From: Graham Leggett Date: Tue, 7 May 2013 16:16:16 +0000 (+0000) Subject: mod_cache: Ensure that we don't attempt to replace a cached response X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0d6bf1eb709215d1907fcd24604e884bc1100ee9;p=thirdparty%2Fapache%2Fhttpd.git mod_cache: Ensure that we don't attempt to replace a cached response with an older response as per RFC2616 13.12. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1479966 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index b211f1606c5..66a33756211 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,10 @@ -*- coding: utf-8 -*- Changes with Apache 2.5.0 + *) mod_cache: Ensure that we don't attempt to replace a cached response + with an older response as per RFC2616 13.12. [Graham Leggett, Co-Advisor + ] + *) core, mod_cache: Ensure RFC2616 compliance in ap_meets_conditions() with weak validation combined with If-Range and Range headers. Break out explicit conditional header checks to be useable elsewhere in the diff --git a/modules/cache/mod_cache.c b/modules/cache/mod_cache.c index 90a4efa6709..e183b3a257b 100644 --- a/modules/cache/mod_cache.c +++ b/modules/cache/mod_cache.c @@ -1089,6 +1089,25 @@ static apr_status_t cache_save_filter(ap_filter_t *f, apr_bucket_brigade *in) /* or we've been asked not to cache it above */ reason = "r->no_cache present"; } + else if (cache->stale_handle + && APR_DATE_BAD + != (date = apr_date_parse_http( + apr_table_get(r->headers_out, "Date"))) + && date < cache->stale_handle->cache_obj->info.date) { + + /** + * 13.12 Cache Replacement: + * + * Note: a new response that has an older Date header value than + * existing cached responses is not cacheable. + */ + reason = "updated entity is older than cached entity"; + + /* while this response is not cacheable, the previous response still is */ + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(00770) + "cache: Removing CACHE_REMOVE_URL filter."); + ap_remove_output_filter(cache->remove_url_filter); + } else if (r->status == HTTP_NOT_MODIFIED && cache->stale_handle) { apr_table_t *left = cache->stale_handle->resp_hdrs; apr_table_t *right = r->headers_out;