Re: [Q & PATCH] - mod_cache - Cache Control: no-cache/no-store

[Jean-Jacques Clar <JJ...@novell.com>]

These are comments copied from ap_cache_check_freshness()
line 163 cache_util.c:
----------------------
     * - RFC2616 14.9.4 End to end reload, Cache-Control: no-cache.
no-cache in
     * either the request or the cached response means that we must
     * revalidate the request unconditionally, overriding any
expiration
     * mechanism. It's equivalent to max-age=0,must-revalidate.
     * 
     * - RFC2616 14.32 Pragma: no-cache This is treated the same as
     * Cache-Control: no-cache.
----------------------
RFC2616 14.9.4:
End-to-end reload
The request includes a "no-cache" cache-control directive or, for
compatibility with HTTP/1.0 clients,
"Pragma: no-cache". Field names MUST NOT be included with the no-cache
directive in a request. The
server MUST NOT use a cached copy when responding to such a request.
 
1- Cache-Control: no-cache, I don't thing the no-cache case is taking
care of in ap_cache_check_freshness().
 
2- Please comment: I might be wrong, but this is the way I think it
should be done:
 
----------------------
diff -u -r1.79 mod_cache.c
--- modules/experimental/mod_cache.c 1 Jan 2004 13:26:18 -0000 1.79
+++ modules/experimental/mod_cache.c 9 Jan 2004 23:00:30 -0000
@@ -166,13 +166,29 @@
                      "%s, but we know better and are ignoring it",
url);
     }
     else {
-        if (ap_cache_liststr(NULL, cc_in, "no-store", NULL) ||
-            ap_cache_liststr(NULL, pragma, "no-cache", NULL) || (auth
!= NULL)) {
+        if (ap_cache_liststr(NULL, cc_in, "no-store", NULL)) {
             /* delete the previously cached file */
             cache_remove_url(r, cache->types, url);
 
             ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
                          "cache: no-store forbids caching of %s",
url);
+            return DECLINED;
+        }
+        else if (ap_cache_liststr(NULL, cc_in, "no-cache", NULL) ||
+                 ap_cache_liststr(NULL, pragma, "no-cache", NULL)) {
+            /* delete the previously cached file */
+            cache_remove_url(r, cache->types, url);
+
+            ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
+                         "cache: no-cache forbids caching of %s",
url);
+            return DECLINED;
+        }
+        else if (auth != NULL) {
+            /* delete the previously cached file */
+            cache_remove_url(r, cache->types, url);
+
+            ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
+                         "cache: Authorization forbids caching of %s",
url);
             return DECLINED;
         }
     }

----------------------
 
I still don't understand why cache_remove_url() needs to be called for
each case.
 
Thank you,
JJ

>>> JJCLAR@novell.com 1/9/2004 10:29:38 AM >>>

The current request falls in one of the MUST RFC condition,
line 168 mod_cache.c:
---------------
    else {
        if (ap_cache_liststr(NULL, cc_in, "no-store", NULL) ||
            ap_cache_liststr(NULL, pragma, "no-cache", NULL) || (auth
!= NULL)) {
            /* delete the previously cached file */
            cache_remove_url(r, cache->types, url);
 
            ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
                         "cache: no-store forbids caching of %s",
url);
            return DECLINED;
        }
---------------
Why a call to cache_remove_url has to be done?
If the entry is in the cache, should it be kept available for other
clients doing
request without any of the MUST RFC conditions in the header?
I am adding a condition to meet PR 15870, and don't see the need to
call remove_url().
 
Thank you,
JJ

 

Re: [Q & PATCH] - mod_cache - Cache Control: no-cache/no-store

[Ian Holsman <Ia...@apache.org>]

Jean-Jacques Clar wrote:

> These are comments copied from ap_cache_check_freshness()
> line 163 cache_util.c:
> ----------------------
>      * - RFC2616 14.9.4 End to end reload, Cache-Control: no-cache. 
> no-cache in
>      * either the request or the cached response means that we must
>      * revalidate the request unconditionally, overriding any expiration
>      * mechanism. It's equivalent to max-age=0,must-revalidate.
>      *
>      * - RFC2616 14.32 Pragma: no-cache This is treated the same as
>      * Cache-Control: no-cache.
> ----------------------
> RFC2616 14.9.4:
> _End-to-end reload_
> The request includes a "no-cache" cache-control directive or, for 
> compatibility with HTTP/1.0 clients,
> "Pragma: no-cache". Field names MUST NOT be included with the no-cache 
> directive in a request. The
> server MUST NOT use a cached copy when responding to such a request.
>  
> 1- Cache-Control: no-cache, I don't thing the no-cache case is taking 
> care of in ap_cache_check_freshness().
>  
> 2- _*Please comment*_: I might be wrong, but this is the way I think it 
> should be done:
>  

+1 I don't think it should be removed either. (BTW.. it wouldn't remove 
it completly from the webserver anyway.. as mem_cache stores the details 
in a process specific manner)