MINOR: http: adjust the list of supposedly cacheable methods

We used to have a rule inherited from RFC2616 saying that the POST
method was the only uncacheable one, but things have changed since
and RFC7231+7234 made it clear that in fact only GET/HEAD/OPTIONS/TRACE
are cacheable. Currently this rule is only used to detect cacheable
cookies.

diff --git a/doc/configuration.txt b/doc/configuration.txt
index 87fc567292f1572cf1b078d7f8b41c83089cf903..a4b3652f52a31c58f2769821970f3b3503753875 100644 (file)
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -5440,8 +5440,9 @@ no option checkcache
     - all those without "Set-Cookie" header ;
     - all those with a return code other than 200, 203, 206, 300, 301, 410,
       provided that the server has not set a "Cache-control: public" header ;
-    - all those that come from a POST request, provided that the server has not
-      set a 'Cache-Control: public' header ;
+    - all those that result from a request using a method other than GET, HEAD,
+      OPTIONS, TRACE, provided that the server has not set a 'Cache-Control:
+      public' header field ;
     - those with a 'Pragma: no-cache' header
     - those with a 'Cache-control: private' header
     - those with a 'Cache-control: no-store' header

diff --git a/src/proto_http.c b/src/proto_http.c
index c226d37bd93158604ad1e2d6dcc538b5e9ff905a..ebc72c9e2161ac167a9468e21bc872e9219baffb 100644 (file)
--- a/src/proto_http.c
+++ b/src/proto_http.c
@@ -5398,12 +5398,23 @@ int http_wait_for_response(struct stream *s, struct channel *rep, int an_bit)
                 *    by a cache (...) unless a cache-control
                 *    directive prohibits caching."
                 *
-                * RFC2616 @9.5: POST method :
-                *   "Responses to this method are not cacheable,
-                *    unless the response includes appropriate
-                *    Cache-Control or Expires header fields."
+                * RFC7234#4:
+                *   A cache MUST write through requests with methods
+                *   that are unsafe (Section 4.2.1 of [RFC7231]) to
+                *   the origin server; i.e., a cache is not allowed
+                *   to generate a reply to such a request before
+                *   having forwarded the request and having received
+                *   a corresponding response.
+                *
+                * RFC7231#4.2.1:
+                *   Of the request methods defined by this
+                *   specification, the GET, HEAD, OPTIONS, and TRACE
+                *   methods are defined to be safe.
                 */
-               if (likely(txn->meth != HTTP_METH_POST) &&
+               if (likely(txn->meth == HTTP_METH_GET ||
+                          txn->meth == HTTP_METH_HEAD ||
+                          txn->meth == HTTP_METH_OPTIONS ||
+                          txn->meth == HTTP_METH_TRACE) &&
                    ((s->be->options & PR_O_CHK_CACHE) || (s->be->ck_opts & PR_CK_NOC)))
                        txn->flags |= TX_CACHEABLE | TX_CACHE_COOK;
                break;