User Profile

Any thoughts on this issue? I see posts that Safari might be ignoring the Cache-Control headers when there is a Vary header present and doing the OPTIONS PREFLIGHT request. Especially for an image content-type. Is that possible? Firefox and Chrome do not have the issue. They do not do the OPTIONS PREFLIGHT on this response, they keep doing the GET request for this image. Is there some other parameter Safari needs to prevent it from doing the PREFLIGHT for a no-cache image? Redirect Response 302 Pragma: no-cache Expires: 0 Cache-Control: no-cache, no-store, must-revalidate Vary: Accept-Encoding Content-Type: image/png

I created a bug report https://bugs.webkit.org/show_bug.cgi?id=226739

Are there any links about this being worked? To duplicate the issue: Go to site (https : //) cidilabs.instructure.com/courses/3/pages/upload-slash-embed-image-test Then refresh that page to see the broken image link. Workarounds: Always open a private browser when going to a CORS redirect image page. The issue only happens when the image is cached. Add a terminating solidus (forward slash) to all image src links that are cached CORS redirect paths. The issue only happens when the redirect path looks like a file not a directory. Make the image src URL a DIFFERENT host than the page it's embedded in. The issue only happens if the cached image src redirect URL is the *same* host as the web page. Use FireFox or Chrome when going to a page with a CORS image src redirect. The issue only happens with Safari.

HI, I'm wondering if you can direct me to solutions for failing preflight OPTION check for redirect images that are cached. I'm wondering if CORSrule <AllowedMethod>OPTIONS</AllowedMethod> is required. Possibly unrelated, but there is no Safari CORS preflight check error no the cached image if: The CORS redirect image is not yet cached in the client Safari (i.e. open a New Private window). There is a solidus (forward slash) at the end of the image redirect URL (maybe Safari thinks it's a dir instead of file and does different type of preflight?) The CORS redirect image URL is NOT the same host. For example the web page is abc.org and the image src is xyz.com redirecting aws.com the preflight check on the cached image is fine. (the CORS preflight error only happens when the web page is abc.org and the image src is also abc.org and the redirected image is on aws.com) Thanks!