nginx – The site is accessible by domain in all browsers except Chrome

I'm trying to create a website with the help of an Ubuntu machine running nginx. For some reason I can access the site by domain name in Safari and Firefox, but in Chrome it can not access the server. However, I can use curl, postman, etc. and I get the index.html file as I would like.

I've found that in Chrome, I am able to access the site using the IP address, and I am totally lost on where to check next.

Here is my configuration file:

server {
    listen 80 default_server;
    listen [::]:80 default_server;

    root /var/www/html;

    index index.html index.htm index.nginx-debian.html;

    server_name _;

    location / {
            # First attempt to serve request as file, then
            # as directory, then fall back to displaying a 404.
            try_files $uri $uri/ =404;
    }

}

I've changed the response code just to make sure it's all about the setup I'm actually typing.

Any help would be appreciated!

Edit: The domain is gwilliam.dev

Your site on different browsers | Promotion of the forum

I'm still testing my forum after an upgrade or a theme change with different browsers and sizes. The main browsers with which to test would be Internet Explorer, Microsoft Edge, Mozilla FireFox, Google Chrome and Mobile Safari. I have not noticed any problem with any of them. :]

tls – Why are file URLs marked as unsafe while https URLs are marked as secure in browsers?

I think file protocols are more secure than https protocols.

You would be right if the file comes from a local storage.

What happens if you load a file from an FTP mount (the FTP protocol is not secure, even the passwords are sent in plain text)? Or from a remote service (unsecured) on an unencrypted wifi network? A consumer access point with a connected drive could be configured like this.

The browser has no way of knowing if any of these connections is really secure. And even though it was possible to determine if the file system's direct links were secure, we can not know if the next step in the chain is.

So the browser just does not guarantee what it does not know.

html – Browsers ruin the UX password with drop-down menus. How can I fix it?

drop-down list of autofilling ruining UX

FYI The picture above was taken with autocomplete="new-password"

As you can see, the drop-down list covers the error message (which ends with "letters and numbers" (plus some other error messages).

This error message is IMPORTANT, and the user MUST see it. How to hide the drop-down list? The drop-down list prevents the user from seeing the message. You can say that "the drop down menu is bad UX" in this particular circumstance

You can say to move the message under the field, but then we have the exact same problem, just in the other way.

As far as I know, our solutions are:

  1. disable the drop-down menu
  2. move the message to a place where the drop-down menu will not cover it (like a popup or sideways)
  3. Move the message so that it is always displayed on the opposite side of the drop-down menu.

Option 1 does not work because we could disable the drop-down menu by setting autocomplete at "new-password" or "off" or "false" or something else, but none of this seems to disable the drop-down menu.

Option 2 does not really work because I want the message to be near the field to give some context to the error message. I do not really want to popup with the error message "Your password is too short" as it looks like a bad UX. I imagine that I could move the error messages to the input side of the password, but that would not work on small devices that do not have the width of the ######################################################################### 39; screen.

Option 3 also does not seem very good, because the error message moves according to the scroll position of the window, and move text according to an arbitrary scroll line also seems to be a bad UX.

So yes, I am short of options, unless someone can think of one of them?

Is this a browser problem? Or is there a simple trick I can use to get the right UX I want?

Do browsers send different HTTP headers when reloading pages so that server-side caches can be flushed?

Browsers send additional headers, but their behavior is different. This linked information is a little outdated: the question of stackoverflow

Looks like Cache-control:no-cache is the best solution, to check Ctrl+F5but better not to check the only header.

I just checked Firefox Ubuntu F5 gives nothing but Ctrl+F5 request contains this

Pragma  no-cache
Cache-Control   no-cache

Checked Chromium – Same behavior, same two headers.

network – Browsers can not connect after 10.15.1 upgrade

I just went from 10:15 to 10:15.1 and web browsers can no longer browse websites.

I restarted but the problem is the same.
I've changed DNS servers but the problem is still the same.
I am able to ping google.com
Other devices using the same connection, such as this iPad, can browse websites normally.

