Re: [Tails-dev] Server-side caching settings of IDF
Hi, [fully quoting for Giorgio's sake, who I'm re-adding to the list of recipients] sajolida wrote (29 Mar 2016 18:12:01 GMT) : > intrigeri: >> Giorgio Maone wrote (13 Feb 2016 13:23:00 GMT) : >>> Whenever a page matching the pattern for a possible UI page (i.e. >>> "https://tails.boum.org/*";), DAVE currently fetches the IDF. This is >>> basically the only way to fix https://labs.riseup.net/code/issues/10685, >>> as noted in https://labs.riseup.net/code/issues/10685#note-5 >> >>> Of course you can and should limit the actual network activity by >>> properly using Chache-Control and/or ETag headers. >> >> By the way, did you IA+DAVE folks already check if the server-side >> Cache-Control / ETag settings are OK for the IDF? (I vaguely remember >> sajolida noticing weird stats in the access logs, that might be caused >> by suboptimal HTTP server settings.) > I know that I haven't requested anything special to r...@boum.org for > this file and the stats I got look like it's not cached properly. > But I don't know much about these things myself. Here is a full HTTP > request. > Should we add "Cache-Control" and "ETag", and remove "Expires"? I don't know. I'll look into it later this week. > $ wget --server-response > https://tails.boum.org/install/v1/Tails/i386/stable/latest.yml > --2016-03-29 18:06:06-- > https://tails.boum.org/install/v1/Tails/i386/stable/latest.yml > Resolving tails.boum.org (tails.boum.org)... 204.13.164.188 > Connecting to tails.boum.org (tails.boum.org)|204.13.164.188|:443... > connected. > HTTP request sent, awaiting response... > HTTP/1.1 200 OK > Date: Tue, 29 Mar 2016 18:06:08 GMT > Server: Apache/2.2.22 (Debian) > X-Frame-Options: SAMEORIGIN > X-XSS-Protection: 1; mode=block > X-Content-Type-Options: nosniff > Strict-Transport-Security: max-age=15768000 > Last-Modified: Fri, 18 Mar 2016 20:43:59 GMT > Accept-Ranges: bytes > Content-Length: 269 > Cache-Control: max-age=0 > Expires: Tue, 29 Mar 2016 18:06:08 GMT > Keep-Alive: timeout=15, max=100 > Connection: Keep-Alive > Content-Type: text/plain > Content-Language: en > Length: 269 [text/plain] > Saving to: ‘latest.yml’ > latest.yml > 100%[==>] >269 --.-KB/s in 0s > 2016-03-29 18:06:09 (2.59 MB/s) - ‘latest.yml’ saved [269/269] -- intrigeri ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] Server-side caching settings of IDF
Hi, On 29/03/2016 20:23, intrigeri wrote: >> Should we add "Cache-Control" and "ETag", and remove "Expires"? > I don't know. I'll look into it later this week. > >> $ wget --server-response >> https://tails.boum.org/install/v1/Tails/i386/stable/latest.yml >> --2016-03-29 18:06:06-- >> https://tails.boum.org/install/v1/Tails/i386/stable/latest.yml >> Resolving tails.boum.org (tails.boum.org)... 204.13.164.188 >> Connecting to tails.boum.org (tails.boum.org)|204.13.164.188|:443... >> connected. >> HTTP request sent, awaiting response... >> HTTP/1.1 200 OK >> Date: Tue, 29 Mar 2016 18:06:08 GMT >> Server: Apache/2.2.22 (Debian) >> X-Frame-Options: SAMEORIGIN >> X-XSS-Protection: 1; mode=block >> X-Content-Type-Options: nosniff >> Strict-Transport-Security: max-age=15768000 >> Last-Modified: Fri, 18 Mar 2016 20:43:59 GMT >> Accept-Ranges: bytes >> Content-Length: 269 >> Cache-Control: max-age=0 >> Expires: Tue, 29 Mar 2016 18:06:08 GMT >> Keep-Alive: timeout=15, max=100 >> Connection: Keep-Alive >> Content-Type: text/plain >> Content-Language: en >> Length: 269 [text/plain] >> Saving to: ‘latest.yml’ I believe that Cache-control: max-age=0 header, which appears to be already there, actually causes the browser to revalidate every time, therefore producing an additional hit, even if the response for unchanged files is a body-empty "304 Not Modified". Both "max-age" and Expire should reflect your expectation of how long the IDF is likely to remain valid (1 day? 1 week? 1 month?). Using ETag is just an alternate way to reduce the network traffic, by giving the revalidating server another way to tell whether the IDF is stale other than If-Not-Modified-Since, i.e. If-None-Match, but won't reduce the validation hits: that's a job for Cache-Control and Expire. Disclaimer: I'm not a caching guru, but this resource may help https://www.mnot.net/cache_docs/ Cheers -- G -- Giorgio Maone https://maone.net ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] Server-side caching settings of IDF
Hi Giorgio, Giorgio Maone wrote (29 Mar 2016 23:06:08 GMT) : > I believe that > Cache-control: max-age=0 > header, which appears to be already there, actually causes the browser > to revalidate every time, therefore producing an additional hit, even if > the response for unchanged files is a body-empty "304 Not Modified". Confirmed! > Both "max-age" and Expire should reflect your expectation of how long > the IDF is likely to remain valid (1 day? 1 week? 1 month?). Right. The server now sets both Cache-Control and Expires headers to "last access time + 2 hours", for IDFs. How can I verify, from the client side, that DAVE honors these? Using some Firefox developer tool, perhaps? > Disclaimer: I'm not a caching guru, but this resource may help > https://www.mnot.net/cache_docs/ Thanks, this was helpful :) Cheers, -- intrigeri ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] Server-side caching settings of IDF
