[
https://issues.apache.org/jira/browse/HTTPCLIENT-2354?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Skylar Sutton updated HTTPCLIENT-2354:
--------------------------------------
Description:
Using httpclient5-cache:5.4.1, backed by an EH Cache with the following config:
* maxCacheEntries: Integer.MAX
* maxObjectSize: Integer.MAX
* sharedCache: true
* setNeverCacheHTTP10ResponsesWithQueryString: false
* setNeverCacheHTTP11ResponsesWithQueryString: false
Execute a call against a resource with a query string (ex: "/foo?q=bar") which
returns the following CacheControl:
{code:java}
Cache-Control: "must-revalidate, max-age=0" {code}
The Apache Client will fail to cache the resource, specifically because of this
check in {_}ResponseCachingPolicy::isResponseCachable{_}:
{code:java}
if (!this.neverCache1_1ResponsesWithQueryString &&
!this.isExplicitlyCacheable(cacheControl, response)) {
LOG.debug("Response is not cacheable as it is missing explicit caching
headers");
return false;
} {code}
More specifically, _ResponseCachingPolicy::isExplicitlyCachable_ does not
contain any logic to handle the "must-revalidate" directive.
Per this documentation, "public" is not required if "must-revalidate" is
provided:
[https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control]
*??"... If a request doesn't have an {{Authorization}} header, or you are
already using {{s-maxage}} or {{must-revalidate}} in the response, then you
don't need to use {{{}public ...{}}}"??*
was:
Using httpclient5-cache:5.4.1, backed by an EH Cache with the following config:
* maxCacheEntries: Integer.MAX
* maxObjectSize: Integer.MAX
* sharedCache: false
* setNeverCacheHTTP10ResponsesWithQueryString: false
* setNeverCacheHTTP11ResponsesWithQueryString: false
Execute a call against a resource with a query string (ex: "/foo?q=bar") which
returns the following CacheControl:
{code:java}
Cache-Control: "must-revalidate, max-age=0" {code}
The Apache Client will fail to cache the resource, specifically because of this
check in {_}ResponseCachingPolicy::isResponseCachable{_}:
{code:java}
if (!this.neverCache1_1ResponsesWithQueryString &&
!this.isExplicitlyCacheable(cacheControl, response)) {
LOG.debug("Response is not cacheable as it is missing explicit caching
headers");
return false;
} {code}
More specifically, _ResponseCachingPolicy::isExplicitlyCachable_ does not
contain any logic to handle the "must-revalidate" directive.
Per this documentation, "public" is not required if "must-revalidate" is
provided:
[https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control]
*??"... If a request doesn't have an {{Authorization}} header, or you are
already using {{s-maxage}} or {{must-revalidate}} in the response, then you
don't need to use {{{}public ...{}}}"??*
> ResponseCachingPolicy::isExplicitlyCacheable does not account for
> "must-revalidate"
> -----------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-2354
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-2354
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Affects Versions: 5.4.1
> Reporter: Skylar Sutton
> Priority: Major
>
> Using httpclient5-cache:5.4.1, backed by an EH Cache with the following
> config:
> * maxCacheEntries: Integer.MAX
> * maxObjectSize: Integer.MAX
> * sharedCache: true
> * setNeverCacheHTTP10ResponsesWithQueryString: false
> * setNeverCacheHTTP11ResponsesWithQueryString: false
> Execute a call against a resource with a query string (ex: "/foo?q=bar")
> which returns the following CacheControl:
> {code:java}
> Cache-Control: "must-revalidate, max-age=0" {code}
> The Apache Client will fail to cache the resource, specifically because of
> this check in {_}ResponseCachingPolicy::isResponseCachable{_}:
> {code:java}
> if (!this.neverCache1_1ResponsesWithQueryString &&
> !this.isExplicitlyCacheable(cacheControl, response)) {
> LOG.debug("Response is not cacheable as it is missing explicit caching
> headers");
> return false;
> } {code}
> More specifically, _ResponseCachingPolicy::isExplicitlyCachable_ does not
> contain any logic to handle the "must-revalidate" directive.
> Per this documentation, "public" is not required if "must-revalidate" is
> provided:
> [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control]
> *??"... If a request doesn't have an {{Authorization}} header, or you are
> already using {{s-maxage}} or {{must-revalidate}} in the response, then you
> don't need to use {{{}public ...{}}}"??*
>
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
