Have added/set the header for access control in .htaccess file of the directory where the web application is present (drupal) . but when making a ajax request for it with jquery, the console error gives following message:
XMLHttpRequest cannot load http://localhost/drupal/get/news.
No 'Access-Control-Allow-Origin' header is present on the requested resource.
Origin 'http://127.0.0.1:56687' is therefore not allowed access.
the .htaccess is insider the folder "drupal" and the header is set at the following:
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
# Serve gzip compressed CSS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.css $1\.css\.gz [QSA]
# Serve gzip compressed JS files if they exist and the client accepts gzip.
RewriteCond %{HTTP:Accept-encoding} gzip
RewriteCond %{REQUEST_FILENAME}\.gz -s
RewriteRule ^(.*)\.js $1\.js\.gz [QSA]
# Serve correct content types, and prevent mod_deflate double gzip.
RewriteRule \.css\.gz$ - [T=text/css,E=no-gzip:1]
RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1]
<FilesMatch "(\.js\.gz|\.css\.gz)$">
# Serve correct encoding type.
Header set Content-Encoding gzip
# Force proxies to cache gzipped & non-gzipped css/js files separately.
Header append Vary Accept-Encoding
</FilesMatch>
</IfModule>
</IfModule>
Any help will be appreciated.
XMLHttpRequest cannot load http://localhost/drupal/get/news.
The above means that in your Drupal CMS, you have references pointing to your localhost. My guess is that you constructed your site locally, and then migrated to a live server, but in doing so, some of the references are not yet changed. I would recommend you to replace all http://localhost instances in your .sql file with http://yourdomain.com since the files are meant to be publicly available and no one else can access your localhost resources from outside network.
Related
I have Apache 2.2.15 configured on the test bed server to serve .webp in lieu of .jpg and .png if available. This works successfully. However, the same configuration does not seem to work on the outward-facing server running Apache 2.4.51.
These are the applicable lines from /etc/httpd/conf/httpd.conf:
<IfModule mime_module>
...
AddType image/webp .webp
...
</IfModule>
<IfModule rewrite_module>
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} Chrome [OR]
RewriteCond %{HTTP_USER_AGENT} Edg [OR]
RewriteCond %{HTTP_ACCEPT} image/webp
RewriteCond %{DOCUMENT_ROOT}/$1\.webp -f
RewriteRule (.+)\.(?:jpe?g|png)$ $1.webp [NC,T=image/webp,E=webp,L]
<IfModule headers_module>
<FilesMatch "(?i)\.(jpe?g|png)$">
Header append Vary Accept env=REDIRECT_webp
</FilesMatch>
</IfModule>
The only difference between the two configuration files is a) use of the module names (so as to be consistent with the rest of the configuration files) versus the source-file name, and b) the AddType for image/webp is inside the IfModule mime_module block.
I have checked ( httpd -M ) that mod_mime, mod_rewrite and mod_headers.so are all loaded so that isn't the issue (?). Tested with both Chrome and Edge as clients. Verified that the webp images did get there with release make via find(1). but...
Environmentally, the inward facing test bed serves via http, the outward facing production serves via https, but for the life of me I dont know how that would have any affect???
Anyway, I would appreciate a new set of eyeballs on this. [On the test bed, this knocked off about 40% of the page load, so its a rather big deal .]
Note
Someone suggested that this is a duplicate of How to serve precompressed gzip/brotli files with .htaccess. That question seeks only to serve pre-compressed files. This question is different. Please see below.
My Goal
I want to serve pre-compressed brotli files when they exist. If no pre-compressed brotli file exists, fall back to on-the-fly gzip-compression.
Current Code
I'm working on a site that already has on-the-fly gzip enabled from its .htaccess file as follows:
<ifmodule mod_deflate.c>
AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml...
