You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@pagespeed.apache.org by GitBox <gi...@apache.org> on 2018/02/07 00:25:27 UTC

[GitHub] jmarantz opened a new issue #1743: Cache-Control header values are not always treated case-insensitive as the spec indicates

jmarantz opened a new issue #1743: Cache-Control header values are not always treated case-insensitive as the spec indicates
URL: https://github.com/apache/incubator-pagespeed-mod/issues/1743
 
 
   See https://tools.ietf.org/html/rfc7234#section-5.2
   > Cache directives are identified by a token, to be compared case-insensitively, and have an optional argument, that can use both token and quoted-string syntax.
   
   PageSpeed does this correctly in several places.  However, note that Headers::HasValue uses case insensitive lookups:
   
   https://github.com/apache/incubator-pagespeed-mod/blob/c7cc4f22c79ada8077be2a16afc376dc8f8bd2da/pagespeed/kernel/http/headers.cc#L265
   
   So all uses of HasValue must be audited to see if they should be case-insensitive.  And there's a specific test for headers to preserve that uses case-sensitive compares using HasValue:
   
   https://github.com/apache/incubator-pagespeed-mod/blob/c7cc4f22c79ada8077be2a16afc376dc8f8bd2da/pagespeed/kernel/http/response_headers.cc#L823
   
   s-max-age processing looks good (insensitive): https://github.com/apache/incubator-pagespeed-mod/blob/c7cc4f22c79ada8077be2a16afc376dc8f8bd2da/pagespeed/kernel/http/response_headers.cc#L1263
   
   The general cache-control processing in CachingHeaders looks wrong:
   https://github.com/apache/incubator-pagespeed-mod/blob/c7cc4f22c79ada8077be2a16afc376dc8f8bd2da/pagespeed/kernel/http/caching_headers.cc#L279
   
   Related: the cache-control values with tokens (e.g. max-age=300) can be legally specified with quote (max-age="300") and I don't think that will be  parsed correctly.
   
   In reality I've never seen this or mixed-case cache-control values, but it's in the spec.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services