[squid-users] Question: Force the caching of 302 responses without Expires header and with Strict-Transport-Security max-age header?

Andrei Pozolotin andrei.pozolotin at gmail.com
Sat Jan 4 18:24:01 UTC 2020

Amos, hello:

On 2020-01-04 05:14, Amos Jeffries wrote:
> Expires header is an HTTP/1.0 protocol feature. Its absence has no 
> meaning.
> The 302 response is explicitly defined in HTTP as a *temporary* object
> which can change at any time. The *presence* of Cache-Control:max-age 
> or
> Expires set a minimum time the response is guaranteed not to change.

1. perhaps an argument could be made that these are semantically 
* Cache-Control: max-age=<expire-time>
* Strict-Transport-Security: max-age=<expire-time>

2. and therefore "Strict-Transport-Security" should be handled
by squid "Cache-Control" related features such as refresh_pattern

> Since your use-case is a software archive mirrors you should 
> investigate
> whether the objects stored there are truly identical. If they are, the
> Store-ID feature can be used to de-duplicate the URLs the 302 are
> pointing at so *they* are cached efficiently.
>  <https://wiki.squid-cache.org/Features/StoreID>

3. thank you for the StoreID idea

4. I have already implemented it:

5. it does improve performance, however two preceding TCP_MISS/302 hits
for every archive url hit, do provide major contribution to the overall 
response delay

Thanks again,


More information about the squid-users mailing list