I developed the script below and I am getting an error that I cannot understand a fix:
"The 304 response is not allowed to have a body."

Please check here RED: <http://www.seoworkers.com/> (http://redbot.org/webui.py?uri=http%3A%2F%2Fwww.seoworkers.com%2F) and here RED: <http://www.seoworkers.com/> (http://redbot.org/webui.py?descend=True&uri=http%3A//www.seoworkers.com/)



<?php
if (strstr($_SERVER['REQUEST_URI'], '?') || strstr($_SERVER['REQUEST_URI'], '&'))
{
header('X-Robots-Tag: noindex,noarchive,nosnippet');
}
$mtime = filemtime($file);
$ifModifiedSince = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? stripslashes($_SERVER['HTTP_IF_MODIFIED_SINCE']) : false;
if ($ifModifiedSince && strtotime($ifModifiedSince) >= $mtime) {
header('HTTP/1.0 304 Not Modified');
die; // stop processing
}

// header('ETag: "'.md5($mtime.$file).'"');

$lastModified = gmdate('D, d M Y H:i:s', $mtime) . ' GMT';
header('Last-Modified: ' . $lastModified);
header('Expires: Sun, 19 Aug 1962 08:00:00 GMT');
if (isset($_SERVER['HTTP_IF_NONE_MATCH']))
{
if (str_replace('"', '', stripslashes($_SERVER['HTTP_IF_NONE_MATCH'])) > md5($mtime.$file))
{
header("HTTP/1.1 304 Not Modified");
// Abort processing and exit
exit();
}
}

header('Cache-Control: max-age=600, stale-if-error=1200');
header('Content-Description: SEO Workers - Expert Search Engine Optimization Company');
header('Content-type: application/xhtml+xml; charset=utf-8');
header('Vary: Accept-Encoding');
header('Accept-Ranges: bytes');

$mime = "text/html";
if(preg_match("/application\/xhtml\+xml;q=0(\.[1-9]+)/i",
$_SERVER["HTTP_ACCEPT"], $matches)) {
$xhtml_q = $matches[1];
if(preg_match("/text\/html;q=0(\.[1-9]+)/i",
$_SERVER["HTTP_ACCEPT"], $matches)) {

$html_q = $matches[1];
if($xhtml_q >= $html_q) {
$mime = "application/xhtml+xml";
}
}
} else {
$mime = "application/xhtml+xml";
}
# For MSIE browsers
if (stristr($_SERVER["HTTP_USER_AGENT"],"MSIE")) {
$mime = "text/html";
$charset = "utf-8";
$prolog_type = "
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML+RDFa 1.0//EN' 'http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'
xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#'
xmlns:rdfs='http://www.w3.org/2000/01/rdf-schema#'
xmlns:v='http://rdf.data-vocabulary.org/#'
xmlns:xhv='http://www.w3.org/1999/xhtml/vocab#'
xmlns:xml='http://www.w3.org/XML/1998/namespace'
xmlns:dc='http://purl.org/dc/elements/1.1/'
xmlns:cc='http://creativecommons.org/ns#'
xml:lang='en' dir='ltr'>";
}
# For other browsers
else {
$mime = "application/xhtml+xml";
$charset = "utf-8";
$prolog_type = "<?xml version='1.0' encoding='$charset'?>
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML+RDFa 1.0//EN' 'http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'
xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#'
xmlns:rdfs='http://www.w3.org/2000/01/rdf-schema#'
xmlns:v='http://rdf.data-vocabulary.org/#'
xmlns:xhv='http://www.w3.org/1999/xhtml/vocab#'
xmlns:xml='http://www.w3.org/XML/1998/namespace'
xmlns:dc='http://purl.org/dc/elements/1.1/'
xmlns:cc='http://creativecommons.org/ns#'
xml:lang='en' dir='ltr'>";
}
header("Content-Type: $mime; charset=$charset");
print $prolog_type."\n";
?>I am sure that it is doing the job, but still I would like to eliminate that bloody error or warning.

