Issue with passing Cache-Control: no-cache header to Tomcat during cache misses
Dridi Boukelmoune
dridi at varni.sh
Wed Jun 14 12:54:16 UTC 2023
On Wed, Jun 14, 2023 at 9:02 AM Uday Kumar <uday.polu at indiamart.com> wrote:
>
> Hi Guillaume,
>
> Thanks for the response.
>
> Can you provide us with a log of the transaction please?
>
> I have sent a Request to VARNISH which Contains Cache-Control: no-cache header, we have made sure the request with cache-control header is a MISS with a check in vcl_recv subroutine, so it's a MISS as expected.
>
> The problem as mentioned before:
> Cache-Control: no-cache header is not being passed to the Backend even though its a MISS.
There is this in the code:
> H("Cache-Control", H_Cache_Control, F ) // 2616 14.9
We remove the this header when we create a normal fetch task, hence
the F flag. There's a reference to RFC2616 section 14.9, but this RFC
has been updated by newer documents. Also that section is fairly long
and I don't have time to dissect it, but I suspect the RFC reference
is only here to point to the Cache-Control definition, not the F flag.
I suspect the rationale for the F flag is that on cache misses we act
as a generic client, not just on behalf of the client that triggered
the cache miss. If you want pass-like behavior on a cache miss, you
need to implement it in VCL:
- store cache-control in a different header in vcl_recv
- restore cache-control in vcl_backend_fetch if applicable
Please note that you open yourself to malicious clients forcing
no-cache on your origin server upon cache misses.
Come to think of it, we should probably give Pragma both P and F flags.
Dridi
More information about the varnish-misc
mailing list