How to disable Safari Network Caches for specific URLs only? - safari

I am aware that in Safari you are able to disable all network cache by going to Web Inspector (Command + Control + i), network tab, and then check the disable caches button. That's nice but it would be even more nice if I could specify for what URLs the network cache should be disabled.
That way I would not have to toggle the network cache between each development session. Instead I'd be able to disable the network cache for all local.* , https://www.myurl.com or something like that.
Does anyone know of any way to achieve this in a simple way? šŸ˜ƒ

Related

Uploaded file is not visible in browser unless I force no cache browser reload

I am facing weird issue with file uploads. When I upload a new file to publicly visible folder, I can see it instantly in anonymous mode. But if i try to access it in non-anonymous mode, the server responds with 404 unless I do hard refresh (ie ctrl + F5 for Mozzila).
I have already disabled cache control headers for that folder in apache, but that did not seem to resolve the issue. It seems to me that the apache is storing information that "there is actually no file at requested url" and serves it to user unless user clears cache even if the file is uploaded at that location. Anyone ran into similar issue in the past?
By default, most browsers cache images, styles and scripts automatically. The easiest way to bypass this for development environments is to set the caching headers detailed here
Another common way to bypass caching is to set a random query parameter (usually ?v=<random value here>).
Chromium based browsers also have a disable cache option in the dev tools

How to remove Cloudflareā€™s javascripts slowing my site?

I have a WordPress site at http://biblicomentarios.com, and I use Cloudflare. No matter what I do, I canā€™t remove two javascript that comes from Cloudflare. I use GTMetrix, and I see them in the waterfall tab blocking my site. Those are email-decode.min.js and rocket-loader.min.js. Of course, Iā€™ve already disabled email obfuscation in the Scrape Shield tab, and I have Rocket Loader disabled. I purged ALL my caches (Cloudflare cache, Autoptimize cache, SuperCache, even the Cpanel cache). But the jsā€™s are pretty persistent, and they insist on appearing in GTMetrix waterfall, as blocking jsā€™s and so slowing my site. Also, I canā€™t add expires headers to them, so I have more than a reason to want them out of my site. Is there any way to remove them as they are already disabled in the Cloudflare panel?
Please, note
- Rocket Loader is disabled; the Scrape Shields email obfuscation is disabled.
- I have not a ā€œcdn-cgiā€ directory within my site or server. Typically, this directory is injected by Cloudflare, so both scripts come from Cloudflare.
- I have no ā€œappsā€ installed through CloudFlare.
- The blocking scripts paths are https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js and http://biblicomentarios.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js.
Depending on what Cloudflare plan you're on, you can set up "Page Rules" for your site or subsections of your site.
I'd suggest adding 2 rules -
Disable Security
This should prevent email-decode.min.js from loading.
Disable Performance
This should prevent rocket-loader.min.js from loading.
I think you can have one setting per rule, and 3 page rules if you're using the Free plan.
Go to Scrape Shield
Then Disable Email Address Obfuscation
This will Disable email-decode.min.js
Go to Speed -> optimization
Then Disable Rocket Loaderā„¢
This will Disable rocket-loader.min.js
Remember to Clear Cache
Just be careful.
Disable Performance
Will turn off
Auto Minify
Rocket Loader
Mirage
Polish

Dev tools not showing insecure content loaded in via javascript

I work with a lot of SSL/https pages that must be 100% secure so the lock is green and not yellow.
It's easy to pinpoint any 'dom level' scripts or images, because console puts out the error 'this page is loading insecure content from __'
The problem is when a secure https script loads NON-https image/script... it doesnt seem to be logged in chrome dev tools console as an error for loading insecure content. The only way to see it is if i manually move the mouse over like 80 different asset links, tracking pixels, etc and making sure it starts with https
Does anyone know a better way of handling this? Thanks!
In Firebug you can enable the display of a Protocol column. To do so you have to right-click onto the column headers inside the Net panel and click on Protocol. Then you can sort by that column by clicking on it's column header.
Doing so it should be pretty easy to spot the insecure request.
Sebastian

Is there any API to disable prerender feature in chrome?

Without using automation, is there any way to programmatically disable prerender feature (Advanced Setting: Predict network actions to improve page load performance) in google chrome?
I couldn't find any straight forward API that allows me to modify this setting. So, I tried modifying dns_prefetchin->enabled in the "[Chromedir]\User Data\Default\Preferences" file to "false". But that value was getting reset every time I open Chrome. Using the Procmon utility didn't provide me any additional clues on where chrome may store its settings.
Thanks in advance.
Edit: I should mention upfront that using command line option --prerender won't work as I need this value to be turned off for all instances of chrome (even when launched by Operating system shell).

Tools for finding Non SSL resources in web page (firebug like tool)

I'm trying to find a non-SSL resource that is being loaded on my site.
This happens occasional where one of us forgets to use the https version of a resource (like some js in a CDN).
My question is there any firebug-like tools to find these "Turds in the punch bowl"? I want my green padlock back :)
Besides Firebug, which you've mentioned, you can use the developer tools in Chrome:
Tools menu -> Developer Tools
Go through the list of loaded resources in the Network tab
Alternatively, the HttpFox extension for Firefox can also be useful. It will keep logging the traffic even when you change pages, which may be useful in some cases.
(This is very similar to Firebug.)
mitm-proxy is great for stuff like this - http://crypto.stanford.edu/ssl-mitm/
You run it on your local machine in a console window, set your browser to use it as a proxy, and you can watch /log everything that your browser requests. It's a little noisy since it shows SSL hand-shaking and file contents, but you can filter that down. When you need to debug SSL communications it's invaluable to see those details though..
mitm-proxy is based on http://grinder.sourceforge.net/g3/tcpproxy.html which has more in the way of scripting capabilities.