httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Fowler, Brian" <Fowl...@logica.com>
Subject RE: mod_proxy Cache-Control: no-cache=<directive> support Apache 1.3
Date Tue, 19 Feb 2002 12:55:33 GMT

Hi Graham,

I don't think mod_proxy does currently conform to RFC2616 in respect of 
Cache-Control: no-cache="<directive>"

It preventing the caching of specific headers, I can't find any code
implementing this in the mod_proxy distribution and the following example
fails...

I have a small test.jsp which just sets Expires, Last-Modified and
Cache-Control: no-cache="Set-Cookie" headers
and configured Apache to act as a Reverse Proxy Server for the page. With an
empty cache the initial request gives ...

~> GET -edP "http://FCODEVWS2/communities/test.jsp"
Cache-Control: no-cache="Set-Cookie"
Connection: close
Date: Tue, 19 Feb 2002 12:37:33 GMT
Server: Apache/1.3.23 (Win32)
Content-Length: 8
Content-Type: text/html
Expires: Tue, 19 Feb 2002 13:06:34 GMT
Last-Modified: Tue, 19 Feb 2002 12:06:34 GMT
Client-Date: Tue, 19 Feb 2002 12:37:35 GMT
Client-Response-Num: 1
Set-Cookie:
WebLogicSession=PHJG0oDVfgz68YWMM8DpXAUxFVZ5gugPKyuKQbIf716lkw6bRRBM
|-1484200219301769473/-1628821962/6/7001/7001/7002/7002/7001/-1; path=/
X-Cache: MISS from fcomain

After which a cached version of the content and headers is created in the
cache, but it still contains the Set-Cookie directive which it should not, I
don't think ...

-----

000000003C72473E 000000003C723FCA 000000003C724DDA 0000000000000001
000000003C72470D 000000003C724710 0000000000000008
X-URL: http://fcontdevserver1/communities/test.jsp
Connection: close
Host: FCODEVWS2
User-Agent: lwp-request/1.40

HTTP/1.1 200 OK
Server: Netscape-Enterprise/4.1
Date: Tue, 19 Feb 2002 12:38:22 GMT
Content-length: 8
Content-type: text/html
Expires: Tue, 19 Feb 2002 13:06:34 GMT
Last-modified: Tue, 19 Feb 2002 12:06:34 GMT
Cache-control: no-cache="Set-Cookie"
Set-cookie:
WebLogicSession=PHJG0oDVfgz68YWMM8DpXAUxFVZ5gugPKyuKQbIf716lkw6bRRBM|-148420
0219301769473/-1628821962/6/7001/7001/7002/7002/7001/-1; path=/



Test 

-----

A subsequent request to the proxy gives a hit to the cache which is correct
but it should NOT serve back the Set-Cookie header.

~> GET -edP "http://FCODEVWS2/communities/test.jsp"
Cache-Control: no-cache="Set-Cookie"
Connection: close
Date: Tue, 19 Feb 2002 12:38:42 GMT
Age: 69
Server: Apache/1.3.23 (Win32)
Content-Length: 8
Content-Type: text/html
Expires: Tue, 19 Feb 2002 13:06:34 GMT
Last-Modified: Tue, 19 Feb 2002 12:06:34 GMT
Client-Date: Tue, 19 Feb 2002 12:38:40 GMT
Client-Response-Num: 1
Set-Cookie:
WebLogicSession=PHJG0oDVfgz68YWMM8DpXAUxFVZ5gugPKyuKQbIf716lkw6bRRBM
|-1484200219301769473/-1628821962/6/7001/7001/7002/7002/7001/-1; path=/
X-Cache: HIT from fcomain

The relevant part of the HTTP spec I think is 

no-cache 
If the no-cache directive does not specify a field-name, then a cache MUST
NOT use the response to satisfy a subsequent request without successful
revalidation with the origin server. This allows an origin server to prevent
caching even by caches that have been configured to return stale responses
to client requests. 
If the no-cache directive does specify one or more field-names, then a cache
MAY use the response to satisfy a subsequent request, subject to any other
restrictions on caching. However, the specified field-name(s) MUST NOT be
sent in the response to a subsequent request without successful revalidation
with the origin server. This allows an origin server to prevent the re-use
of certain header fields in a response, while still allowing caching of the
rest of the response. 

I am missing something?

Cheers,

Brian

-----Original Message-----
From: Graham Leggett [mailto:minfrin@sharp.fm]
Sent: 19 February 2002 11:59
To: dev@httpd.apache.org
Subject: Re: mod_proxy Cache-Control: no-cache=<directive> support
Apache 1.3


"Fowler, Brian" wrote:

> Due to a requirement on a project we are currently working on
> involving using Apache as a caching reverse proxy server to WebLogic.
> 
> We are considering implementing the
> 
> Cache-Control: no-cache=<directive>
> 
> for the Apache 1.3 mod_proxy module so allow us to prevent the caching
> of certain headers served by WebLogic. (In particular the session
> cookie.)
> 
> Has/is anyone working in this area? Is there any specific reason why
> this has deliberately not been implemented already? (E.g. performance
> hit?) Any views on this directive?

I'm not 100% sure what your question is.

The apache proxy follows RFC2616 when it comes to understanding and
honouring the Cache-Control directive. The responsibility of setting
this header correctly is that of your Weblogic application.

If the application is braindead, you should be able to use the
capability of mod_headers to add the cache-control header within apache
itself. (As I am aware this should work, as long as mod_headers comes
before mod_proxy in your config. In v2.0, this should work automatically
- but test it first).

Regards,
Graham
-- 
-----------------------------------------
minfrin@sharp.fm		"There's a moon
					over Bourbon Street
						tonight..."

This e-mail and any attachment is for authorised use by the intended recipient(s) only.  It
may contain proprietary material, confidential information and/or be subject to legal privilege.
 It should not be copied, disclosed to, retained or used by, any other party.  If you are
not an intended recipient then please promptly delete this e-mail and any attachment and all
copies and inform the sender.  Thank you.

Mime
View raw message