[squid-users] Question on refresh_pattern and ignore must revalidate

[Amos Jeffries]

On 23/09/2015 5:32 p.m., Skipcube wrote:
> Hi all,
> I was planning to use a refresh pattern in squid 3.5 as follows:
> refresh_pattern -i .(css|js)\?$                           1440  75%
> 40320 override-expire override-lastmod reload-into-ims ignore-no-cache
> ignore-private ignore-must-revalidate
> 
> That is cache any CSS or JS file that ends with "?" with ignoring the
> must revalidate flag.
> 
> However, I see that in Squid 4's documents:
> http://www.squid-cache.org/Doc/config/refresh_pattern/
> Removed ignore-must-revalidate. Other more HTTP compliant directives
> can be used to prevent objects from caching.
> 
> What are the options in Squid 4 to achieve the behavior of
> ignore-must-revalidate?

Squid is now conditionally HTTP/1.1 compliant. The effects that
ignore-no-cache used to have on HTTP/1.0-only Squid is part of the
normal HTTP/1.1 behaviours. Far more objects are cached than ever
before. They just get revalidated before use when they are privacy
sensitive, security sentive or stale.

In that environment ignore-must-revalidate is actively dangerous and the
only actual useful thing it was doing was _preventing_ some things from
caching.

To prevent objects from caching it is more efficient to use the cache
and store_miss directives with ACLs to specifically skip storage for
some responses.

If rather than preventing caching, you need to store objects beyond
their expiry there is max_stale directive and ignore-expires,
max-stale=N refresh_pattern options. These stale options do much the
same as ignore-expires, but set a time limit on how long to leave stale
content being delivered. Which is much safer than just serving up bad
content forever.

I recommend making that pattern just:

  refresh_pattern -i .(css|js)\?$ 1440  75% 40320 \
    override-expire reload-into-ims max-stale=2419200


Amos