I have a .Net 4.5.2 WebApi 2.2 REST service. Windows 7 machine running IIS 7.5. It doesn't do much but return the current date/time. When hosted in IIS, I get response headers that look like this:
HTTP/1.1 200 OK
Cache-Control: max-age=60
Content-Length: 58
Content-Type: application/json; charset=utf-8
ETag: "c664145c-6923-44b6-b3fb-ff7e50259b44"
Server: Microsoft-IIS/7.5
ApplicationDate: Test with date 4/3/2015 3:18:08 PM
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 03 Apr 2015 19:18:10 GMT
{"messages":[],"result":"All is well 4/3/2015 3:18:07 PM"}
If I call it a second time, I see this:
HTTP/1.1 200 OK
Cache-Control: max-age=60
Content-Length: 58
Content-Type: application/json
ETag: "c664145c-6923-44b6-b3fb-ff7e50259b44"
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 03 Apr 2015 19:27:25 GMT
{"messages":[],"result":"All is well 4/3/2015 3:18:07 PM"}
My custom header (ApplicationDate) is gone, and the time hasn't changed. The key is probably the Cache-Control: max-age=60 in there. I don't know where it's coming from!
If I run it "Self Hosted", same code...I see this:
HTTP/1.1 200 OK
Content-Length: 58
Content-Type: application/json; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
ApplicationDate: Test with date 4/3/2015 3:35:31 PM
Date: Fri, 03 Apr 2015 19:35:31 GMT
{"messages":[],"result":"All is well 4/3/2015 3:35:30 PM"}
Something in the IIS pipeline is setting max-age. (BTW, testing with SoapUI and Fiddler, no browser issues to complicate things)
I have tried disabling the IIS OutputCache module. I verified using FailedReqLogFiles:
OUTPUT_CACHE_LOOKUP_END
Result 4
Result CACHING_DISABLED
When I change the cache-control headers in code, I see the changes in the Self-Hosted version, but something overwrites the headers in the IIS version back to max-age=60.
HTTP/1.1 200 OK
Cache-Control: max-age=60
Pragma: no-cache
Content-Length: 58
Content-Type: application/json; charset=utf-8
ETag: "3ce2e8b6-4891-496e-8bb7-087590239d6b"
Server: Microsoft-IIS/7.5
ApplicationDate: Test with date 4/3/2015 3:49:19 PM
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 03 Apr 2015 19:49:19 GMT
{"messages":[],"result":"All is well 4/3/2015 3:49:19 PM"}
Here's the controller:
/// <summary>
/// Get "REST" status
/// </summary>
/// <returns></returns>
[ActionName("GetStatusDate")]
[Route("GetStatusDate")]
public HttpResponseMessage GetStatusDate()
{
CommonResponse<string> response = new CommonResponse<string>();
response.Result = "All is well " + DateTime.Now;
HttpResponseMessage responseMessage = Request.CreateResponse(HttpStatusCode.OK, response);
responseMessage.Headers.Add("ApplicationDate", "Test with date " + DateTime.Now);
responseMessage.Headers.Remove("Cache-Control");
responseMessage.Headers.CacheControl = new CacheControlHeaderValue()
{
MaxAge = TimeSpan.FromSeconds(11),
NoCache = true,
Private = true
};
responseMessage.Headers.Add("Pragma","no-cache");
return responseMessage;
}
What is setting max-age?
Thanks,
Sean
So, I should have waited another hour before posting the question....turns out the problem was that the CacheOutputAttribute (OutputCache.V2) was not only set on specific resources, but had been added to the global filter collection. Since it inherits from FilterAttribute, IActionFilter, it worked fine as a global filter. That is why all calls were getting cached. It took ripping the project down to nothing to find the issue.
Sean
Related
request is present "accept: application/xml; charset=utf-8" but response content is json
Request:
Connection: Keep-Alive
Accept: application/xml; charset=utf-8
Content-Type: application/xml; charset=utf-8
Response:
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Mon, 07 Jan 2019 17:11:14 GMT
Content-Length: 31
{"cod":1,"msg":"","data":"100"}
software is developerd with .net framework 4.6.1
I noticed that if I return an anonymous class this will be serialized in json and never in xml.
to solve the problem, just return a non-anomalous calsse and it will be serialized correctly.
I'm integrating with applozic for a client, and I need to send messages with attachments to users. I'm following the steps here: https://docs.applozic.com/docs/1-1-user-chat-and-group-chat-api#section-send-message-with-attachment on how to do this.
