cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Miles Elam <>
Subject Re: Last-Modified and If-Modified-Since on pipelines
Date Thu, 24 Apr 2003 03:20:17 GMT
Sorry for the lag.  I'm currently a full-time student again (after a 
many year hiatus) and my weekdays are prety swamped.  I really want to 
help out, but I only seem to have a spare moment on the weekends and 
some evenings.

Gianugo Rabellino wrote:

> OK, thanks. Can you however post the patch in unified diff format 
> (diff -u)? There might be something wrong with your patch, I'm choking 
> on it. 

You must forgive me in that although I've used CVS, it's never been 
through (human) proxy.  I've always just checked in so please forgive my 
ignorance with regard to patch files.

On that note, if I run cvs diff -u, does it matter what directory I'm 
in?  The diffs I made earlier were one file at a time (which would 
explain why they failed for you in one try).  I can get you updated 
files with a little more knowledge.

> Some quick comments, however:
> 1. relation with Expires configuration should be taken into account. 
> This means that if the Expires Object (available in CachedResponse) is 
> still fresh, a 304 should be sent right away. Am I right? 

As for the expires, as far as I can tell, I haven't altered it from its 
current behavior.  I appears that there is already support for expires 
in that if someone requests a cached resource, and that resource has 
been cached within a certain timeframe, it will reply to the user that 
it hasn't changed without consulting the Validity objects.  I could be 
wrong, but I do know that whatever functionality was already there, I 
did not remove it.  I was particularly careful about that.

> 2. this code:
>              // Allow for 304 (not modified) responses in dynamic content
>              if (super.checkLastModified( environment, 
> this.cachedLastModified )) {
>                  return true;
>              }
> could be easily rewritten as
>              return super.checkLastModified(environment, 
> this.cachedLastModified);
> do you agree?

No, because even though a successful last modified comparison (data 
hasn't changed) would mean that processing is finished in that block of 
code (a 304), a failure would mean that a standard 200 with accompanying 
data would be necessary -- the rest of the function.  This if-statement 
is merely a quick-exit point, not the absolute exit point.

>> I have some preliminary ETag code but I'm stuck on a particular 
>> issue: what to hash on.  Is there a ready-to-use routine for 
>> computing a hash code from a byte array?  I was originally going to 
>> do it off of timestamp and then the Object.hashCode() of the 
>> CachedValue entry.  This doesn't really buy much more than 
>> Last-Modified though: it's only an int and is tied to the cache 
>> object rather than the value held by the cache object.  The only 
>> thing that really makes sense to me is actually working off the byte 
>> array.  But then constructing the CachedValue object will take longer 
>> and be more expensive.  Thoughts?  Does it really matter for a first 
>> implementation or should I just go ahead with hashCode()?
> I think that the Etag shouldn't be an hashCode, since it's not 
> reversible. The idea of Etag is that it should be possible to lookup 
> the cache with the Etag value and return the resource identified by 
> the Etag itself. I was thinking about using the cache key, though this 
> might well open a security hole since it's an information that I'm not 
> sure it's good to give away. 

If you use the cache key, if the data (value) changes, how would the 
caching proxy know?  It was my understanding that if the content changed 
for a given resource, its ETag changes as well.  In addition, one of the 
bugs fixed in Apache HTTPd a while back was making sure that the ETag 
*wasn't* the inode as that was seen as a security hole.  This would 
imply that using an ETag based upon the actual resource is somewhat 
unwise.  Any HTTP proxy experts out there to shed some light?

Yours truly,

Miles Elam

View raw message