[Varnish] #477: Change defaults to respect Cache-Control: private
Varnish
varnish-bugs at varnish-cache.org
Mon Mar 7 12:49:53 CET 2011
#477: Change defaults to respect Cache-Control: private
----------------------+-----------------------------------------------------
Reporter: olau | Owner: sky
Type: defect | Status: new
Priority: normal | Milestone: Varnish 3.0 dev
Component: varnishd | Version: trunk
Severity: normal | Keywords:
----------------------+-----------------------------------------------------
Changes (by kristian):
* component: build => varnishd
* milestone: => Varnish 3.0 dev
Old description:
> In some cases you'd want to bypass the cache if the web app behind is
> doing something based on the actual connection/request, e.g. inspecting
> the IP address to guestimate the country and then redirecting based on
> that.
>
> In this case, it makes sense to turn off any caches between the web app
> and the browser, but still allow the browser to cache the reply. As I
> read RFC2616, this is what Cache-Control: private is meant for.
>
> Thus I believe the default configuration of Varnish should take Cache-
> Control: private as a hint that the object is not cacheable and let it
> pass. As it is now, default Varnish will share the response between users
> which breaks the web app (this is not just theory, it actually broke mine
> :-).
>
> We talked about it on the mailing list here
>
> http://projects.linpro.no/pipermail/varnish-
> misc/2009-February/002575.html
>
> The only ill effect I can see of it is if you have a really broken
> backend that sends out Cache-Control: private even if it doesn't really
> mean it. But still defaulting to no caching is the safe choice. You can
> always configure Varnish to disregard the header if you know it's fine in
> your case.
New description:
In some cases you'd want to bypass the cache if the web app behind is
doing something based on the actual connection/request, e.g. inspecting
the IP address to guestimate the country and then redirecting based on
that.
In this case, it makes sense to turn off any caches between the web app
and the browser, but still allow the browser to cache the reply. As I read
RFC2616, this is what Cache-Control: private is meant for.
Thus I believe the default configuration of Varnish should take Cache-
Control: private as a hint that the object is not cacheable and let it
pass. As it is now, default Varnish will share the response between users
which breaks the web app (this is not just theory, it actually broke mine
:-).
We talked about it on the mailing list here
http://projects.linpro.no/pipermail/varnish-misc/2009-February/002575.html
The only ill effect I can see of it is if you have a really broken backend
that sends out Cache-Control: private even if it doesn't really mean it.
But still defaulting to no caching is the safe choice. You can always
configure Varnish to disregard the header if you know it's fine in your
case.
--
Comment:
Some discussion ensued... regarding http-bis and others. No clear
conclusion yet, but we should resolve this one way or an other before 3.0.
--
Ticket URL: <http://varnish-cache.org/trac/ticket/477#comment:2>
Varnish <http://varnish-cache.org/>
The Varnish HTTP Accelerator
More information about the varnish-bugs
mailing list