I'm having trouble with step 2:
Step 2. Call Url With multipart :
Call API with your file object attached to files[] array:
the requests I send are rejected with a 405 error, for example....
Request:
POST /_ah/upload/AMmfu6ZQrGP3Szfk1GuQAb_2a3J7PPWhQoiRbTnEjLp2MIzpuoeHrYryXhlzI6NW9JikjpJbT-HEtHAIk3og-Gl5EesCzBASipgtq1Hvh-PN90sjvasjRBvtO5XIFWi08gGfqTYUNT0C/ALBNUaYAAAAAWocIx4JPtA2a7LU00w1_pRui2Q3NjLR5/
application-key: XXXX
authorization: Basic XXXXX
cache-control: no-cache
accept: */*
host: applozic.appspot.com
accept-encoding: gzip, deflate
content-type: multipart/form-data; boundary=--------------------------523557777486909202804628
content-length: 286288
--------------------------523557777486909202804628
Content-Disposition: form-data; name="file"; filename="attachment.pptx"
Content-Type: application/vnd.openxmlformats-officedocument.presentationml.presentation
....file data....
Response:
HTTP/1.1 405
status: 405
x-guploader-uploadid: AEnB2UpLhLC9VKz0ysfP-WcNTgGCFc_67dVEp_-ANZsLTvWfEOFgyMWKKvpehGa3I6E9Q_s8S7LQAcYFlTt-J8LwVqRosha6lNros6eECUP5JdJ_RsZMW9g
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE
access-control-max-age: 3600
access-control-allow-headers: UserId-Enabled, Authorization, Application-Key, Source, Content-Type
allow: GET
x-cloud-trace-context: 728352eed99001ff946db65f68daf518;o=1
x-appengine-estimated-cpm-us-dollars: $0.000026
x-appengine-resource-usage: ms=93 cpu_ms=605
date: Fri, 16 Feb 2018 16:29:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-length: 0
server: UploadServer
content-type: text/html; charset=UTF-8
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Could someone tell me what i'm missing here? It's responding with allow: GET which doesn't make sense, am I failing auth somehow?
Is there any more documentation available on this feature?
Step 1. Get Url to Upload File
Call API:
https://applozic.appspot.com/rest/ws/aws/file/url?data=1478763491992
where data= currentTime in long
API Response String:
https://applozic.appspot.com/_ah/upload/AMmfu6YAZpXFUYvC7wqIcW7msh8-YF1d7Tsh1UOTSCzpx2vinrcLQRtVfWbFHHXLFunUqsSLe1dYsDbsJxIO28cNcGrECf7LfFaNSycct-Sybd9KAZWk0yk7HybzxbBp4YQEDmMLi4Uf/ALBNUaYAAAAAWovz3TcYX24yam5K3embIkgQ6Q1pGIRf/
Step 2. Call Url With multipart :
Call API with your file object attached to files[] array(Parameter:files[]):
https://applozic.appspot.com/_ah/upload/AMmfu6YAZpXFUYvC7wqIcW7msh8-YF1d7Tsh1UOTSCzpx2vinrcLQRtVfWbFHHXLFunUqsSLe1dYsDbsJxIO28cNcGrECf7LfFaNSycct-Sybd9KAZWk0yk7HybzxbBp4YQEDmMLi4Uf/ALBNUaYAAAAAWovz3TcYX24yam5K3embIkgQ6Q1pGIRf/
filetMeta json Response:
{"fileMeta":{"blobKey":"AMIfv96n1wlMLpa3R_1i4nbFc4L1RLG81W5RovnPqMhVspzzJv5WBbnYgI4uwZkNjvzszNqsWwEQU6mrYoYsaoa2Vhi45p3P7bvQhAO1ciEL1K1yZJ2HB-goYPULYumC7LA8h33p_Ry
JBewFK8FogMDPR4_4zjClIg","contentType":"image/png","createdAtTime":"1478763491698","name":"applozic.png","size":"8694","thumbnailUrl":"https://lh3.googleusercontent
.com/EfnmKkzLtwBgYQq9UWc26oVqSZUiGukhXQgq7ns9a3G53ZAveFOszamvsqD-tbOfuirqERBO0QR60xFgYiGr=s120"}}
Try this request :
Post request
Url:-
https://applozic.appspot.com/_ah/upload/AMmfu6ZB1z1BBDQMh_ztllvkde5mest9aFeqDHoSmCLzGH3vEtqQLKKOZG820ONgNCOc3BatKJL-59Tppm76zvyfw773R4lEa7m3gaM4cdKGbDU5oy8R_9zt_PT12j8xYSK2oh3rO3xa/ALBNUaYAAAAAWoq31zwU986GLyomPgxjoJb6qHuf4iIx/
Param:files[]
I am trying to set hbase property through Ambari API using following command
curl -u "admin:admin" -i -X POST -d '{"type": "hbase-site", "tag": "version3", "properties" : {"hbase.regionserver.global.memstore.size" : "0.6"}}' https://abct.net/api/v1/clusters/xyz/configurations
But keep getting following error
HTTP/1.1 400 Bad Request
Content-Length: 107
Content-Type: text/plain
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Microsoft-IIS/8.5
x-ms-hdi-active: 10.8.18.29
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
User: admin
X-Powered-By: ARR/3.0
Set-Cookie: AMBARISESSIONID=2e8ortl32j1p7zdjatigdgvg;Path=/;HttpOnly; path=/; secure
X-Powered-By: ASP.NET
Date: Mon, 12 Sep 2016 18:19:38 GMT
{
"status" : 400,
"message" : "CSRF protection is turned on. X-Requested-By HTTP header is required."
}
What am missing here ?
Turns out you have to add the request header to the request for anything other than a GET request.
You can add the header with
curl --header "X-Requested-By: my_computer_name"
Or
You can disable this feature.
I had same problem in c# Rest client. Using Brig's answer fixed it:
HttpClientHandler handler = new HttpClientHandler
{
Credentials = new System.Net.NetworkCredential("xxxx", "yyyyy"),
};
using (var httpClient = new HttpClient(handler))
{
//"X-Requested-By: my_computer_name"
httpClient.DefaultRequestHeaders.Add("X-Requested-By","my_computer_name");
I have a svc service running on crm.mch.be. On a specific request it returns a response with this headers:
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type
Access-Control-Allow-Origin: *
Access-Control-Request-Method: GET
Content-Length: 66
Content-Type: application/json; charset=utf-8
Date: Tue, 14 Apr 2015 14:20:56 GMT
Server: Microsoft-IIS/7.5
Set-Cookie: .ASPXAUTH=800196267D28CE...; Path=/; Domain=crm.mch.be
X-Powered-By: ASP.NET
The request is made through an (jQuery) ajax call made from wip.myserver.local.
The problem is the cookie isn't set.
When the ajax call complete I redirect (window.location.href = ...) the user to the website crm.mch.be. But it doesn't have the cookie set.
And prior the redirection, if I list all my browsers cookies, this cookies doesn't exist.
Access-Control-Allow-Origin: *
Isn't good for credentials/cookies http exchanges in browsers.
One have to be more restrictive and specify the domain.
Access-Control-Allow-Origin: wip.myserver.local
I have a problem with the playback of my MP3 files with mediaelements.js.
In my AJAX request I get my MP3 file and set the audio src.
If I get the real MP3 by URL like:
http://host.com/real/path/tp/mp3
and set this as my audio src the player works well.
Now...
When I request my MP3 through a script which gets the MP3 from my storage folder like this:
$headers = array(
'Content-Type' => File::mime(File::extension($mp3)),
'Content-Length' => filesize($mp3),
'Content-Transfer-Encoding'=>'',
'Cache-Control' => 'must-revalidate, post-check=0, pre-check=0',
);
return Response::make(readfile($mp3), 200, $headers);
The player start to play the MP3 file, but I can't wind it.: (
Response header of the real MP3 path:
HTTP/1.1 200 OK
Date: Tue, 26 Mar 2013 18:47:27 GMT
Server: Apache/2.2.16 (Debian)
Last-Modified: Tue, 26 Mar 2013 14:37:28 GMT
ETag: "8d4b852-7b7342-4d8d4dc53fa00"
Accept-Ranges: bytes
Content-Length: 8090434
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: audio/mpeg
Response header of my Laravel script which sends the MP3:
HTTP/1.1 200 OK
Date: Tue, 26 Mar 2013 19:02:33 GMT
Server: Apache/2.2.16 (Debian)
Content-Length: 6330826
content-transfer-encoding: binary
cache-control: must-revalidate, post-check=0, pre-check=0, private
Set-Cookie: laravel_session=16f4d83c0ce0262a90df3a0229f8b8ba261eaad7%2BDZIBuW8nbRbBMT7Nvu0NGQ9Rfqaiu6SAS 1wGjYse; expires=Tue, 26-Mar-2013 20:02:33 GMT; path=/; httponly
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: audio/mpeg
I had to set the following header:
"Accept-Range" => "bytes"
to work. Problem is fixed now. :)