Submitted by floown@drupal.org on
Salut,
Sur un site Drupal 7 hébergé sur un serveur Xenial qui a un lamp et un nginx en front (hosting) j’ai un souci pour avoir un cache bien frais. Mes changements sur le security kit de Drupal ne sont pas pris en compte (normalement on a une note de A avec ce site)
Sur le serveur, j’ai également APC activé (via les dépôts) et un module sur Drupal qui s'appelle Boost. Mais normalement j’arrive à vider les caches de Drupal via un drush cc all, et je peux le reconstruire ensuite avec un spider http :
drush8 cc all && drush8 --uri=https://www.publicitem.pro hss node
On m’a dit que visiblement j'avais un problème de cache, à la vue de ces deux commandes :
curl -SLIXGET https://www.publicitem.pro/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 17 Feb 2019 18:11:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 51992
Connection: keep-alive
Keep-Alive: timeout=60
X-Content-Type-Options: nosniff
ETag: "cb18-5821a0880dbd1"
Accept-Ranges: bytes
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Sun, 19 Nov 1978 05:00:00 GMT
X-Cached-By: Boost
curl -SLIXGET https://www.publicitem.pro/?cachebust=$(date +%s)
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 17 Feb 2019 18:10:47 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
X-Content-Type-Options: nosniff
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.google.com code.jquery.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.rawgit.com static.addtoany.com secure.skypeassets.com *.skype.com google-analytics.com *.gstatic.com *.google.com cdn.ampproject.org; object-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com static.addtoany.com *.skype.com *.google.com code.jquery.com; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: secure.skypeassets.com *.google-analytics.com stats.g.doubleclick.net *.google.com; media-src 'self'; frame-src 'self' static.addtoany.com www.google.com www.youtube.com www.dailymotion.com cdn.ritekit.com; frame-ancestors 'self'; child-src 'self' static.addtoany.com www.google.com www.youtube.com www.dailymotion.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline'; connect-src 'self' *.microsoft.com *.google-analytics.com stats.g.doubleclick.net; report-uri /report-csp-violation
X-Content-Security-Policy: default-src 'self' *.google.com code.jquery.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.rawgit.com static.addtoany.com secure.skypeassets.com *.skype.com google-analytics.com *.gstatic.com *.google.com cdn.ampproject.org; object-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com static.addtoany.com *.skype.com *.google.com code.jquery.com; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: secure.skypeassets.com *.google-analytics.com stats.g.doubleclick.net *.google.com; media-src 'self'; frame-src 'self' static.addtoany.com www.google.com www.youtube.com www.dailymotion.com cdn.ritekit.com; frame-ancestors 'self'; child-src 'self' static.addtoany.com www.google.com www.youtube.com www.dailymotion.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline'; connect-src 'self' *.microsoft.com *.google-analytics.com stats.g.doubleclick.net; report-uri /report-csp-violation
X-WebKit-CSP: default-src 'self' *.google.com code.jquery.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.rawgit.com static.addtoany.com secure.skypeassets.com *.skype.com google-analytics.com *.gstatic.com *.google.com cdn.ampproject.org; object-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com; style-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com static.addtoany.com *.skype.com *.google.com code.jquery.com; img-src 'self' 'unsafe-inline' 'unsafe-eval' data: secure.skypeassets.com *.google-analytics.com stats.g.doubleclick.net *.google.com; media-src 'self'; frame-src 'self' static.addtoany.com www.google.com www.youtube.com www.dailymotion.com cdn.ritekit.com; frame-ancestors 'self'; child-src 'self' static.addtoany.com www.google.com www.youtube.com www.dailymotion.com; font-src 'self' fonts.googleapis.com fonts.gstatic.com 'self' 'unsafe-inline'; connect-src 'self' *.microsoft.com *.google-analytics.com stats.g.doubleclick.net; report-uri /report-csp-violation
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
From-Origin: same
Referrer-Policy: same-origin
Content-Language: fr
X-UA-Compatible: IE=edge
Link: <https://www.publicitem.pro/agence-communication-web?amp>; rel="amphtml",<https://www.publicitem.pro/>; rel="canonical",<https://www.publicitem.pro/node/87>; rel="shortlink"
Vary: Accept-Encoding
Une idée de comment me dépatouiller avec mes caches ?
Merci de toute aide.
PS : j'ai lancé le cron manuel en plus de l'automatique sur le Drupal en question.
Est-ce que à tout hasard tu
Permalien Soumis par MagReveuse le 27 Février, 2019 - 22:27
Est-ce que à tout hasard tu as trouvé ta solution? Car ça m'intéresserait de savoir, je crois avoir le même soucis.
Merci!!