I do not see a need a reason of using Etags, since I already have the Last modified, and even if I add the Etag, the error is still there.

Can some one give a hand? I will appreciate that very much, and I am willing to return a favor if you need something about SEO.

Thanks in advance,

John

I showed this to a developer and he told me that when I do a redirect, regardless which one, you must exit once you've sent the HTTP headers.

Do you understand what he is about?

I developed the script below and I am getting an error that I cannot understand a fix:

Which code line(s) do you need to comment out to get rid of the error?



Please check here RED: <http://www.seoworkers.com/> (http://redbot.org/webui.py?uri=http%3A%2F%2Fwww.seoworkers.com%2F) and here RED: <http://www.seoworkers.com/> (http://redbot.org/webui.py?descend=True&uri=http%3A//www.seoworkers.com/)

The output of the last link is not trivial. Can you explain what the red marks mean or are that irrelevant information regarding your problem?



I am sure that it is doing the job, but still I would like to eliminate that bloody error or warning.

I am not so sure. If you hover the mouse over the message

"HTTP defines a few special situations where a response does not allow a body. This includes 101, 204 and 304 responses, as well as responses to the HEAD

method. The 304 response had a body, despite it being disallowed. Clients receiving it may treat the body as the next response in the connection, leading to interoperability and security issues".

you will note that it is security related.

My bolding of the message.

if (str_replace('"', '', stripslashes($_SERVER['HTTP_IF_NONE_MATCH'])) == md5($mtime.$file))

Can you try this and see the output

If the client has performed a conditional GET request and access is allowed, but the document has not been modified, the server SHOULD respond with this status code. The 304 response MUST NOT contain a message-body, and thus is always terminated by the first empty line after the header fields.

The response MUST include the following header fields:
- Date, unless its omission is required by section 14.18.1

If a clockless origin server obeys these rules, and proxies and clients add their own Date to any response received without one (as already specified by [RFC 2068], section 14.19), caches will operate correctly.
- ETag and/or Content-Location, if the header would have been sent
in a 200 response to the same request
- Expires, Cache-Control, and/or Vary, if the field-value might
differ from that sent in any previous response for the same
variant

If the conditional GET used a strong cache validator (see section 13.3.3), the response SHOULD NOT include other entity-headers. Otherwise (i.e., the conditional GET used a weak validator), the response MUST NOT include other entity-headers; this prevents inconsistencies between cached entity-bodies and updated headers.

If a 304 response indicates an entity not currently cached, then the cache MUST disregard the response and repeat the request without the conditional.

If a cache uses a received 304 response to update a cache entry, the cache MUST update the entry to reflect any new field values given in the response.

if (str_replace('"', '', stripslashes($_SERVER['HTTP_IF_NONE_MATCH'])) == md5($mtime.$file))

Can you try this and see the output
I tried that and did not help.

If the client has performed a conditional GET request and access is allowed, but the document has not been modified, the server SHOULD respond with this status code. The 304 response MUST NOT contain a message-body, and thus is always terminated by the first empty line after the header fields.

The response MUST include the following header fields:
- Date, unless its omission is required by section 14.18.1

If a clockless origin server obeys these rules, and proxies and clients add their own Date to any response received without one (as already specified by [RFC 2068], section 14.19), caches will operate correctly.
- ETag and/or Content-Location, if the header would have been sent
in a 200 response to the same request
- Expires, Cache-Control, and/or Vary, if the field-value might
differ from that sent in any previous response for the same
variant

If the conditional GET used a strong cache validator (see section 13.3.3), the response SHOULD NOT include other entity-headers. Otherwise (i.e., the conditional GET used a weak validator), the response MUST NOT include other entity-headers; this prevents inconsistencies between cached entity-bodies and updated headers.

If a 304 response indicates an entity not currently cached, then the cache MUST disregard the response and repeat the request without the conditional.

