id summary reporter owner description type status priority milestone component version resolution keywords cc uname nginx_version 821 "Header ""Expires"" and ""Cache-Control"" is not sent for random requests when using ""expires"" directive" wkuranowski@… "There is a problem with missing ""Expires"" and ""Cache-Control"" headers from my upstream ""nfs_files"". It's a rare situation and it looks like ""expires"" directive is not executed for some reason. I am not able to reproduce it manually, but when I grep nginx cache directory on a production server I can easily find files without those headers. Accessing those files with a browser also confirms that headers are missing. But header ""Access-Control-Allow-Origin"" is always present. It happens for all kind of filetypes - css/js/jpg/png, gzipped/not gzipped etc. I have configuration like below. I hope that I included all relevant config options. I am using nginx 1.8.0 but it happens also on 1.9.4. Error logs are empty. {{{ http { sendfile on; proxy_cache_lock on; proxy_cache_path /mnt/nginx-cache levels=1:2 keys_zone=IMG:256m inactive=3h max_size=8g use_temp_path=off; proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504; map $uri $expires { default 1d; ~^/admin/config/ 10s; ~*\.(?:js|css)$ 5m; } upstream nfs_files { server unix:/var/run/nginx_nfs_files.socket; } server { listen 80 default_server; location / { proxy_cache IMG; #expires header from nfs_files upstream has a higher priority proxy_cache_valid 200 1d; proxy_pass http://nfs_files; } } server { listen unix:/var/run/nginx_nfs_files.socket; gzip on; gzip_types application/javascript text/css text/xml text/plain application/json; gzip_vary on; location / { add_header Access-Control-Allow-Origin *; #doesn't work for random requests expires $expires; root /mnt/nfs/data; } } } }}}" defect closed major nginx-core 1.8.x fixed expires header missing Linux front-1.img.srv 2.6.32-573.7.1.el6.x86_64 #1 SMP Tue Sep 22 22:00:00 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux "nginx version: nginx/1.8.0 built by gcc 4.4.7 20120313 (Red Hat 4.4.7-3) (GCC) built with OpenSSL 1.0.1e-fips 11 Feb 2013 TLS SNI support enabled configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-mail --with-mail_ssl_module --with-file-aio --with-ipv6 --with-http_spdy_module --with-cc-opt='-O2 -g -pipe -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' "