BUG/MEDIUM: cache: don't cache the response on no-cache="set-cookie"

If the server mentions no-cache="set-cookie" in the response headers,
we must guarantee that any set-cookie field will not be stored. We
cannot edit the stored response on the fly to trim the set-cookie
header so we can refrain from storing a response containing such a
header. In theory we could use TX_SCK_PRESENT for this but this one
is only set when the cookie is being watched by the configuration.
Since these responses are not very frequent and often accompanied
with a set-cookie header, let's simply refrain from caching whenever
such directive is present.

This needs to be backported to 1.8.

diff --git a/src/cache.c b/src/cache.c
index a75c1aa8b8455614f9222f00f5d80c7070f90427..39d8196ac1ed12ba944c158dda2cf051e4908041 100644 (file)
--- a/src/cache.c
+++ b/src/cache.c
@@ -433,7 +433,7 @@ enum act_return http_action_store_cache(struct act_rule *rule, struct proxy *px,
 
        check_response_for_cacheability(s, &s->res);
 
-       if (!(txn->flags & TX_CACHEABLE))
+       if (!(txn->flags & TX_CACHEABLE) || !(txn->flags & TX_CACHE_COOK))
                goto out;
 
        if ((msg->sov + msg->body_len) > (global.tune.bufsize - global.tune.maxrewrite))