If a cache uses a received 304 response to update a cache entry, the cache MUST update the entry to reflect any new field values given in the response.
I read that on the Web endless of times. But I still don't get what the problem is.

Main problem is that response MUST NOT contain a message-body, and thus is always terminated by the first empty line after the header fields.

Check this also PHP: ob_end_clean - Manual (http://www.php.net/manual/en/function.ob-end-clean.php#40108)

Weird. Oddly, took me half a dozen utilities to actually see the cause of the error message, which is that your server is returning a small amount of gibberish when the exit() method is called. It shouldn't, but it is. This garbage data is only present in the custom code; the javascripts and image files that return server-generated 304 responses do not demonstrate the same issue. This, in my mind at least, makes it a PHP issue.

Looking at the code you posted, I believe the problem is being caused by the following block of code:


if ($ifModifiedSince && strtotime($ifModifiedSince) >= $mtime) {
header('HTTP/1.0 304 Not Modified');
die; // stop processing
}
Specifically, I think the problem is due to the use of die() instead of exit(). die() is similar to exit(), except that it outputs whatever it is passed to stdout, which in the case of a web application could result in some output being sent to the client in the body. Try replacing "die" with "exit()" and see if that fixes the problem.

If the problem still shows up, you might try manually clearing the output buffer, just in case something is being snuck in unintentionally, using the ob_end_clean() function Ace suggested above before the exit() call.

Here are the most recent updates (quick and dirty):



<?php
if (strstr($_SERVER['REQUEST_URI'], '?') || strstr($_SERVER['REQUEST_URI'], '&'))
{
header('X-Robots-Tag: noindex,noarchive,nosnippet');
die();
}
//---------------------------------------------------
$currentFile = $_SERVER["PHP_SELF"];
$parts = Explode('/', $currentFile);
$pagename=$parts[count($parts) - 1];
//----------------------------------------------------
$mtime = filemtime($pagename);
$ifModifiedSince = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? stripslashes($_SERVER['HTTP_IF_MODIFIED_SINCE']) : false;
if ($ifModifiedSince && strtotime($ifModifiedSince) >= $mtime) {
header("HTTP/1.1 304 Not Modified");
die(); // stop processing
}
//header('ETag: "'.md5($mtime.$file).'"');
$lastModified = gmdate('D, d M Y H:i:s', $mtime) . ' GMT';
header('Last-Modified: '.$lastModified);
header('Expires: Sun, 19 Aug 1962 08:00:00 GMT');
if (isset($_SERVER['HTTP_IF_NONE_MATCH']))
{
if (str_replace('"', '', stripslashes($_SERVER['HTTP_IF_NONE_MATCH'])) > md5($mtime.$pagename))
{
header("HTTP/1.1 304 Not Modified");
// Abort processing and exit
die();
}
}
// This is about caching
header('Cache-Control: max-age=600, stale-if-error=1200');
//private, must-revalidate
//Content Description
header('Content-Location: http://www.seoworkers.com/'.$pagename);
header('Content-Description: SEO Workers - Expert Search Engine Optimization Company');
header('Content-type: application/xhtml+xml; charset=utf-8');
//Set the content-type (MIME TYPES)
header('Vary: Accept-Encoding');
header('Accept-Ranges: bytes');
// Mime Types
$mime = "text/html";
if(preg_match("/application\/xhtml\+xml;q=0(\.[1-9]+)/i",
$_SERVER["HTTP_ACCEPT"], $matches)) {
$xhtml_q = $matches[1];
if(preg_match("/text\/html;q=0(\.[1-9]+)/i",
$_SERVER["HTTP_ACCEPT"], $matches)) {

