Category Archives: programming

Fix nginx ssi unsafe URI was detected error

If your FE project enabled SSI (Server Side Includes) plugin, you may get some errors or a lots:

[error] 1788#0: *149 unsafe URI “xxx” was detected while sending response to client

Normally, nginx support SSI syntax like

<!--# include virtual="include/foo.html"-->

But if your include path has some go up dir such as ../, then get our errors:

<!--# include virtual="../include/foo.html"-->

have a search NGINX source code, got the SSI related files

ngx_http_parse_unsafe_uri in src/http/ngx_http_parse.c

if (ngx_path_separator(ch) && len > 2) {

    /* detect "/../" and "/.." */

    if (p[0] == '.' && p[1] == '.'
            && (len == 3 || ngx_path_separator(p[2])))
    {
        goto unsafe;
    }
}

OK, for develop ENV test, we can fix this issues by comments these codes:

ngx_http_ssi_include in src/http/modules/ngx_http_ssi_filter_module.c

/*
if (ngx_http_parse_unsafe_uri(r, uri, &args, &flags) != NGX_OK) {
    return NGX_HTTP_SSI_ERROR;
}
*/

Apache prevent web browsers from caching

In order to get the latest effections, Front-end develop need to refresh the web page frequently.

there some solution for fix page cache problem:

Ensure the request url is unique.

by adding random seed to URL. such as

<script src="http://xx.com/foo/path.js?v=${version}"></script>

But this case need some server programe to generic the html page resouces references dynamic.

The other one and the more simple way is prevent Web browsers by customize HTTP Headers.

Setting a short cache time

By asking the Web browser to only cache the file for a very short length of time, you can usually avoid the problem.

We support the Apache Web server “mod_expires” feature. To use this to set the cache time to just one second, add these lines to a .htaccess file:

ExpiresActive On
ExpiresDefault A1
Header append Cache-Control must-revalidate

That’s all it takes. The next time the visitor views the file, more than a second will have passed, so the browser won’t use the outdated cached copy.

Controlling which files are affected

Disabling browser caching will slow down your site and increase the amount of bandwidth your site uses, because repeat visitors will always connect to your site to re-download files they would otherwise cache.

To minimize that impact, you might want to prevent caching of files that change often (such as HTML files), while allowing normal caching of files that don’t (such as JPEG files).

To do this, include the .htaccess lines in a <FilesMatch> directive. For example, these lines will prevent caching of filenames ending in “.htm” or “.html”, while allowing normal caching of JPEG files:

<FilesMatch "\.(htm|html|js|css)$">
  ExpiresActive On
  ExpiresDefault A1
  Header append Cache-Control must-revalidate
</FilesMatch>

(An alternate way of doing this is to use the Apache “ExpiresByType text/html” command, but that doesn’t allow you to add the “Cache-Control: must-revalidate” header for only those pages.)

For more info about Apache headers see also: Manipulating HTTP Headers with htaccess.

vim switch from vertical split to horizontal split

Vim mailing list says (re-formatted for better readability):

To change two vertically split
windows to horizonally split

Ctrl-W t Ctrl-W K

Horizontally to vertically:

Ctrl-W t Ctrl-W H

Explanations:

Ctrl-W t     makes the first (topleft) window current
Ctrl-W K     moves the current window to full-width at the very top
Ctrl-W H     moves the current window to full-height at far left

Note that the t is lowercase, and the K and H are uppercase.

Also, with only two windows, it seems like you can drop the Ctrl-W t part because if you’re already in one of only two windows, what’s the point of making it current?

http://vim.wikia.com/wiki/Switch_between_Vim_window_splits_easily
http://stackoverflow.com/questions/1269603/to-switch-from-vertical-split-to-horizontal-split-fast-in-vim

In VIM, take a look at the following to see different alternatives for what you might have done:

:help opening-window

For instance:

Ctrl-W s
Ctrl-W o
Ctrl-W v
Ctrl-W o
Ctrl-W s
...