</ifmodule>
Modified Code
I've setup a build script that compresses many static assets with brotli. In order to serve them, I've replaced the above mod_deflate block with the following:
<IfModule mod_headers.c>
# Serve brotli compressed CSS and JS files if they exist
# and the client accepts brotli.
RewriteCond "%{HTTP:Accept-encoding}" "br"
RewriteCond "%{REQUEST_FILENAME}\.br" "-s"
RewriteRule "^(.*)\.(js|css)" "$1\.$2\.br" [QSA]
# Serve correct content types, and prevent double compression.
RewriteRule "\.css\.br$" "-" [T=text/css,E=no-brotli:1]
RewriteRule "\.js\.br$" "-" [T=text/javascript,E=no-brotli:1]
<FilesMatch "(\.js\.br|\.css\.br)$">
# Serve correct encoding type.
Header append Content-Encoding br
# Force proxies to cache brotli &
# non-brotli css/js files separately.
Header append Vary Accept-Encoding
</FilesMatch>
</IfModule>
The Problem
This serves brotli-encoded files when they exist as expected. However, the problem I face now is that, because the remaining assets are not brotli-encoded at build time, they are now served with no compression.
I've been unable to figure out how I might serve brotli with a gzip fallback that does not require me to pre-compress for gzip output.
Any help is appreciated, thank you!
Your problem is you’ve replaced the dynamic gzip config with the static.
You need both bits of config in place but also to change your Brotli code to set the environment to no-gzip so it won’t fallback. The below should work;
<ifmodule mod_deflate.c>
AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml...
</ifmodule>
<IfModule mod_headers.c>
# Serve brotli compressed CSS and JS files if they exist
# and the client accepts brotli.
RewriteCond "%{HTTP:Accept-encoding}" "br"
RewriteCond "%{REQUEST_FILENAME}\.br" "-s"
RewriteRule "^(.*)\.(js|css)" "$1\.$2\.br" [QSA]
# Serve correct content types, and prevent double compression.
RewriteRule "\.css\.br$" "-" [T=text/css,E=no-gzip:1]
RewriteRule "\.js\.br$" "-" [T=text/javascript,E=no-gzip:1]
<FilesMatch "(\.js\.br|\.css\.br)$">
# Serve correct encoding type.
Header append Content-Encoding br
# Force proxies to cache brotli &
# non-brotli css/js files separately.
Header append Vary Accept-Encoding
</FilesMatch>
</IfModule>
Im trying to serve precompressed gzip/brotli files for html, js and css.
With the following code.
RewriteEngine on
# Brotli
# If the web browser accept brotli encoding…
RewriteCond %{HTTP:Accept-encoding} br
# …and the web browser is fetching a probably pre-compressed file…
RewriteCond %{REQUEST_URI} .*\.(css|html|js)
# …and a matching pre-compressed file exists…
RewriteCond %{REQUEST_FILENAME}.br -s
# …then rewrite the request to deliver the brotli file
RewriteRule ^(.+) $1.br
# For each file format set the correct mime type (otherwise brotli mime type is returned) and prevent Apache for recompressing the files
RewriteRule "\.css\.br$" "-" [T=text/css,E=no-brotli,E=no-gzip]
RewriteRule "\.html\.br$" "-" [T=text/html,E=no-brotli,E=no-gzip]
RewriteRule "\.js\.br$" "-" [T=application/javascript,E=no-brotli,E=no-gzip]
# Gzip
# If the web browser accept gzip encoding…
RewriteCond %{HTTP:Accept-Encoding} gzip
# …and the web browser is fetching a probably pre-compressed file…
RewriteCond %{REQUEST_URI} .*\.(css|html|js)
# …and a matching pre-compressed file exists…
RewriteCond %{REQUEST_FILENAME}.gz -s
# …then rewrite the request to deliver the gzip file
RewriteRule ^(.+) $1.gz
# For each file format set the correct mime type (otherwise gzip mime type is returned) and prevent Apache for recompressing the files
RewriteRule "\.css\.gz$" "-" [T=text/css,E=no-brotli,E=no-gzip]
RewriteRule "\.html\.gz$" "-" [T=text/html,E=no-brotli,E=no-gzip]
RewriteRule "\.js\.gz$" "-" [T=application/javascript,E=no-brotli,E=no-gzip]
<FilesMatch "\.(css|html|js)\.br$">
# Prevent mime module to set brazilian language header (because the file ends with .br)
RemoveLanguage .br
# Set the correct encoding type
Header set Content-Encoding br
# Force proxies to cache brotli & non-brotli files separately
Header append Vary Accept-Encoding
</FilesMatch>
<FilesMatch "\.(css|html|js)\.gz$">
# Serve correct encoding type
Header set Content-Encoding gzip
# Force proxies to cache gzip & non-gzip files separately
Header append Vary Accept-Encoding
</FilesMatch>
My Folderstructure looks like this:
.htaccess
index.php
/css/
/css/main.css
/css/main.css.gz
/css/main.css.br
But I get 404s when using the code above.
