caching and cookies

From: Joel Gallun <>
Date: Mon, 14 Apr 1997 15:35:53 -0400

I've run into my first problem with squid. It appears that squid's
caching of cookies breaks the login protocol which our online
service uses.

When a user of our service first logs in a cookie gets set. It appears
that squid caches it privately, which I assume means only for a single
client IP address. Because in our environment IP addresses are assigned
dynamically, the next client system that is assigned a previously used
IP address gets the last users cookie, I think. Here's the snippet of
code that caches the entry with the cookie:

             * Dealing with cookies is quite a bit more complicated
             * than this. Ideally we should strip the cookie
             * header from the reply but still cache the reply body.
             * More confusion at draft-ietf-http-state-mgmt-05.txt.
            else if (EBIT_TEST(reply->misc_headers, HDR_SET_COOKIE))

My questions are:

1. Does my analysis of the situation make sense?

2. How do I not cache the entry in this case? Change that branch of
   the if/then/else to just do nothing?

Thanks in advance,

Received on Mon Apr 14 1997 - 13:02:04 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:34:59 MST