oharsta
commented
1 year ago Can be easily confirmed when creating a new CO on test and choose the option to "Select from gallery". The PNG files have a "cache-control: private" heading.
Closed baszoetekouw closed 1 year ago
oharsta
commented
1 year ago Can be easily confirmed when creating a new CO on test and choose the option to "Select from gallery". The PNG files have a "cache-control: private" heading.
mrvanes
commented
1 year ago This is also an easy check:
$ curl -kI https://sbs.scz-vm.net/static/media/users.36978667c99f35360ce5605552b80fae.svg
HTTP/2 200
server: nginx/1.18.0
date: Thu, 11 May 2023 07:34:07 GMT
content-type: image/svg+xml
content-length: 581
last-modified: Mon, 08 May 2023 12:53:27 GMT
etag: "6458f0c7-245"
expires: Thu, 11 May 2023 08:34:07 GMT
cache-control: max-age=3600
cache-control: public, no-transform
accept-ranges: bytes
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
content-security-policy: default-src 'self'; frame-src 'none'; form-action 'self' http://*.scz-vm.net; frame-ancestors 'none'; block-all-mixed-content;
feature-policy: accelerometer: none; ambient-light-sensor: none; autoplay: none; battery: none; camera: none; display-capture: none; document-domain: none; encrypted-media: none; execution-while-not-rendered: self; execution-while-out-of-viewport: self; fullscreen: none; geolocation: none; gyroscope: none; layout-animations: self; legacy-image-formats: none; magnetometer: none; microphone: none; midi: none; navigation-override: none; oversized-images: self; payment: none; picture-in-picture: none; publickey-credentials: self; sync-xhr: self; usb: none; vr: none; wake-lock: none; xr-spatial-tracking: none
set-cookie: SERVERID=sbs.vm.scz-vm.net|ZFyac; path=/; HttpOnly; Secure; SameSite=None
cache-control: private
strict-transport-security: max-age=31536000; includeSubDomains; preload;Hmm.... it looks like it's not nginx but propbably haproxy that's injecting the extra cache-control header?
# curl -kI https://localhost:90/static/media/users.36978667c99f35360ce5605552b80fae.svg
HTTP/2 200
server: nginx/1.18.0
date: Thu, 11 May 2023 08:21:48 GMT
content-type: image/svg+xml
content-length: 581
last-modified: Mon, 08 May 2023 12:53:27 GMT
etag: "6458f0c7-245"
expires: Thu, 11 May 2023 09:21:48 GMT
cache-control: max-age=3600
cache-control: public, no-transform
accept-ranges: bytes
baszoetekouw
commented
1 year ago Works.
Calls to https://test.sram.surf.nl/static/media/* return a "cache-control: private" header teruggeven which hurts performance. We should make sure that static content is cached.
It seems nginx is serving content from /static directly, without going though flask. I can't find where this cache header is set though.