Collector Response Headers
Collectors today respond with the following headers:
- HTTP/1.1 200 OK
- Date: Thu, 17 Dec 2015 19:53:07 GMT
- Strict-Transport-Security: max-age=15552000
- X-Content-Type-Options: nosniff
- X-Frame-Options: SAMEORIGIN
- X-XSS-Protection: 1; mode=block
- Content-Length: 0
- Connection: keep-alive
First and most importantly, the following header must be added to allow ajax calls to the collector:
- Access-Control-Allow-Origin: *
Second, the following headers are completely redundant since there is never any content in the response:
- Strict-Transport-Security: max-age=15552000
- X-Content-Type-Options: nosniff
- X-Frame-Options: SAMEORIGIN
- X-XSS-Protection: 1; mode=block
Removing them will reduce outgoing bandwidth load from SL collectors servers. These headers are related to content in any case, and there is none.
Please sign in to leave a comment.
Comments
0 comments