HTTP 302 redirect caching on Opera Mini - redirect

I'm developing a site where I am using the common Post/Redirect/Get pattern (https://en.wikipedia.org/wiki/Post/Redirect/Get) when submitting forms. In my particular case this is items for a todo list - so I'm POSTing to say https://example.com/group, processing that request server side adding the new item to a database, and then returning a 302 response (http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.3) to indicate the browser should redirect (GET) to https://example.com/group which then displays a list of all the todos submitted to the db. This partly works as expected on Opera Mini, but on both Opera Mini on Android (v12) and on the microemulator on Mac OSX (I haven't tested on other versions), the resulting page shows the list of todos without the new item, until I refresh the page manually at which point the list returned does include the new item.
I'm assuming what's happening here is that the page being shown after the redirect is the version which has been cached on Opera's proxy server previous to the POST request. If this is the case, is there a way I can indicate to the proxy server that it should display a fresh version of the page from my server rather than the cached version? I have also tried the more correct 303 status code (http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.4) but the same thing happens - although the spec says for this:
The 303 response MUST NOT be cached, but the response to the second (redirected) request might be cacheable'
although I have found no references to how this redirected request can me marked as non-cacheable. Incidentally all other browsers seem not to cache this redirected request at all.
Thanks very much for you help in advance.
Chris.

Related

Jmeter 302 instead of 200

I have two request in 1st request is giving me 307 redirect along with location header.
I pull Location header from response headers of 1st request and then passed it to second request.
Now 2nd request is giving me 302 every time.
I tried to play with follow request / redirect automatically options in 1st and 2nd request. However it didnt help. I checked both requests shows Https, I checked cache manager it is working fine.
Played with some settings related to Cache Control still issue is occurring.
2nd request is responsible for generating phpsessionid as 'set-cookie' which will only come when 200 OK will happen.
If anyone has any workaround, please assist. Thanks.
As per HTTP Status 302
The HyperText Transfer Protocol (HTTP) 302 Found redirect status response code indicates that the resource requested has been temporarily moved to the URL given by the Location header. A browser redirects to this page but search engines don't update their links to the resource (in 'SEO-speak', it is said that the 'link-juice' is not sent to the new URL).
so my expectation is that you need to play the same trick as with the 1st request, to wit extract the redirect URL from the Location header and add 3rd HTTP Request sampler to hit that URL
In general a "good" JMeter test should behave exactly like a real browser so you should cross-check JMeter's network footprint with what is in the "network" tab of your browser developer tools and amend JMeter's configuration so it would send exactly the same requests as the browser does.

Microsoft OAuth redirects with 302 instead of 200, which breaks deep link logic on mobile device

What I am using OAuth to authenticate with Microsoft:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize...&redirect_uri=MYURL
(I also use similar approach with google: https://accounts.google.com/o/oauth2/v2/auth...redirect_uri=MYURL)
MYURL is https://admin.myrealdomain.com/code
(MYURL is an empty 200 Ok page on my server)
However, Microsoft Graph returns with 302 redirect from https://login.live.com/oauth20_authorize.srf...
and this causes issues with deeplinks handling (the page just is not intercepted by the app).
I don't have any such issues with Google though (200 status code).
And it seems like it recently worked just fine with Microsoft as well. I am just not sure if this is something I miss or MS has some recent changes applied to that logic.
Does anyone has any idea how I can solve it? Thanks!
It seems that you are executing the OAUTH code flow behind the scenes. It doesn't work this way.
You should pop up a browser dialog to request the authorization code. See reference here.
The steps:
Pop up a browser dialog which the url address is
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?...
After User signs in, it redirects to the redirect url, where the
authorization code has been returned.
POST to
https://login.microsoftonline.com/common/oauth2/v2.0/token?....
you can get the access token to call Microsoft Graph API.

Surveymonkey: create webhook to get response in sugarcrm

I am trying to create a surveymonkey webhook to receive my survey response and i am passing my SugarCRM custom entry point URL as "Subscription Url". But i am getting error " 'mycustomEntryPointUrl' did not return a success status code. Status code is 301". My Entry point is working fine if i run it in browser using its URL also my Sugar is working smoothly.
So, i just want to know any other reason which can cause this error.
Yes so HTTP status code 301 means the page has moved permanently. If you visit it in your browser, for example, you would see a network request to the page specified with a status code of 301, then a second one to the new page. Our API request won't do any redirect, so if a 301 is returned it will raise an error.
This sometimes happens when you go to a page with http and then it redirects to https due to rules on your server.
You also want to make sure your subscription URL supports a HEAD request without any redirect.

SiteCatalyst image request onreadystatechange

Is there any possibility of "listening" to the state of GET SiteCatalyst image requests ?
I'd like to run a callback function only when the requests are over, to be more clear when they receive the 200 status code and I'm sure they're done.I'm confident no "built-in" method is available and maybe I should hack the core s.track.s.t() function...?Thanks a lot.
You are right, there is no global "built-in" callback method for when the Adobe Analytics request is complete.
A couple notes I should mention to you about attempting to hack the core code:
1) If you are using the AppMeasurement library version 1.4.1+, in some circumstances, a POST request may be made instead of an image request.
2) Responses that are not 200/OK or otherwise completed/successful does not necessarily mean the data failed to be sent to Adobe. Most common scenario is a NS_BINDING_ABORTED error returned.
The main bad effect I'm getting here is what I previously thought as a double XHR request.
It wasn't. In reality the first request gets redirected as it would be the first visit of a new visitor (302 status) and a new visitorID is brought down by Adobe server.
Then the redirected "200 status" request is made with this new visitorID within.This is bad because every XHR requests would result in a new visit of a new visitor even though a previously set "s_vi" cookie is there in browser, with the lack of previous collected data for that user.I know what XHR redirects couldn't be blocked so I'm wondering if there is a way to "tell" Adobe server it's not the first request ever made, in order to stop the redirect and do not use a new visitorID.

Why does Fiddler break my site's redirects?

Why does using Fiddler break my site sometimes on page transitions.
After a server side redirect -- in the http response (as found in Fiddler) I get this:
Object moved
Object moved to here.
The site is an ASP.NET 1.1 / VB.NET 1.1 [sic] site.
Why doesnt Fiddler just go there for me? i dont get it.
I'm fine with this issue when developing but I'm worried that other proxy servers might cause this issue for 'real customers'. Im not even clear exactly what is going on.
That's actually what Response.Redirect does. It sends a 302 - Object moved response to the user-agent. The user-agent then automatically goes to the URL specified in the 302 response. If you need a real server-side redirect without round-tripping to the client, try Server.Transfer.
If you merely constructed the request using the request builder, you're not going to see Fiddler automatically follow the returned redirect.
In contrast, if you are using IE or another browser, it will generally check the redirect header and follow it.
For IE specifically, I believe there's a timing corner case where the browser will fail to follow the redirect in obscure situations. You can often fix this by clicking Tools / Fiddler Options, and enabling both the "Server" and "Client" socket reuse settings.
Thanks user15310, it works with Server.Transfer
Server.Transfer("newpage.aspx", true);
Firstly, transferring to another page using Server.Transfer conserves server resources. Instead of telling the browser to redirect, it simply changes the "focus" on the Web server and transfers the request. This means you don't get quite as many HTTP requests coming through, which therefore eases the pressure on your Web server and makes your applications run faster.
But watch out: because the "transfer" process can work on only those sites running on the server, you can't use Server.Transfer to send the user to an external site. Only Response.Redirect can do that.
Secondly, Server.Transfer maintains the original URL in the browser. This can really help streamline data entry techniques, although it may make for confusion when debugging.
That's not all: The Server.Transfer method also has a second parameter—"preserveForm". If you set this to True, using a statement such as Server.Transfer("WebForm2.aspx", True), the existing query string and any form variables will still be available to the page you are transferring to.
Read more here:
http://www.developer.com/net/asp/article.php/3299641/ServerTransfer-Vs-ResponseRedirect.htm