Hi,
I have a question about the header handling logic of
mod_cache/mod_disk_cache.
With an installation running mod_disk_cache and a custom module
which fiddles with Cookie and Set-Cookie headers I am running into
the problem that mod_disk_cache was storing Set-Cookie headers
in the cache. It is ignoring the "CacheIgnoreHeaders Set-Cookie".
In mod_disk_cache's store_header() function we have this code:
apr_table_t *headers_out;
headers_out = ap_cache_cacheable_hdrs_out(r->pool, r->headers_out,
r->server);
[...]
headers_out = apr_table_overlay(r->pool, headers_out,
r->err_headers_out);
rv = store_table(dobj->hfd, headers_out);
So it copies r->headers_out to the local headers_out variable, and
removes all unwanted headers. However, then r->err_headers_out
gets merged into headers_out which is then stored in the cache.
Is there a reason why this is done? This could lead to quite a
number of headers being stored in the cache such as Set-Cookie.
Which happens in my case as the custom module operates on
r->err_headers_out.
So a potential fix would be to merge r->headers_out and
r->err_headers_out into the local headers_out variable, then
filter the unwanted headers, and store the result.
This seems to work, but maybe I'm missing something.
ciao...
--
Lars Eilebrecht
l...@eilebrecht.net
