[ https://issues.apache.org/jira/browse/HTTPCLIENT-2273?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Arturo Bernal updated HTTPCLIENT-2273: -------------------------------------- Description: Currently, the Apache HttpComponents client does not fully handle the "no-cache" directive with specified header fields as outlined in RFC 7234. This may lead to incorrect caching behavior when the "no-cache" directive is used with specific header fields. The goal of this ticket is to enhance the handling of the "no-cache" directive to ensure that specified header fields are not sent in a response to a subsequent request without successful revalidation with the origin server. This allows an origin server to prevent the re-use of certain header fields in a response, while still allowing caching of the rest of the response. To achieve this, the following changes should be made: # Update the caching module to identify and handle "no-cache" directives with specified header fields. # Revalidate the response with the origin server when the specified header fields are present in a cached response, to ensure that they are not reused without successful revalidation. # Ensure that the rest of the response is still cacheable when the specified header fields are present, as long as the response complies with other caching requirements. was: Currently, the Apache HttpComponents client does not fully handle the "no-cache" directive with specified header fields as outlined in RFC 9111. This may lead to incorrect caching behavior when the "no-cache" directive is used with specific header fields. The goal of this ticket is to enhance the handling of the "no-cache" directive to ensure that specified header fields are either excluded from a subsequent response or revalidated with the origin server, as per RFC 9111 requirements. This allows an origin server to prevent the reuse of certain header fields in a response while still allowing caching of the rest of the response. To achieve this, the following changes should be made: # Update the caching module to identify and handle "no-cache" directives with specified header fields (qualified form). # When specified header fields are present in a cached response, either: a. Optionally attempt to revalidate the response with the origin server and update or remove the specified header fields as needed, or b. Exclude the specified header fields from the subsequent response. # Ensure that the rest of the response is still cacheable when the specified header fields are present, as long as the response complies with other caching requirements. > Improve handling of "no-cache" directive with specified header fields > --------------------------------------------------------------------- > > Key: HTTPCLIENT-2273 > URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2273 > Project: HttpComponents HttpClient > Issue Type: Improvement > Reporter: Arturo Bernal > Priority: Major > > Currently, the Apache HttpComponents client does not fully handle the > "no-cache" directive with specified header fields as outlined in RFC 7234. > This may lead to incorrect caching behavior when the "no-cache" directive is > used with specific header fields. > The goal of this ticket is to enhance the handling of the "no-cache" > directive to ensure that specified header fields are not sent in a response > to a subsequent request without successful revalidation with the origin > server. This allows an origin server to prevent the re-use of certain header > fields in a response, while still allowing caching of the rest of the > response. > To achieve this, the following changes should be made: > # Update the caching module to identify and handle "no-cache" directives > with specified header fields. > # Revalidate the response with the origin server when the specified header > fields are present in a cached response, to ensure that they are not reused > without successful revalidation. > # Ensure that the rest of the response is still cacheable when the specified > header fields are present, as long as the response complies with other > caching requirements. -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org For additional commands, e-mail: dev-h...@hc.apache.org