httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ylavic dev <>
Subject mod_cache with Cache-Control no-cache= or private=
Date Mon, 04 Mar 2013 18:22:11 GMT

I've been working on a patch for mod_cache to deal (fully) with the
response header Cache-Control and the no-cache=<header> or private=<header>
This "feature" is mainly used with the Set-Cookie header, and allows the
origin server to control the caching of that particular header.

Although the code is already there to detect their usage with a header,
mod_cache still handle these directives as if no header was specified.
That is, "stale entity causing revalidation" [by the origin server].

The RFC-2616 (14.9.1 What is Cacheable) says this about the
no-cache=<header> directive :

      If the no-cache directive does specify one or more field-names,
      then a cache MAY use the response to satisfy a subsequent request,
      subject to any other restrictions on caching. However, the
      specified field-name(s) MUST NOT be sent in the response to a
      subsequent request without successful revalidation with the origin
      server. This allows an origin server to prevent the re-use of
      certain header fields in a response, while still allowing caching
      of the rest of the response.

For what I understand, mod_cache is allowed to serve its cached entity
(though without the specified header(s)).

mod_cache already provides the configuration directive CacheIgnoreHeaders
to prevent the specified headers from being cached, but this gives no
control to the origin server.

The attached patch works with trunk and 2.4 (I've got one for 2.2 too,
which is the version I use, but I doubt such a feature would be merged into

Note that the patch also fixes what seems to be an unfortunate replacement
of the tab character (^V) with spaces in the CACHE_SEPARATOR macro

Thanks for your feedbacks,

View raw message