From: Garri Djavadyan <garryd@comnet.uz>
Date: Thu, 15 Dec 2016 09:03:42 +0000 (+1300)
Subject: Bug 2258: bypassing cache but not destroying cache entry
X-Git-Tag: SQUID_3_5_23~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1494ae45fe1bb994832d32c28637a19eba323a0d;p=thirdparty%2Fsquid.git

Bug 2258: bypassing cache but not destroying cache entry
---

diff --git a/src/HttpRequest.cc b/src/HttpRequest.cc
index f686251079..a2c7afdc09 100644
--- a/src/HttpRequest.cc
+++ b/src/HttpRequest.cc
@@ -576,8 +576,13 @@ HttpRequest::maybeCacheable()
         if (!method.respMaybeCacheable())
             return false;
 
-        // XXX: this would seem the correct place to detect request cache-controls
-        //      no-store, private and related which block cacheability
+        // RFC 7234 section 5.2.1.5:
+        // "cache MUST NOT store any part of either this request or any response to it"
+        //
+        // NP: refresh_pattern ignore-no-store only applies to response messages
+        //     this test is handling request message CC header.
+        if (!flags.ignoreCc && cache_control && cache_control->noStore())
+            return false;
         break;
 
     case AnyP::PROTO_GOPHER:
diff --git a/src/http.cc b/src/http.cc
index 59dd308c9f..88eff99490 100644
--- a/src/http.cc
+++ b/src/http.cc
@@ -191,6 +191,12 @@ httpMaybeRemovePublic(StoreEntry * e, Http::StatusCode status)
     if (!EBIT_TEST(e->flags, KEY_PRIVATE))
         return;
 
+    // If the new/incoming response cannot be stored, then it does not
+    // compete with the old stored response for the public key, and the
+    // old stored response should be left as is.
+    if (e->mem_obj->request && !e->mem_obj->request->flags.cachable)
+        return;
+
     switch (status) {
 
     case Http::scOkay: