From 504455c5336c203ad1462e65a1579e04b02299e8 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Fri, 22 Dec 2017 17:47:35 +0100 Subject: [PATCH] BUG/MEDIUM: cache: respect the request cache-control header Till now if a client emitted a request featureing a cache-control header, this one was not respected and a stale object could still be delievered.r This patch ensures that : - cache-control: no-cache disables retrieval from the cache but does not prevent the newly fetched object from being stored ; - cache-control: no-store can safely retrieve from the cache but prevents from storing any fetched object - cache-control: max-age/max-stale/min-fresh act like no-cache - pragma: no-cache acts like cache-control: no-cache. This needs to be backported to 1.8. --- src/cache.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/cache.c b/src/cache.c index 351276e4df..a75c1aa8b8 100644 --- a/src/cache.c +++ b/src/cache.c @@ -670,9 +670,16 @@ enum act_return http_action_req_cache_use(struct act_rule *rule, struct proxy *p struct cache_entry *res; struct cache *cache = (struct cache *)rule->arg.act.p[0]; + check_request_for_cacheability(s, &s->req); + if ((s->txn->flags & (TX_CACHE_IGNORE|TX_CACHEABLE)) == TX_CACHE_IGNORE) + return ACT_RET_CONT; + if (!sha1_hosturi(s->txn)) return ACT_RET_CONT; + if (s->txn->flags & TX_CACHE_IGNORE) + return ACT_RET_CONT; + shctx_lock(shctx_ptr(cache)); res = entry_exist(cache, s->txn->cache_hash); if (res) { -- 2.47.3