[squid-users] Caching URL with ?
Amos Jeffries
squid3 at treenet.co.nz
Tue Oct 3 01:29:39 UTC 2017
On 03/10/17 06:44, Hector Chan wrote:
> I have a question about caching URLs with an auth token embedded in the
> URL parameter. For example:
>
> https://www.example.com/path/page?token=xxx135ynjy93tqi
>
> The page can be uniquely identified without the URL parameters. It
> appears squid is using the full URL, including the URL parameters, as
> the cache key. Thus, causing the HIT rate to plummet. Is there any way
> I can tell squid to disregard the URL parameters when storing to or
> serving from cache? I know the store_id_program can do that, but is
> there any other way?
No there is not. Any change to any part of the URL means it is a
different cache object. Store-ID is the way to de-duplicate identical
objects caused by this type of broken URL.
PS. the token above is neither private nor secure. If you have any
influence or contact with the devs of the software doing that please
encourage them to use real authentication. It looks like OAuth2 Bearer
is what that system needs to use.
Amos
More information about the squid-users
mailing list