Hi Giorgio, intrigeri wrote (02 Apr 2016 14:21:18 GMT) : > Right. The server now sets both Cache-Control and Expires headers to > "last access time + 2 hours", for IDFs. > How can I verify, from the client side, that DAVE honors these? > Using some Firefox developer tool, perhaps? Ping? Cheers, -- intrigeri ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] Server-side caching settings of IDF
On 25/04/2016 18:18, intrigeri wrote: >> Right. The server now sets both Cache-Control and Expires headers to >> "last access time + 2 hours", for IDFs. >> How can I verify, from the client side, that DAVE honors these? >> Using some Firefox developer tool, perhaps? > Yep, ctrl+k, "Net" tab. -- G ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] Server-side caching settings of IDF
Hi Giorgio, Giorgio Maone wrote (25 Apr 2016 17:31:01 GMT) : > On 25/04/2016 18:18, intrigeri wrote: >>> Right. The server now sets both Cache-Control and Expires headers to >>> "last access time + 2 hours", for IDFs. >>> How can I verify, from the client side, that DAVE honors these? >>> Using some Firefox developer tool, perhaps? >> > Yep, ctrl+k, "Net" tab. I've navigated through a few pages of our Installation Assistant, and it seems to me that DAVE fetches the body every time. The response header always includes: Cache-Control: max-age=7200, must-revalidate Last-Modified: Fri, 20 May 2016 21:11:45 GMT ... and: Date: Tue, 24 May 2016 14:40:00 GMT Expires: Tue, 24 May 2016 16:40:00 GMT + a few seconds for both, corresponding to when I've loaded the new page. FWIW, the request headers always include: Pragma: no-cache Cache-Control: no-cache If I use "Edit and resend" to remove these two headers twice, the next request still downloads the body and presumably caches it, since the next request takes the body from the cache. It seems to me that the whole point of enabling server-side caching was to enable DAVE to avoid fetching latest.yml for every visited page, but apparently that's not enough. So perhaps DAVE should not send these two headers? Or did I miss something? Cheers, -- intrigeri ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] Server-side caching settings of IDF
Hi intrigeri, On 24/05/2016 16:56, intrigeri wrote: > > FWIW, the request headers always include: > > Pragma: no-cache > Cache-Control: no-cache Good catch! https://labs.riseup.net/code/issues/11304#change-58146 Sorry for not having noticed it earlier :( -- Giorgio Maone https://maone.net ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] Server-side caching settings of IDF
Giorgio Maone wrote (25 May 2016 22:43:06 GMT) : > Good catch! > https://labs.riseup.net/code/issues/11304#change-58146 FTR I've tested this and replied directly on the ticket. Cheers, -- intrigeri ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] Server-side caching settings of IDF [Was: Dynamically changing ISO URL in DAVE]
intrigeri: > Giorgio Maone wrote (13 Feb 2016 13:23:00 GMT) : >> Whenever a page matching the pattern for a possible UI page (i.e. >> "https://tails.boum.org/*";), DAVE currently fetches the IDF. This is >> basically the only way to fix https://labs.riseup.net/code/issues/10685, >> as noted in https://labs.riseup.net/code/issues/10685#note-5 > >> Of course you can and should limit the actual network activity by >> properly using Chache-Control and/or ETag headers. > > By the way, did you IA+DAVE folks already check if the server-side > Cache-Control / ETag settings are OK for the IDF? (I vaguely remember > sajolida noticing weird stats in the access logs, that might be caused > by suboptimal HTTP server settings.) I know that I haven't requested anything special to r...@boum.org for this file and the stats I got look like it's not cached properly. But I don't know much about these things myself. Here is a full HTTP request. Should we add "Cache-Control" and "ETag", and remove "Expires"? $ wget --server-response https://tails.boum.org/install/v1/Tails/i386/stable/latest.yml --2016-03-29 18:06:06-- https://tails.boum.org/install/v1/Tails/i386/stable/latest.yml Resolving tails.boum.org (tails.boum.org)... 204.13.164.188 Connecting to tails.boum.org (tails.boum.org)|204.13.164.188|:443... connected. HTTP request sent, awaiting response... HTTP/1.1 200 OK Date: Tue, 29 Mar 2016 18:06:08 GMT Server: Apache/2.2.22 (Debian) X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=15768000 Last-Modified: Fri, 18 Mar 2016 20:43:59 GMT Accept-Ranges: bytes Content-Length: 269 Cache-Control: max-age=0 Expires: Tue, 29 Mar 2016 18:06:08 GMT Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/plain Content-Language: en Length: 269 [text/plain] Saving to: ‘latest.yml’ latest.yml 100%[==>] 269 --.-KB/s in 0s 2016-03-29 18:06:09 (2.59 MB/s) - ‘latest.yml’ saved [269/269] ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
