parameter file name.
<p>Manual squid.conf update may be required on upgrade.
+ <tag>refresh_pattern</tag>
+ <p>Removed <em>ignore-auth</em>. Its commonly desired behaviour is
+ performed by default with correct HTTP/1.1 revalidation.
+ <p>Removed <em>ignore-must-revalidate</em>. Other more HTTP compliant
+ directives can be used to prevent objects from caching.
+
<tag>sslcrtd_children</tag>
<p>New parameter <em>queue-size=</em> to set the maximum number
of queued requests.
bool reload_into_ims;
bool ignore_reload;
bool ignore_no_store;
- bool ignore_must_revalidate;
bool ignore_private;
#endif
} flags;
break;
}
- for (R = Config.Refresh; R; R = R->next) {
- if (!R->flags.ignore_must_revalidate)
- continue;
- debugs(22, DBG_IMPORTANT, "WARNING: use of 'ignore-must-revalidate' in 'refresh_pattern' violates HTTP");
- break;
- }
-
for (R = Config.Refresh; R; R = R->next) {
if (!R->flags.ignore_private)
continue;
if (head->flags.ignore_no_store)
storeAppendPrintf(entry, " ignore-no-store");
- if (head->flags.ignore_must_revalidate)
- storeAppendPrintf(entry, " ignore-must-revalidate");
-
if (head->flags.ignore_private)
storeAppendPrintf(entry, " ignore-private");
#endif
int reload_into_ims = 0;
int ignore_reload = 0;
int ignore_no_store = 0;
- int ignore_must_revalidate = 0;
int ignore_private = 0;
#endif
store_stale = 1;
} else if (!strncmp(token, "max-stale=", 10)) {
max_stale = xatoi(token + 10);
+
#if USE_HTTP_VIOLATIONS
} else if (!strcmp(token, "override-expire"))
override_lastmod = 1;
else if (!strcmp(token, "ignore-no-store"))
ignore_no_store = 1;
- else if (!strcmp(token, "ignore-must-revalidate"))
- ignore_must_revalidate = 1;
else if (!strcmp(token, "ignore-private"))
ignore_private = 1;
- else if (!strcmp(token, "ignore-auth"))
- debugs(22, DBG_PARSE_NOTE(2), "UPGRADE: refresh_pattern option 'ignore-auth' is obsolete. Remove it.");
else if (!strcmp(token, "reload-into-ims")) {
reload_into_ims = 1;
refresh_nocache_hack = 1;
/* tell client_side.c that this is used */
#endif
- } else if (!strcmp(token, "ignore-no-cache")) {
- debugs(22, DBG_PARSE_NOTE(2), "UPGRADE: refresh_pattern option 'ignore-no-cache' is obsolete. Remove it.");
+ } else if (!strcmp(token, "ignore-no-cache") ||
+ !strcmp(token, "ignore-must-revalidate") ||
+ !strcmp(token, "ignore-auth")
+ ) {
+ debugs(22, DBG_PARSE_NOTE(2), "UPGRADE: refresh_pattern option '" << token << "' is obsolete. Remove it.");
} else
debugs(22, DBG_CRITICAL, "refreshAddToList: Unknown option '" << pattern << "': " << token);
}
if (ignore_no_store)
t->flags.ignore_no_store = true;
- if (ignore_must_revalidate)
- t->flags.ignore_must_revalidate = true;
-
if (ignore_private)
t->flags.ignore_private = true;
#endif
reload-into-ims
ignore-reload
ignore-no-store
- ignore-must-revalidate
ignore-private
- ignore-auth
max-stale=NN
refresh-ims
store-stale
the HTTP standard. Enabling this feature could make you
liable for problems which it causes.
- ignore-must-revalidate ignores any ``Cache-Control: must-revalidate``
- headers received from a server. Doing this VIOLATES
- the HTTP standard. Enabling this feature could make you
- liable for problems which it causes.
-
ignore-private ignores any ``Cache-control: private''
headers received from a server. Doing this VIOLATES
the HTTP standard. Enabling this feature could make you
liable for problems which it causes.
- ignore-auth caches responses to requests with authorization,
- as if the originserver had sent ``Cache-control: public''
- in the response header. Doing this VIOLATES the HTTP standard.
- Enabling this feature could make you liable for problems which
- it causes.
-
refresh-ims causes squid to contact the origin server
when a client issues an If-Modified-Since request. This
ensures that the client will receive an updated version
mayStore = true;
// HTTPbis pt6 section 3.2: a response CC:must-revalidate is present
- } else if (rep->cache_control->mustRevalidate() && !REFRESH_OVERRIDE(ignore_must_revalidate)) {
+ } else if (rep->cache_control->mustRevalidate()) {
debugs(22, 3, HERE << "Authenticated but server reply Cache-Control:must-revalidate");
mayStore = true;
// HTTPbis WG verdict on this is that it is omitted from the spec due to being 'unexpected' by
// some. The caching+revalidate is not exactly unsafe though with Squids interpretation of no-cache
// (without parameters) as equivalent to must-revalidate in the reply.
- } else if (rep->cache_control->hasNoCache() && rep->cache_control->noCache().size() == 0 && !REFRESH_OVERRIDE(ignore_must_revalidate)) {
+ } else if (rep->cache_control->hasNoCache() && rep->cache_control->noCache().size() == 0) {
debugs(22, 3, HERE << "Authenticated but server reply Cache-Control:no-cache (equivalent to must-revalidate)");
mayStore = true;
#endif
* Cache-Control: proxy-revalidate
* the spec says the response must always be revalidated if stale.
*/
- if (EBIT_TEST(entry->flags, ENTRY_REVALIDATE) && staleness > -1
-#if USE_HTTP_VIOLATIONS
- && !R->flags.ignore_must_revalidate
-#endif
- ) {
- debugs(22, 3, "YES: Must revalidate stale object (origin set must-revalidate or proxy-revalidate)");
+ if (EBIT_TEST(entry->flags, ENTRY_REVALIDATE) && staleness > -1) {
+ debugs(22, 3, "YES: Must revalidate stale object (origin set must-revalidate, proxy-revalidate, no-cache, s-maxage, or private)");
if (request)
request->flags.failOnValidationError = true;
return STALE_MUST_REVALIDATE;
projects / thirdparty / squid.git / commitdiff
