Guys,
going through the "mod_cache" documentation, i found out that it's
either mis-documented, or there's actually a small bug in the 2.0.52 (and earlier) code.
<http://httpd.apache.org/docs-2.0/mod/mod_cache.html#cacheignorecachecontrol>:
Ordinarily, documents with no-cache or no-store header values will not
be stored in the cache. The CacheIgnoreCacheControl directive allows
this behavior to be overridden. CacheIgnoreCacheControl On tells the
server to attempt to cache the document even if it contains no-cache
or no-store header values. Documents requiring authorization will
never be cached.
I would interpret this as defining that (for example) if mod_cache is used with
mod_proxy, and the output on the original server contains a "Cache-Control:
private" value, then mod_cache will ignore what was supplied by the original server
and cache anyway.
Thing is that in the code, the CacheIgnoreCacheControl is _only_ used around
line 113, where we check if the client (not the original document) requires an
uncached copy of the document.
The following patch changes the behavior and forces mod_cache to ignore original "documents" (or mod-proxy
request) when "Cache-Control: private" or "no-store" is present AND CacheIgnoreCacheControl is
"Off"...
Or should this directive be split into two (like "CacheIgnoreCacheControl" for the
current behaviour and "CacheIgnoreSourceCacheControl" for the below mentioned patch) and
patch the documentation as well???
As always, mod_cache is quite important for us at work, so I'm willing to
invest some time on it! :-P
Pier
diff -U3 -r httpd-2.0.52-original/modules/experimental/mod_cache.c
httpd-2.0.52/modules/experimental/mod_cache.c
--- httpd-2.0.52-original/modules/experimental/mod_cache.c 2004-08-26
17:59:44.000000000 +0100
+++ httpd-2.0.52/modules/experimental/mod_cache.c 2005-01-13
10:26:44.076175720 +0000
@@ -471,13 +471,15 @@
/* HEAD requests */
reason = "HTTP HEAD request";
}
- else if (ap_cache_liststr(NULL, cc_out, "no-store", NULL)) {
+ else if ((ap_cache_liststr(NULL, cc_out, "no-store", NULL))
+ && (conf->ignorecachecontrol == 0)) {
/* RFC2616 14.9.2 Cache-Control: no-store response
* indicating do not cache, or stop now if you are
* trying to cache it */
reason = "Cache-Control: no-store present";
}
- else if (ap_cache_liststr(NULL, cc_out, "private", NULL)) {
+ else if ((ap_cache_liststr(NULL, cc_out, "private", NULL))
+ && (conf->ignorecachecontrol == 0)) {
/* RFC2616 14.9.1 Cache-Control: private
* this object is marked for this user's eyes only. Behave
* as a tunnel.