$html_q = $matches[1];
if($xhtml_q >= $html_q) {
$mime = "application/xhtml+xml";
}
}
} else {
$mime = "application/xhtml+xml";
}
# For MSIE browsers
if (stristr($_SERVER["HTTP_USER_AGENT"],"MSIE")) {
$mime = "text/html";
$charset = "utf-8";
$prolog_type = "
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML+RDFa 1.0//EN' 'http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'
xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#'
xmlns:rdfs='http://www.w3.org/2000/01/rdf-schema#'
xmlns:v='http://rdf.data-vocabulary.org/#'
xmlns:xhv='http://www.w3.org/1999/xhtml/vocab#'
xmlns:xml='http://www.w3.org/XML/1998/namespace'
xmlns:dc='http://purl.org/dc/elements/1.1/'
xmlns:cc='http://creativecommons.org/ns#'
xml:lang='en' dir='ltr'>";
}
# For other browsers
else {
$mime = "application/xhtml+xml";
$charset = "utf-8";
$prolog_type = "<?xml version='1.0' encoding='$charset'?>
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML+RDFa 1.0//EN' 'http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'
xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#'
xmlns:rdfs='http://www.w3.org/2000/01/rdf-schema#'
xmlns:v='http://rdf.data-vocabulary.org/#'
xmlns:xhv='http://www.w3.org/1999/xhtml/vocab#'
xmlns:xml='http://www.w3.org/XML/1998/namespace'
xmlns:dc='http://purl.org/dc/elements/1.1/'
xmlns:cc='http://creativecommons.org/ns#'
xml:lang='en' dir='ltr'>";
}
header("Content-Type: $mime; charset=$charset");
print $prolog_type."\n";
?>



Test page is here: http://www.seoworkers.com/test.html

Results: RED: <http://www.seoworkers.com/test.php> (http://redbot.org/webui.py?uri=http%3A//www.seoworkers.com/test.php)

Weird. Oddly, took me half a dozen utilities to actually see the cause of the error message, which is that your server is returning a small amount of gibberish when the exit() method is called. It shouldn't, but it is. This garbage data is only present in the custom code; the javascripts and image files that return server-generated 304 responses do not demonstrate the same issue. This, in my mind at least, makes it a PHP issue.

Looking at the code you posted, I believe the problem is being caused by the following block of code:


if ($ifModifiedSince && strtotime($ifModifiedSince) >= $mtime) {
header('HTTP/1.0 304 Not Modified');
die; // stop processing
}
Specifically, I think the problem is due to the use of die() instead of exit(). die() is similar to exit(), except that it outputs whatever it is passed to stdout, which in the case of a web application could result in some output being sent to the client in the body. Try replacing "die" with "exit()" and see if that fixes the problem.

If the problem still shows up, you might try manually clearing the output buffer, just in case something is being snuck in unintentionally, using the ob_end_clean() function Ace suggested above before the exit() call.

I did all that and did not work.

I had die() for the first and exit() for the second and also the way around, and also both exit().

Nothing worked.

So http://www.webproworld.com/programming/101116-test-driven-programming-php.html#post503535 is not on your agenda John?

Take a visit to Sebastian Bergmann (http://sebastian-bergmann.de/)

So http://www.webproworld.com/programming/101116-test-driven-programming-php.html#post503535 is not on your agenda John?

Take a visit to Sebastian Bergmann (http://sebastian-bergmann.de/)
That is not on my agenda Kjell. Thanks though.

Hm, interesting.

I just tested this on my own server, and found that when you use "die;" output appears to always be sent to the client.

Hm... that being said, I copied and pasted your code as above onto my server, and was unable to replicate the issue. RED: <http://wigedev.com/test.php> (http://redbot.org/webui.py?uri=http%3A%2F%2Fwigedev.com%2Ftest.php)

My guess now is that it is your server, or there is some cache or buffer that we are missing somwhere.

Which version of PHP do you use?

Hm, interesting.

I just tested this on my own server, and found that when you use "die;" output appears to always be sent to the client.

Hm... that being said, I copied and pasted your code as above onto my server, and was unable to replicate the issue. RED: <http://wigedev.com/test.php> (http://redbot.org/webui.py?uri=http%3A%2F%2Fwigedev.com%2Ftest.php)

My guess now is that it is your server, or there is some cache or buffer that we are missing somwhere.
Hey thanks a lot man!

