I was able to solve this based on an answer from Ask Different. In short, closing Safari, then running the commands below, worked. sudo killall nsurlstoraged rm -f ~/Library/Cookies/HSTS.plist launchctl start /System/Library/LaunchAgents/com.apple.nsurlstoraged.plist Restarting Safari after running that and trying to go to http://localhost:3000 solved the problem and did not redirect to to https. Hopefully this … Read more
The gist of it is, just use 200. A little more generally: You should just send back the same status code for the CORS preflight OPTIONS request that you’d send back for any other OPTIONS request. The relevant specs don’t require or recommend anything more than that. What the specs say: The Fetch spec at … Read more
See this answer: Difference between three .htaccess expire rules If a response includes both an Expires header and a max-age directive, the max-age directive overrides the Expires header, even if the Expires header is more restrictive. This rule allows an origin server to provide, for a given response, a longer expiration time to an HTTP/1.1 … Read more
Case-insensitive. Hypertext Transfer Protocol — HTTP/1.1: 4.2 Message Headers HTTP header fields, which include general-header (section 4.5), request-header (section 5.3), response-header (section 6.2), and entity-header (section 7.1) fields, follow the same generic format as that given in Section 3.1 of RFC 822 [9]. Each header field consists of a name followed by a colon (“:”) … Read more
Assuming that your server expects that the username:password combo will be encode it UTF-8 (see RFC 7617 for more details) then use this: import ‘dart:convert’; import ‘package:http/http.dart’; main() async { String username=”test”; String password = ‘123£’; String basicAuth=”Basic ” + base64.encode(utf8.encode(‘$username:$password’)); print(basicAuth); Response r = await get(Uri.parse(‘https://api.somewhere.io’), headers: <String, String>{‘authorization’: basicAuth}); print(r.statusCode); print(r.body); }
Yes, that looks like a valid workflow for the situation you described, and those Authenticate headers seem to be in the correct format. It’s interesting to note that it’s possible, albeit unlikely, for a given connection to involve multiple proxies that are chained together, and each one can itself require authentication. In this case, the … Read more
I cannot say if this is broadly accepted by HTTP clients, but speaking strictly RFC, the server should respond with: HTTP/1.1 426 Upgrade Required Upgrade: TLS/1.0, HTTP/1.1 Connection: Upgrade Source: https://www.rfc-editor.org/rfc/rfc2817#section-4.2
Try reading into a buffer and then using the buffer to back two new readers, one for you to use, and one for subsequent consumers to use. For example, imagine that we want to modify the following code: doStuff(r.Body) // r is an http.Request We could do: buf, _ := ioutil.ReadAll(r.Body) rdr1 := ioutil.NopCloser(bytes.NewBuffer(buf)) rdr2 … Read more
Well… this is an old question, but I ended up here, so I thought I’d give my two cents here: It seems pretty clear that a 2xx should be returned if all is OK If health is not OK, I think it should return a 5xx result (4xx talks about the client being at fault … Read more
-H “text/xml” isn’t a valid header. You need to provide the full header: -H “Content-Type: text/xml”