Response headers to HTTP HEAD requests are not cached
Reported by
gwendip...@ziftsolutions.com,
Jun 7 2017
|
|||||
Issue descriptionChrome Version: 59.0.3071.86 (Official Build) (64-bit) URLs (if applicable) : Private, though Google is a client of our company, Zift Solutions, Inc., and we could grant them access to our dev environment. https://sandbox.ziftmarcom.com/ng.html?tab=library#/content/ff8081815c7e3b46015c7ecfc6a94bd4 Other browsers tested: Safari 53.0.3 (64-bit): OK Firefox 53.0.3 (64-bit): OK IE Edge: OK What steps will reproduce the problem? (1) Access the link above (2) We pull the first image with a .jpg extension to the UI. In this case, it’s “cig.jpg” (3) Refresh the page. You’ll see the image pulled from “Asset URL” field, “vacation.jpg”. (4) Refresh the page. You’ll see the image pulled from the “Embedded Image” field, “pugfur.jpg” (5) Refresh the page. No image will populate. Expected result: The first image with the .jpg extension, "cig.jpg", should continue to show in our UI. Proposed root cause: Chrome does not cache all response headers to HTTP HEAD requests, and therefore loops sequentially through the rest of the fields instead. The following headers are not cached: Access-Control-Request-Method Access-Control-Request-Header Access-Control-Request-Origin
,
Jun 8 2017
,
Jun 8 2017
,
Jun 8 2017
Issue 731157 has been merged into this issue.
,
Jun 9 2017
Sorry, it's not clear to me what the issue is. What does a HEAD request have to do with the images? Could you perhaps make a public page that demonstrates this issue for me to look at? Also, if you could record a netlog and attach it to this bug it could help me to diagnose the issue. See https://dev.chromium.org/for-testers/providing-network-details for instructions on gathering a netlog.
,
Jun 9 2017
The cross-origin HEAD requests are used to get the Content-Type header, since that's all we really need. The original HEAD requests have the Access-Control-* headers on them. On refresh, the cached HEAD requests do not contain the Access-Control headers, so Chrome blocks the request with a 403, as seen in the gif. I'll see what I can do about getting a netlog for ya.
,
Jun 9 2017
So is the ordering: Okay, so to clarify, you get the image originally using an <img> tag. Then you XHR (CORS+HEAD) to check the content type. Then, the next time you try to XHR (CORS+HEAD) it fails because the headers were stripped. Is that right?
,
Jun 9 2017
Scratch the first line in the above comment, sloppy editing.
,
Jun 9 2017
The use case is the following: Get a list of URLs to render on the page via a backend call to a server. Loop through the list and perform HEAD requests to determine the Content-Type Use the Content-Type header to determine what type of file it is, and then render the image based off of that. The problem is, the URLs are mostly static.ziftsolutions.com requests, and the page that's making the requests is a different one, and since it's cross origin, the request requires the Access-Control headers. These headers are present on the initial non-cached call, but on refresh, Chrome hits its cache (in the network tab, it even says "Cached from Disk") and gets the request out, but the Access-Control headers are no longer present.
,
Jun 9 2017
If there is no disk cache entry, a HEAD request won't be stored to disk. If there is an existing cache entry (e.g., from a previous GET), a HEAD request will update the response headers on disk. Please do send the netlog, it should help.
,
Jun 20 2017
Unable to test this issue, as we need credentials to the link provided above. As per comment 10, @jkarlin: Requesting you to help in further investigating the issue by the net-export-log provided. Thanks!
,
Jun 20 2017
@rkalavakuntla I’m setting you up with credentials to one of our testing environments. You should be receiving an e-mail from notification@ziftsolutions.com with your login information and password. Click the link in the e-mail to activate your account. Make sure you’ve unchecked the Cache storage flag in your browser and then access this link: https://staging.ziftmarcom.com/ng.html?tab=library#/content/ff8081815cc51042015cc5e3ba270049?cache=true
,
Jun 20 2018
Issue has not been modified or commented on in the last 365 days, please re-open or file a new bug if this is still an issue. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||
►
Sign in to add a comment |
|||||
Comment 1 by nyerramilli@chromium.org
, Jun 8 2017