I checked my httpd conf, and the following were disabled, and enabled:

ProxyVia On

<IfModule mod_disk_cache.c>
CacheEnable disk /
CacheRoot "/var/cache/mod_proxy"
</IfModule>

I enabled and it is working: RED: <http://www.seoworkers.com/test.php> (http://redbot.org/webui.py?uri=http%3A//www.seoworkers.com/test.php)

Thank you for the kick man. I owe you a favor!

Also I want to tank everyone one else who tried to help.

It was over my head, but I might have learned something reading it. ;) Thanks for asking me, John, that was compliment enough!

Is there a reason you are using PHP to duplicate so much built-in RFC-compliant webserver functionality?

Is there a reason you are using PHP to duplicate so much built-in RFC-compliant webserver functionality?
What do you mean with duplicate? Can you explain?

Also I noticed that it does not work on the homepage, or for directories root files, because the 301 redirects index.html to / are not accepted:

RED: <http://www.seoworkers.com/> (http://redbot.org/webui.py?uri=http%3A%2F%2Fwww.seoworkers.com%2F)

And for the other site files I get "The server's clock is 2 hr 23 min ahead." RED: <http://www.seoworkers.com/services.html> (http://redbot.org/webui.py?uri=http%3A%2F%2Fwww.seoworkers.com%2Fser vices.html)

I am going nuts. Any hope?


<?php
if (strstr($_SERVER['REQUEST_URI'], '?') || strstr($_SERVER['REQUEST_URI'], '&'))
{
header('X-Robots-Tag: noindex,noarchive,nosnippet');
die();
}
//---------------------------------------------------
$currentFile = $_SERVER["PHP_SELF"];
$parts = Explode('/', $currentFile);
$pagename=$parts[count($parts) - 1];
//----------------------------------------------------
$mtime = filemtime($pagename);
$ifModifiedSince = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? stripslashes($_SERVER['HTTP_IF_MODIFIED_SINCE']) : false;
if ($ifModifiedSince && strtotime($ifModifiedSince) >= $mtime) {
header("HTTP/1.1 304 Not Modified");
die(); // stop processing
}
//header('ETag: "'.md5($mtime.$file).'"');
$lastModified = gmdate('D, d M Y H:i:s', $mtime) . ' GMT';
header('Last-Modified: '.$lastModified);
header('Expires: Sun, 19 Aug 1962 08:00:00 GMT');
if (isset($_SERVER['HTTP_IF_NONE_MATCH']))
{
if (str_replace('"', '', stripslashes($_SERVER['HTTP_IF_NONE_MATCH'])) > md5($mtime.$pagename))
{
header("HTTP/1.1 304 Not Modified");
// Abort processing and exit
die();
}
}
// This is about caching
header('Cache-Control: max-age=600, stale-if-error=1200');
//private, must-revalidate
//Content Description
header('Content-Location: http://www.seoworkers.com/'.$pagename);
header('Content-Description: SEO Workers - Expert Search Engine Optimization Company');
header('Content-type: application/xhtml+xml; charset=utf-8');
//Set the content-type (MIME TYPES)
header('Vary: Accept-Encoding');
header('Accept-Ranges: bytes');
// Mime Types
$mime = "text/html";
if(preg_match("/application\/xhtml\+xml;q=0(\.[1-9]+)/i",
$_SERVER["HTTP_ACCEPT"], $matches)) {
$xhtml_q = $matches[1];
if(preg_match("/text\/html;q=0(\.[1-9]+)/i",
$_SERVER["HTTP_ACCEPT"], $matches)) {

