homepage Welcome to WebmasterWorld Guest from 54.198.25.229
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Code, Content, and Presentation / Apache Web Server
Forum Library, Charter, Moderators: Ocean10000 & incrediBILL & phranque

Apache Web Server Forum

    
Override htaccess? cache working against me!
A good thing about cache became a problem, perhaps I went too far
explorador

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4619955 posted 4:07 am on Oct 30, 2013 (gmt 0)

Hi webmasters, there was a security problem on the server and a line of code (redirect) was inserted on one Javascript file. I already fixed the problem and removed the redirect but the code still shows on the browser.

Why? because in the past I configured the htaccess to cache de javascript for one year. Yes I know. So even after deleting the file you can see the old code on your browser, my final approach was to change the whole CMS setting to display another JS on the pages and problem solved, the old file is never called. But if you type the original url for the old file, it appears on your browser.

I faced this problem in the past while updating some old code on one javascript and I remember it was refreshed after a bit of time but can't remember how long it was. I already restarted my browser and the file still shows up. Clearing cookies and cache? it might work but I doesn't make sense to do something my visitors won't do: if they visited the site with that redirect it will still appear unless they do the same, we can't ask visitors that and the firefox warning will still be there.

Any suggestions will be appreciated.

 

lucy24

WebmasterWorld Senior Member lucy24 us a WebmasterWorld Top Contributor of All Time Top Contributors Of The Month



 
Msg#: 4619955 posted 5:49 am on Oct 30, 2013 (gmt 0)

Caching is really up to the browser, and sometimes the ISP. And you might argue that anyone who goes a year without emptying their browser cache deserves everything that happens to them. But telling anyone, anywhere, that a file isn't likely to change in the next year is probably not something you'll do again in a hurry ;) Maybe on the internet equivalent of a tombstone-- but even then, what if you got the year wrong and had to call the stonecutter?

It sounds as if you have two separate things. One is the physical javascript file, which will go away if and when the cache is emptied. The other is the redirect response; it's up to the browser how long it chooses to remember this. I assume it's a redirect to some malign third-party site, so you can't do anything from the target end.

Is there any way to figure out which place the redirect is coming from? That is, from the javascript file that the user's browser hasn't deleted, vs. from the browser's own memory of the redirect? Under what circumstances will this actually affect human users?

But if you type the original url for the old file, it appears on your browser.

Do you mean the URL of the page, or the URL of the old javascript?


For comparison purposes: My logs periodically show a request for an administrative gif that I stopped using pretty exactly a year ago. One IP continued requesting it until January (that is, three months after it was last visible in page code). A second IP hung on for about a month longer. A final IP is still asking for the file several times a month.

:: detour to check most recent records ::

Frequency has dropped off in the last two months, and it's now only asking for three different files-- it used to be four-- but, still, we're talking about a year after the most recent time the file was requested by any page, anywhere. Wasn't there an Agatha Christie novel on this theme?

explorador

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4619955 posted 1:02 pm on Oct 30, 2013 (gmt 0)

It's working fine now. It took 8 hours for browsers to stop seeing a file that wasn't there anymore.

Thanks Lucy, there was a security problem and someone or something inserted a redirect on a javascript. The webpages calling that JS had the visitors getting a redirect to some random website.

I changed my policy on cache considering what could be compromised. Thanks.

penders

WebmasterWorld Senior Member penders us a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



 
Msg#: 4619955 posted 3:59 pm on Oct 30, 2013 (gmt 0)

...my final approach was to change the whole CMS setting to display another JS on the pages and problem solved


Perhaps something for the future, but in order to get around the browser caching issue, you can just append a "version" querystring to the original URL, rather than having to use an entirely different filename. eg.

<script src="/scripts/myscript.js?v0002"></script>
explorador

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4619955 posted 7:16 pm on Oct 30, 2013 (gmt 0)

Thanks penders, I thought about that and I now it's a good practice. In this case I wanted to stay away of any caching issues from any organization that could still find the old file.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Apache Web Server
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved