Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
Received-SPF: pass (athena.apache.org: domain of TOKILEY@aol.com designates
 64.12.206.41 as permitted sender)
References: <4A958340.3090403@rowe-clan.net>
To: dev@httpd.apache.org
Subject: Re: mod_cache, mod_deflate and Vary: User-Agent
Date: Thu, 27 Aug 2009 03:50:43 -0400
In-Reply-To: <4A958340.3090403@rowe-clan.net>
MIME-Version: 1.0
From: tokiley@aol.com
Content-Type: multipart/alternative;
 boundary="--------MB_8CBF50236B99DCE_20A8_C758_webmail-d068.sysops.aol.com"
Cc: tokiley@aol.com
Message-Id: <8CBF50236ADB6D0-20A8-615F@webmail-d068.sysops.aol.com>


----------MB_8CBF50236B99DCE_20A8_C758_webmail-d068.sysops.aol.com
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"


> William A. Rowe, Jr.
>
> I think we blew it :)
>
> Vary: user-agent is not practical for correcting errant browser behavior.

You have not 'blown it'.

>From a certain perspective, it's the only reasonable thing to do.

Everyone keeps forgetting one very important aspect of this issue
and that is the fact that the 'Browsers' themselves are 
participating in the whole 'caching' scheme and that they
are the source of the actual requests, so their behavior is
as much a part of the equation as any inline proxy cache.

There is no real solution to this problem.

The HTTP protocol itself does not have the capability
to deal with things correctly with regards to 
compressed variants.

The only decision that anyone needs to make is 'Where is
the pain factor?'.

If you VARY on ANYTHING other than 'User-Agent' then this
might show some reduction of the pain factor at the proxy
level but you have now exponentially increased the pain
factor at the infamous 'Last Mile'.

Most modern browsers will NOT 'cache' anything that has
a 'Vary:' header OTHER than 'User-Agent:'. This is as true
today as it was 10 years ago.

The following discussion involving myself and some of the 
authors of the SQUID Proxy caching Server took place just 
short of SEVEN (7) YEARS ago but, as unbelievable as it might
seem, is still just as relevant ( and unresolved )...

http://marc.info/?l=apache-modgzip&m=103958533520502&w=2

It's way too long to reproduce here but here is just 
the SUMMARY part. You would have to access the link
above to read all the gory details...

[snip]

> Hello all.
>
> This is a continuation of the thread entitled...
>
> [Mod_gzip] "mod_gzip_send_vary=Yes" disables caching on IE
>
> After several hours spent doing my own testing with MSIE and
> digging into MSIE internals with a kernel debugger I think I
> have the answers.
>
> The news is NOT GOOD.
>
> I will start with a SUMMARY first for those who don't have the
> time to read the whole, ugly story but for those who want to
> know where the following 'conclusions' are coming from I
> refer you to the rest of the message and the "detail".
>
> SUMMARY
>
> There is only 1 request header value that you can use with
> "Vary:" that will cause MSIE to cache a non-compressed
> response and that is ( drum roll please ) "User-Agent".
>
> If you use ANY other (legal) request header field name in
> a "Vary:" header then MSIE ( Versions 4, 5 and 6 ) will
> REFUSE to cache that response in the MSIE local cache.
>
> This is why Jordan is seeing a caching problem and Slava
> is not. Slava is 'accidentally' using the only possible "Vary:"
> field name that will cause MSIE to behave as it should
> and cache a non-compressed response.
>
> Jordan is seeing non-compressed responses never being
> cached by MSIE because the responses are arriving
> with something other than "Vary: User-Agent" like
> "Vary: Accept-Encoding".
>
> It should be perfectly legal and fine to send "Vary: Accept-Encoding"
> on a non-compressed response that can 'Vary' on that field
> value and that response SHOULD be 'cached' by MSIE...
> but so much for assumptions. MSIE will NOT cache this response.
>
> MSIE will treat ANY field name other than "User-Agent"
> as if "Vary: *" ( Vary + STAR ) was used and it will
> NOT cache the non-compressed response.
>
> The reason the COMPRESSED responses are, in fact,
> always getting cached no matter what "Vary:" field name
> is present is just as I suspected... it is because MSIE
> decides it MUST cache responses that arrive with
> "Content-Encoding: gzip" because it MUST have a
> disk ( cache ) file to work with in order to do the
> decompression.
>
> The problem exists in ALL versions of MSIE but it's
> even WORSE for any version earlier than 5.0. MSIE 4.x
> will not even cache responses with "Vary: User-Agent".
>
> That's it for the SUMMARY.
>
> The rest of this message contains the gory details.

[/snip]

I participated in another lengthy 'offline' discussion about
all this some 3 or 4 years ago again with the authors of 
SQUID. There was still no real resolution to the problem.

The general consensus was that if there is always going to
be a 'pain factor' then it's better to follow one of the
rules of Networking and assume the following...

"The least amount of resources will always be present
the closer you get to the last mile."

In other words... it's BETTER to live with some redundant
traffic at the proxy level, where the equipment and bandwidth 
is usually more robust and closer to the backbone, than to put 
the pain factor onto the 'last mile' where resources are usually
more constrained.

If anyone is going to start dropping some special code
anywhere to 'invisibly handle the problem' my suggestion
would be to look at coming up with a scheme that undoes
the damage these out-of-control redundant 'User-Agent' strings are 
causing. The only thing a proxy cache really needs to know is
whether a certain 'User-Agent' string represents a 
different level of DEVCAP than another one. If all that
is changing is a version number and there is no change
with regards to actual Device Capabilities then there's
no reason to cache a separate response for that User Agent.

That still wouldn't represent the ultimate 'fix' for this
multi-variant caching issue... but it sure would be a
step in the right direction.

Yours...
Kevin Kiley

BTW: This posting doesn't even come anywhere near the
real issue which is that even Browsers that 'appear'
to not be able to support 'Accept-Encoding: gzip, deflate'
usually CAN... but it's actually all about MIME TYPES.
The HTTP protocol does NOT provide a way for a client to 
indicate WHICH mime types it can or cannot 'decompress'.
Browsers that appear 'broken' with regards to decompression
are actually only 'broken' for certain MIME types.

That's a complete separate discussion and I'm not
goint to 'go there' tonight.


-----Original Message-----
From: William A. Rowe, Jr. <wrowe@rowe-clan.net>
To: dev@httpd.apache.org <dev@httpd.apache.org>
Sent: Wed, Aug 26, 2009 1:47 pm
Subject: mod_cache, mod_deflate and Vary: User-Agent


I think we blew it :)

Vary: user-agent is not practical for correcting errant browser behavior.

For example;

  User-Agent: Mozilla/5.0 Gecko/20090729 Firefox/3.5.2

produces a myriad number of 'variant' flavors when tagging Vary with
the User-Agent when determining if the deflate/gzip compression should
be served, or the uncompressed variant.

What we really meant to do was to determine which Accept-Encoding values
were invalid based on known browser bugs, and -remove them- from the A-E
header *prior* to determining the cache handling (quick handler hook) or
typical content handling.

Which implies that setenvif + headers need an extra chance to run really
first in front of the quick handler.

Any better suggestions?


----------MB_8CBF50236B99DCE_20A8_C758_webmail-d068.sysops.aol.com
Content-Transfer-Encoding: 7bit
Content-Type: text/html; charset="us-ascii"

<br>
&gt; William A. Rowe, Jr.<br>
&gt;<br>
&gt; I think we blew it :)<br>
&gt;<br>
&gt; Vary: user-agent is not practical for correcting errant browser behavior.<font face="Arial, Helvetica, sans-serif"><br>
<br>
</font>You have not 'blown it'.<br>
<br>
>From a certain perspective, it's the only reasonable thing to do.<br>
<br>
Everyone keeps forgetting one very important aspect of this issue<br>
and that is the fact that the 'Browsers' themselves are <br>
participating in the whole 'caching' scheme and that they<br>
are the source of the actual requests, so their behavior is<br>
as much a part of the equation as any inline proxy cache.<br>
<br>
There is no real solution to this problem.<br>
<br>
The HTTP protocol itself does not have the capability<br>
to deal with things correctly with regards to <br>
compressed variants.<br>
<br>
The only decision that anyone needs to make is 'Where is<br>
the pain factor?'.<br>
<br>
If you VARY on ANYTHING other than 'User-Agent' then this<br>
might show some reduction of the pain factor at the proxy<br>
level but you have now expone<font face="Arial, Helvetica, sans-serif">n</font>tially increased the pain<br>
factor at the infamous 'Last Mile'.<br>
<br>
Most modern browsers will NOT 'cache' anything that has<br>
a 'Vary:' header OTHER than 'User-Agent:'. This is as true<br>
today as it was 10 years ago.<br>
<br>
The following discussion involving myself and some of the <br>
authors of the SQUID Proxy caching Server took place just <br>
short of SEVEN (7) YEARS ago but, as unbelievable as it might<br>
seem, is still just as relevant ( and unresolved )...<br>
<br>
http://marc.info/?l=apache-modgzip&amp;m=103958533520502&amp;w=2<br>
<br>
It's way too long to reproduce here but here is just <br>
the SUMMARY part. You would have to access the link<br>
above to read all the gory details...<br>
<br>
[snip]<br>
<br>
&gt; Hello all.<br>
&gt;<br>
&gt; This is a continuation of the thread entitled...<br>
&gt;<br>
&gt; [Mod_gzip] "mod_gzip_send_vary=Yes" disables caching on IE<br>
&gt;<br>
&gt; After several hours spent doing my own testing with MSIE and<br>
&gt; digging into MSIE internals with a kernel debugger I think I<br>
&gt; have the answers.<br>
&gt;<br>
&gt; The news is NOT GOOD.<br>
&gt;<br>
&gt; I will start with a SUMMARY first for those who don't have the<br>
&gt; time to read the whole, ugly story but for those who want to<br>
&gt; know where the following 'conclusions' are coming from I<br>
&gt; refer you to the rest of the message and the "detail".<br>
&gt;<br>
&gt; SUMMARY<br>
&gt;<br>
&gt; There is only 1 request header value that you can use with<br>
&gt; "Vary:" that will cause MSIE to cache a non-compressed<br>
&gt; response and that is ( drum roll please ) "User-Agent".<br>
&gt;<br>
&gt; If you use ANY other (legal) request header field name in<br>
&gt; a "Vary:" header then MSIE ( Versions 4, 5 and 6 ) will<br>
&gt; REFUSE to cache that response in the MSIE local cache.<br>
&gt;<br>
&gt; This is why Jordan is seeing a caching problem and Slava<br>
&gt; is not. Slava is 'accidentally' using the only possible "Vary:"<br>
&gt; field name that will cause MSIE to behave as it should<br>
&gt; and cache a non-compressed response.<br>
&gt;<br>
&gt; Jordan is seeing non-compressed responses never being<br>
&gt; cached by MSIE because the responses are arriving<br>
&gt; with something other than "Vary: User-Agent" like<br>
&gt; "Vary: Accept-Encoding".<br>
&gt;<br>
&gt; It should be perfectly legal and fine to send "Vary: Accept-Encoding"<br>
&gt; on a non-compressed response that can 'Vary' on that field<br>
&gt; value and that response SHOULD be 'cached' by MSIE...<br>
&gt; but so much for assumptions. MSIE will NOT cache this response.<br>
&gt;<br>
&gt; MSIE will treat ANY field name other than "User-Agent"<br>
&gt; as if "Vary: *" ( Vary + STAR ) was used and it will<br>
&gt; NOT cache the non-compressed response.<br>
&gt;<br>
&gt; The reason the COMPRESSED responses are, in fact,<br>
&gt; always getting cached no matter what "Vary:" field name<br>
&gt; is present is just as I suspected... it is because MSIE<br>
&gt; decides it MUST cache responses that arrive with<br>
&gt; "Content-Encoding: gzip" because it MUST have a<br>
&gt; disk ( cache ) file to work with in order to do the<br>
&gt; decompression.<br>
&gt;<br>
&gt; The problem exists in ALL versions of MSIE but it's<br>
&gt; even WORSE for any version earlier than 5.0. MSIE 4.x<br>
&gt; will not even cache responses with "Vary: User-Agent".<br>
&gt;<br>
&gt; That's it for the SUMMARY.<br>
&gt;<br>
&gt; The rest of this message contains the gory details.<br>
<br>
[/snip]<br>
<br>
I participated in another lengthy 'offline' discussion about<br>
all this some 3 or 4 years ago again with the authors of <br>
SQUID. There was still no real resolution to the problem.<br>
<br>
The general consensus was that if there is always going to<br>
be a 'pain factor' then it's better to follow one of the<br>
rules of Networking and assume the following...<br>
<br>
"The least amount of resources will always be present<br>
the closer you get to the last mile."<br>
<br>
In other words... it's BETTER to live with some redundant<br>
traffic at the proxy level, where the equipment<font face="Arial, Helvetica, sans-serif"> and bandwidth</font> <font face="Arial, Helvetica, sans-serif"><br>
</font>is <font face="Arial, Helvetica, sans-serif">usually </font>more<font face="Arial, Helvetica, sans-serif"> </font>robust and closer to the backbone, than to put <font face="Arial, Helvetica, sans-serif"><br>
</font>the pain<font face="Arial, Helvetica, sans-serif"> </font>factor onto the 'last mile' where resources are usually<br>
more constrained.<br>
<br>
If anyone is going to start dropping some special code<br>
anywhere to 'invisibly handle the problem' my suggestion<br>
would be to look at coming up with a scheme that undoes<br>
the damage these<font face="Arial, Helvetica, sans-serif"> out-of-control</font> redundant 'User-Agent' strings are <br>
causing. The only thing a proxy cache really needs to know is<br>
whether a certain 'User-Agent' string represents a <br>
different level of DEVCAP than another one. If all that<br>
is changing is a version number and there is no change<br>
with regards to actual Device Capabilities then there's<br>
no reason to cache a separate response for that User Agent.<br>
<br>
That still wouldn't represent the ultimate 'fix' for this<br>
multi-variant caching issue... but it sure would be a<br>
step in the right direction.<br>
<br>
Yours...<br>
Kevin Kiley<br>
<br>
BTW: This posting doesn't even come anywhere near the<br>
real issue which is that even Browsers that 'appear'<br>
to not be able to support 'Accept-Encoding: gzip, deflate'<br>
usually CAN... but it's actually all about MIME TYPES.<br>
The HTTP pr<font face="Arial, Helvetica, sans-serif">otocol</font> <font face="Arial, Helvetica, sans-serif">does NOT provide a way for a client to</font> <br>
indicate WHICH mime types it can or cannot 'decompress'.<br>
Browsers that appear 'broken' with regards to decompression<br>
are actually only 'broken' for certain MIME types.<br>
<br>
That's a complete separate discussion and I'm not<br>
goint to 'go there' tonight.<br>
<br>
<br>
-----Original Message-----<br>
From: William A. Rowe, Jr. &lt;wrowe@rowe-clan.net&gt;<br>
To: dev@httpd.apache.org &lt;dev@httpd.apache.org&gt;<br>
Sent: Wed, Aug 26, 2009 1:47 pm<br>
Subject: mod_cache, mod_deflate and Vary: User-Agent<br>
<br>


<div id="AOLMsgPart_0_825f7966-cb72-4050-b6ec-9ac457db9034" style="margin: 0px; font-family: Tahoma,Verdana,Arial,Sans-Serif; font-size: 12px; color: rgb(0, 0, 0); background-color: rgb(255, 255, 255);">

<pre style="font-size: 9pt;"><tt>I think we blew it :)<br>
<br>
Vary: user-agent is not practical for correcting errant browser behavior.<br>
<br>
For example;<br>
<br>
  User-Agent: Mozilla/5.0 Gecko/20090729 Firefox/3.5.2<br>
<br>
produces a myriad number of 'variant' flavors when tagging Vary with<br>
the User-Agent when determining if the deflate/gzip compression should<br>
be served, or the uncompressed variant.<br>
<br>
What we really meant to do was to determine which Accept-Encoding values<br>
were invalid based on known browser bugs, and -remove them- from the A-E<br>
header *prior* to determining the cache handling (quick handler hook) or<br>
typical content handling.<br>
<br>
Which implies that setenvif + headers need an extra chance to run really<br>
first in front of the quick handler.<br>
<br>
Any better suggestions?<br>
<br>
<br>
<br>
<br>
</tt></pre>
</div>
 <!-- end of AOLMsgPart_0_825f7966-cb72-4050-b6ec-9ac457db9034 -->


----------MB_8CBF50236B99DCE_20A8_C758_webmail-d068.sysops.aol.com--