Although I can not visit any website, browsers download these previews of news articles that display when first using a browser.

Someone has an idea why I can not browse websites?

ease of use – Why does not Google Chrome have a GoTo link button like other browsers?

Some people prefer to have the button go, others by habit, and others are mouse users having the habit of copying, pasting and cutting into the URL box.

The use case occurs when there are links copied with a long variable after the URL, such as: https://domain.com?variable=a_very_long_variable_here_or_provide_some_infos

Navigating with the mouse does not require any interaction with the keyboard. Want to copy these URLs using the mouse, then using the mouse to cut the words after? then go to the URL. The context menu of the "Paste and start" mouse is not a solution because you want to cut parts of the URL.

Doing this without the Go button forces us to get up from our lazy keyboard chair just to press the "ENTER" button. Which is awkward in a lazy browsing state with only a wireless mouse nearby while your keyboard is away near your feet. You can also use your feet to press the Enter key on the keyboard. πŸ˜€ But clicking a button "go" is a lot lazy.

That's why a lot of people need the "click" button.

Most of the time, we can recover the button by modifying the browser style sheet.

Google programmers, UI experts and staff have no idea of ​​the lazy existence like us. They know navigation with the keyboard only, never heard navigation with the mouse only. That's why they remove the button.

apache – Which browsers handle client-side compression of queries like POST's ed formdata?

Which browsers manage client side compression requests, such as "multipart / form-data" sent by the client to the server via HTTP POST?

The HTTP server that I'm trying to run with is Apache with the mod_deflate and mod_gzip modules, which include Content-Encoding: deflate and Content-Encoding: gzip headers in POST requests.

How are attacks on web browsers successful?

Although there are still Drive-by-Downloads attacks that exploit vulnerabilities in the browser itself, most web-based attacks are now different. This is because Drive-by-Downloads have become harder since the main unsecured technologies (ActiveX, Java, Flash) have been banned and the browsers themselves have become more robust against attacks.

The main current attacks are probably by misleading the user, that is to say by phishing.
For example, phishing of credentials is done (usually linked to emails or other messages) with similar sites or that promise import information after login. There are streaming sites (usually illegal) or download videos that claim to require plugins or software updates to access the content. And there are sites that create windows or pop-ups that look like system error messages to entice users to download fake antivirus or call a fake Microsoft hotline or similar.

There are also seemingly innocent browser plugins or plugins that later modify the behavior into malicious behavior, either because it was intended at first, or because the ownership of the extension was transferred to a suspicious part. As extensions are usually updated automatically, this attack is based on the use of the initial trust that a user had in the extension to silently add malicious behavior.

Is it due to ignorant users of the browser?

If it would be simple to blame stupid users for their ignorance, it would not be fair. One can not expect the average user to have a lot of experience in detecting attacks. Most users are unable to properly manage all websites with different user interfaces and behaviors, as well as sporadic error messages from websites and the operating system. They are used to being harassed by the different software they have to install in order to continue. All they want is to get things done. And in most cases, they can do this by ignoring the error messages or choosing the recommended option in a dialog box that they do not really understand. Attackers can, therefore, reasonably expect that a sufficient number of users will do almost anything in their power to continue, especially if it is simply a click of a button or to quickly install software – because that is why they are trained to do so.

Browsers Download malware, viruses and illegal programs

Microsoft Edge is testing a new feature in its Canary version that allows you to prevent the download of potentially unwanted programs (PUPs) by the browser.

Potentially unwanted programs, or PUAs as Microsoft calls them, are software that overlaps the line between legitimate applications and malicious programs. They tend to display unwanted ads, make redirects, divert browser or computer functions, use scare tactics, or pretend to fix system problems, but do nothing.

In many cases, these types of programs should be classified as malware, but not for legal reasons.

https://www.bleepingcomputer.com/news

Microsoft Edge allows you to block potentially unwanted programs