I've run into my first problem with squid. It appears that squid's
caching of cookies breaks the login protocol which our online
service uses.
When a user of our service first logs in a cookie gets set. It appears
that squid caches it privately, which I assume means only for a single
client IP address. Because in our environment IP addresses are assigned
dynamically, the next client system that is assigned a previously used
IP address gets the last users cookie, I think. Here's the snippet of
code that caches the entry with the cookie:
/*
* Dealing with cookies is quite a bit more complicated
* than this. Ideally we should strip the cookie
* header from the reply but still cache the reply body.
* More confusion at draft-ietf-http-state-mgmt-05.txt.
*/
else if (EBIT_TEST(reply->misc_headers, HDR_SET_COOKIE))
httpMakePrivate(entry);
My questions are:
1. Does my analysis of the situation make sense?
2. How do I not cache the entry in this case? Change that branch of
the if/then/else to just do nothing?
Thanks in advance,
Joel
Received on Mon Apr 14 1997 - 13:02:04 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:34:59 MST