[squid-dev] [PATCH] Must revalidate CC:no-cache responses
Amos Jeffries
squid3 at treenet.co.nz
Sun Sep 4 15:31:22 UTC 2016
On 3/09/2016 10:14 a.m., Eduard Bagdasaryan wrote:
> Hello,
>
> This patch forces Squid to always revalidate Cache-Control:no-cache
> responses.
>
> Squid MUST NOT use a CC:no-cache response for satisfying subsequent
> requests without successful validation with the origin server. Squid
> violated this MUST because Squid mapped both "no-cache" and
> "must-revalidate"/etc. directives to the same ENTRY_REVALIDATE flag
> which was interpreted as "revalidate when the cached response becomes
> stale" rather than "revalidate on every request".
Doh.
>
> This patch splits ENTRY_REVALIDATE into:
> - ENTRY_REVALIDATE_ALWAYS, for entries with CC:no-cache and
> - ENTRY_REVALIDATE_STALE, for entries with other related CC directives
> like CC:must-revalidate and CC:proxy-revalidate.
>
> Reusing ENTRY_CACHABLE_RESERVED_FOR_FUTURE_USE value for the more
> forgiving ENTRY_REVALIDATE_STALE (instead of the more aggressive
> ENTRY_REVALIDATE_ALWAYS) fixes the bug for the already cached entries -
> they will be revalidated and stored with the correct flag on the next
> request.
>
in src/http.cc:
* ccPrivate is only cacheable in the same conditions as
ccNoCacheNoParams so should be a ENTRY_REVALIDATE_ALWAYS as well.
- this also affects the debugs() in src/refresh.cc syign why it needs
to revalidate.
Amos
More information about the squid-dev
mailing list