rob05c opened a new issue, #8006: URL: https://github.com/apache/trafficserver/issues/8006
This is strictly violating the RFC. `does_method_require_cache_copy_deletion` needs to return true for PATCH and unknown methods https://datatracker.ietf.org/doc/html/rfc7234#section-4.4 > A cache MUST invalidate the effective request URI (Section 5.5 of > [RFC7230]) when it receives a non-error response to a request with a > method whose safety is unknown. And https://datatracker.ietf.org/doc/html/rfc5789 > PATCH is neither safe nor idempotent The code is https://github.com/apache/trafficserver/blob/b3ef5a04/proxy/http/HttpTransact.cc#L750 ``` does_method_require_cache_copy_deletion(const HttpConfigParams *http_config_param, const int method) { return ((method != HTTP_WKSIDX_GET) && (method == HTTP_WKSIDX_DELETE || method == HTTP_WKSIDX_PURGE || method == HTTP_WKSIDX_PUT || (http_config_param->cache_post_method != 1 && method == HTTP_WKSIDX_POST))); ``` So it's only returning true specifically for DELETE,PURGE,PUT,(maybe)POST. It needs changed to return `true`, causing ATS to delete (invalidate) cached objects, for unknown methods and `PATCH`. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
