
use incognito mode and see if it works for you
More details:
I had the same problem in Chrome and using a list from SharePoint.
after diagnosing with Chrome developer dashboard's network tab. I checked the headers and find the large cookie starting with the name WSS_exp and removing all of them from chrome cookie manager resolved my problem
The problem is due to a cookie that has become corrupted. The easy solution is to delete all your cookies but here is the best way to solve that specific issue, I have created a customized guide for Firefox, Chrome, and Internet Explorer. See here : http://timourrashed.com/how-to-fix-the-400-bad-request-error-message-from-a-website/
Another reason for this error stems from the user being in too many active directory groups. More modern SSRS versions do not have this problem.
It appears that the list of AD groups get passed in along in an HTTP header. Older versions of SQL Server Reporting Services have a header size limitation. So if a user is in a excessive number of groups, the easiest fix will be to remove unneeded groups.
If removing groups is not an option, you should be able to edit the web.config file and increase the limit. You can see how to do that here...
https://www.mssqltips.com/sqlservertip/4688/resolving-the-maximum-request-length-exceeded-exception-in-sql-server-reporting-services/
This answer is only in the case of using the browser Local Storage to store users' data.
Because the Local Storage has a limit of 5MB per domain, it's never cleared on its own, and there is no expiry date to remove data. When the local storage reaches the 5MB limit then starts storing data as cookies. Later, when the size of cookies reaches 1MB, the browser shows the 400 error (the size of the request headers is too long).
In this case, it is better to clear the unnecessary data from the local storage after using them.
I used ViewData instead of TempData, and issue solved.
In IIS6, I notice that when "Enable content expiration" is not enabled, no cache-related or expiration headers are sent with the response. Yet static content, such as css files are properly returning 304 statuses on subsequent visits.
When does this content expire if nothing is specified? Is it browser dependent?
If Content Expiration isn't specified in IIS then the caching of website content will be controlled or affected by external factors such as your browser's settings, upstream proxies or content caching servers between the end user and your web server. These are often factors out side of your control.
Setting content expiration in IIS should force these 3rd parties to honour these caching settings and expire content at the correct time.
Running IIS5 (yes, really). I'd like to remove the eTag http header that IIS generates for me. MS has an article on how to sync eTags across the web farm, but not how to remove them ( http://support.microsoft.com/?id=922733 ).
Is there a way to remove eTags?
AFAIK, there's no easy way to remove etag of web resources such as image, css or js files from IIS 5. As each of the etag value regenerates on each subsequent web browser refresh which is unnecessary since there might not be any changes on those web resources.
You might want to try EtagFix, it doesn't remove the etag though but it stabilizes the etag values so they don't change until the web resources are modified.
EtagFix stabilizes the etag that
Internet Information Services (IIS)
generates so that it doesn't change
each time the web server is restarted.
http://www.isapilabs.com/Products/ETagFix/index.htm
Go into Inetmgr and in the website properties, switch to the HTTP Headers tab and add an "ETag" custom HTTP header with no value.
this blog post describes how to completely remove the Etag http header in IIS (iis 6,iis 7 and iis 7.5)
http://lightspeednow.com/blog/2010/05/21/iis-tutorial-how-to-completely-remove-etags-entity-tags-from-iis6-iis7-and-iis7-5/