[squid-users] Question: Force the caching of 302 responses without Expires header and with Strict-Transport-Security max-age header?
Andrei Pozolotin
andrei.pozolotin at gmail.com
Sat Jan 4 18:24:01 UTC 2020
Amos, hello:
On 2020-01-04 05:14, Amos Jeffries wrote:
> Expires header is an HTTP/1.0 protocol feature. Its absence has no
> meaning.
> The 302 response is explicitly defined in HTTP as a *temporary* object
> which can change at any time. The *presence* of Cache-Control:max-age
> or
> Expires set a minimum time the response is guaranteed not to change.
1. perhaps an argument could be made that these are semantically
identical:
* Cache-Control: max-age=<expire-time>
* Strict-Transport-Security: max-age=<expire-time>
2. and therefore "Strict-Transport-Security" should be handled
by squid "Cache-Control" related features such as refresh_pattern
http://www.squid-cache.org/Doc/config/refresh_pattern/
> Since your use-case is a software archive mirrors you should
> investigate
> whether the objects stored there are truly identical. If they are, the
> Store-ID feature can be used to de-duplicate the URLs the 302 are
> pointing at so *they* are cached efficiently.
> <https://wiki.squid-cache.org/Features/StoreID>
3. thank you for the StoreID idea
4. I have already implemented it:
https://github.com/random-python/nspawn/tree/master/src/main/nspawn/app/hatcher/service/image-proxy/etc/squid
5. it does improve performance, however two preceding TCP_MISS/302 hits
for every archive url hit, do provide major contribution to the overall
response delay
Thanks again,
Andrei.
More information about the squid-users
mailing list