$html_q = $matches[1];
if($xhtml_q >= $html_q) {
$mime = "application/xhtml+xml";
}
}
} else {
$mime = "application/xhtml+xml";
}
# For MSIE browsers
if (stristr($_SERVER["HTTP_USER_AGENT"],"MSIE")) {
$mime = "text/html";
$charset = "utf-8";
$prolog_type = "
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML+RDFa 1.0//EN' 'http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'
xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#'
xmlns:rdfs='http://www.w3.org/2000/01/rdf-schema#'
xmlns:v='http://rdf.data-vocabulary.org/#'
xmlns:xhv='http://www.w3.org/1999/xhtml/vocab#'
xmlns:xml='http://www.w3.org/XML/1998/namespace'
xmlns:dc='http://purl.org/dc/elements/1.1/'
xmlns:cc='http://creativecommons.org/ns#'
xml:lang='en' dir='ltr'>";
}
# For other browsers
else {
$mime = "application/xhtml+xml";
$charset = "utf-8";
$prolog_type = "<?xml version='1.0' encoding='$charset'?>
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML+RDFa 1.0//EN' 'http://www.w3.org/MarkUp/DTD/xhtml-rdfa-1.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'
xmlns:rdf='http://www.w3.org/1999/02/22-rdf-syntax-ns#'
xmlns:rdfs='http://www.w3.org/2000/01/rdf-schema#'
xmlns:v='http://rdf.data-vocabulary.org/#'
xmlns:xhv='http://www.w3.org/1999/xhtml/vocab#'
xmlns:xml='http://www.w3.org/XML/1998/namespace'
xmlns:dc='http://purl.org/dc/elements/1.1/'
xmlns:cc='http://creativecommons.org/ns#'
xml:lang='en' dir='ltr'>";
}
header("Content-Type: $mime; charset=$charset");
print $prolog_type."\n";
?>

The test page works perfectly though: RED: <http://www.seoworkers.com/test.php> (http://redbot.org/webui.py?uri=http%3A%2F%2Fwww.seoworkers.com%2Ftes t.php)

I guess I am going nuts...

The Problem is not at the above script but on your page - Can you try removing the feeds
http://feeds.seoworkers.com/seo-webdesign-ecommerce and then see the results

OK guys, here is the present situation.

All pages work, except of the pages that redirect with 301.

My homepage and my directories root files index.html are redirected to / and those are giving me that damn message: The 304 response is not allowed to have a body.

All other pages return this:

General



The Content-Length header is correct.
The server's clock is correct.

Content Negotiation



Content negotiation for gzip compression is supported.

Caching



The resource last changed 3 weeks 5 days ago.
This response can be stored by any cache.
This response is fresh until 10 min from now.
This response can be served stale.

Validation



If-Modified-Since conditional requests are supported.

Partial Content



A ranged request returned the correct partial content.

Any ideas?

Sorry guys! I solved the problems. I had to do add some lines in the script. But that tool I was using can not recognize the workarounds. 'Live HTTP Headers' for FF helped me out for my testing.

Still thank you all a lot for your support. :)

'Live HTTP Headers' for FF helped me out for my testing.


Does that imply that you did not have the same problem with other browsers?
Which version of FireFox do your use?

Does that imply that you did not have the same problem with other browsers?
Which version of FireFox do your use?


I think you missed the entire issue here. I am not talking about any browsers here...

The Problem is not at the above script but on your page - Can you try removing the feeds
SEO Workers Feed (http://feeds.seoworkers.com/seo-webdesign-ecommerce) and then see the results
That had absolutely nothing to do with the fixed problem. And besides my feed is hosted on feedburner.

I think you missed the entire issue here. I am not talking about any browsers here...
No I did not, I know about http://livehttpheaders.mozdev.org/

I remember it from a discussion about FireFox. It was a question in case ... and I awaited your answer. The reason is that I have many problems with the the FireFox browser on my old computer (http://www.webproworld.com/browsers/101333-my-computer-firefox.html#post504328) that I don't have with other much more complicated software like C++ Builder 2009 / 2010.

Query:
FireFox live headers (http://www.google.com/#hl=en&q=Firefox+live+headers&aq=&aqi=&aql=&oq=&gs_rfai=&fp=33d671b04d717e6a).

Categorize the question as off topic and we are back on track?