You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Michael Weiser <M....@science-computing.de> on 2013/05/22 13:21:52 UTC
[users@httpd] Interaction of mod_headers and mod_expires
Hi,
I've inherited a web server setup that has mod_expires configured like
this:
ExpiresActive on
ExpiresDefault "access plus 24 hours"
Also, there is a redirect to a special page if a browser is not
supported by the site:
RewriteEngine on
RewriteCond %{REQUEST_URI} !/browser_not_supported/
RewriteCond %{HTTP_USER_AGENT} ^Mozilla/4\.0\s*\(compatible;\s*MSIE\s*(1|2|3|4|5|6|7|8)\.(?!.*IEMobile)
RewriteRule (.*) /browser_not_supported/index.html [R=302,L]
Both work fine by themselves. Unfortunately, the 302 redirect generated
by the rewrite rule also gets Cache-Control and Expires headers like this:
< Cache-Control: max-age=86400
< Expires: Thu, 23 May 2013 11:03:00 GMT
This makes some proxies cache the redirect. When the user then starts
her supported browser and connects to the site again, the proxy will
serve her the same redirect again and thus redirect the supported
browser to the browser-not-supported page as well.
First off: Is this the proper way to implement such a
browser-not-supported page or is there a better way to do it?
I've boilt it down to the following testcase and tried to override the
headers using mod_headers like this:
RewriteEngine On
RewriteRule /blah /notsup [L,R=302,E=notsup:1]
Header always set Cache-Control "neverevercache" env=notsup
Header always set Expires "now" env=notsup
ExpiresActive On
ExpiresDefault "access plus 1 days"
Unfortunately this causes two headers to be present in the response:
< Cache-Control: neverevercache
< Expires: now
< Cache-Control: max-age=86400
< Expires: Thu, 23 May 2013 11:03:00 GMT
Is this even valid HTTP or is this a bug?
Is mod_expires supposed to work in conjunction with mod_headers?
I've verified this behaviour with apache-2.2 and 2.4.
Thanks,
--
Michael Weiser science + computing ag
Senior Systems Engineer Geschaeftsstelle Duesseldorf
Martinstrasse 47-55, Haus A
phone: +49 211 302 708 32 D-40223 Duesseldorf
fax: +49 211 302 708 50 www.science-computing.de
--
Vorstandsvorsitzender/Chairman of the board of management:
Gerd-Lothar Leonhart
Vorstand/Board of Management:
Dr. Bernd Finkbeiner, Michael Heinrichs,
Dr. Arno Steitz, Dr. Ingrid Zech
Vorsitzender des Aufsichtsrats/
Chairman of the Supervisory Board:
Philippe Miltin
Sitz/Registered Office: Tuebingen
Registergericht/Registration Court: Stuttgart
Registernummer/Commercial Register No.: HRB 382196
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Interaction of mod_headers and mod_expires
Posted by Michael Weiser <M....@science-computing.de>.
Hello Yehuda,
On Wed, May 22, 2013 at 09:07:36AM -0400, Yehuda Katz wrote:
> You need to add Vary: User-Agent to tell the proxy that the server returns
> different content depending on the user agent.
Incredible. That did it and is much more elegant than what I had in
mind.
Thanks!
--
Michael Weiser science + computing ag
Senior Systems Engineer Geschaeftsstelle Duesseldorf
Martinstrasse 47-55, Haus A
phone: +49 211 302 708 32 D-40223 Duesseldorf
fax: +49 211 302 708 50 www.science-computing.de
--
Vorstandsvorsitzender/Chairman of the board of management:
Gerd-Lothar Leonhart
Vorstand/Board of Management:
Dr. Bernd Finkbeiner, Michael Heinrichs,
Dr. Arno Steitz, Dr. Ingrid Zech
Vorsitzender des Aufsichtsrats/
Chairman of the Supervisory Board:
Philippe Miltin
Sitz/Registered Office: Tuebingen
Registergericht/Registration Court: Stuttgart
Registernummer/Commercial Register No.: HRB 382196
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] Interaction of mod_headers and mod_expires
Posted by Yehuda Katz <ye...@ymkatz.net>.
On Wed, May 22, 2013 at 7:21 AM, Michael Weiser <
M.Weiser@science-computing.de> wrote:
> RewriteEngine on
> RewriteCond %{REQUEST_URI} !/browser_not_supported/
> RewriteCond %{HTTP_USER_AGENT}
> ^Mozilla/4\.0\s*\(compatible;\s*MSIE\s*(1|2|3|4|5|6|7|8)\.(?!.*IEMobile)
> RewriteRule (.*) /browser_not_supported/index.html [R=302,L]
>
> Both work fine by themselves. Unfortunately, the 302 redirect generated
> by the rewrite rule also gets Cache-Control and Expires headers like this:
>
> < Cache-Control: max-age=86400
> < Expires: Thu, 23 May 2013 11:03:00 GMT
>
> This makes some proxies cache the redirect. When the user then starts
> her supported browser and connects to the site again, the proxy will
> serve her the same redirect again and thus redirect the supported
> browser to the browser-not-supported page as well.
>
> Is mod_expires supposed to work in conjunction with mod_headers?
>
You need to add *Vary: User-Agent *to tell the proxy that the server
returns different content depending on the user agent.
You could add something like this:
# Make sure proxies don't deliver the wrong content
Header append Vary User-Agent
I will not comment on whether this is the "right" way to do this. Some
might suggest using Javascript browser feature detection instead.
- Y