Setting the RewriteBase fixed it.
RewriteBase /
Writing this to help others. I had to add %{DOCUMENT_ROOT} in the RewriteCond to get it to work.
Essentially, change all RewriteCond to
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_FILENAME}\.br -s
For me the problem was, that brotli compression is not supported for http connections. See Why is Brotli not supported on HTTP?
I'm redoing an entire website and the browser is using the cached index.html of pages that are at the same URL.
This is the entire content of the .htaccess file in one of the problem directories:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /products/
# Remove 'index.html' from the URL for old links that include it.
RewriteCond %{THE_REQUEST} ^.*\index\.html?\ HTTP/
RewriteRule ^(.*)index\.html?$ "/products/$1" [R=301,L]
# Use index.php for all requests.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ /products/index.php [L]
</IfModule>
# An atempt to tell the browser not to use a cached .html file.
ExpiresActive on
ExpiresByType text/html "access plus 0 seconds"
<FilesMatch "\.(html)$">
Header set Cache-Control "private, must-revalidate"
</FilesMatch>
I've tried multiple things here, but nothing is working. This is all I see in the headers:
Request URL:http://www.example.com/products/
Request Method:GET
Status Code:200 OK (from cache)
There are no Request Headers or Response Headers.
I'm thinking I can maybe try a RewriteRule to add something like ?28032012 to the end of something, but I don't know how to even attempt that.
I've read that appending ?version=<%=version%> to problematic file names is a good method of cache busting. You may also try as an easier solution the http header "cache-control: max-age = 600" so that anything on the page that is 10 minutes or older is pulled from the server.
You can just append /? to the end of your URL.
Example:
www.google.com/?
The solution I ended up using for this was to redirect all www requests to non www requests. So basically, this approach prevented any browsers from using any cached resources because the www version of the site no longer exists.
This is worked for me.
<IfModule mod_headers.c>
Header set Cache-Control "no-cache, no-store, must-revalidate"
Header set Pragma "no-cache"
Header set Expires 0
</IfModule>
Reference: https://wp-mix.com/disable-caching-htaccess/
Here's a list of stuff I tried in random order:
AddHandler application/x-httpd-php .otf
AddType
default_mimetype
auto_prepend_file = "otf.php"
zlib.output_compression = On
output_handler = ob_gzhandler
header("Content-type: application/octet-stream");
Even though all the PHP files of the server get gzipped using zlib, replacing the .otf extension by .php didn't work either.
With .htaccess, you could do like this, assuming font file is fontfile.otf.gz, browser request that as fontfile.otf
RewriteEngine On
#Check for browser's Accept-Encoding, remove it for force return gzipped one
RewriteCond "%{HTTP:Accept-Encoding}" "gzip.*deflate|deflate.*gzip"
#check file name is endswith otf
RewriteCond %{REQUEST_FILENAME} "\.(otf)$"
#check existance of .gz file name
RewriteCond %{REQUEST_FILENAME}.gz -s
#rewrite it to .otf.gz
RewriteRule ^.*$ %{REQUEST_URI}.gz [L]
#update some response header
<FilesMatch "\.otf\.gz$">
AddEncoding gzip .gz
ForceType "text/plain"
</FilesMatch>
And if font file and web site is cross-domain, you need to put Access-Control-Allow-Origin, firefox will not load font objects cross-domain.
In Gecko, web fonts are subject to the
same domain restriction (font files
must be on the same domain as the page
using them), unless HTTP access
controls are used to relax this
restriction.
Header set Access-Control-Allow-Origin *