joel@wauug.erols.com writes:
>I've run into my first problem with squid. It appears that squid's
>caching of cookies breaks the login protocol which our online
>service uses.
>
>When a user of our service first logs in a cookie gets set. It appears
>that squid caches it privately, which I assume means only for a single
>client IP address. Because in our environment IP addresses are assigned
>dynamically, the next client system that is assigned a previously used
>IP address gets the last users cookie, I think. Here's the snippet of
>code that caches the entry with the cookie:
>
> /*
> * Dealing with cookies is quite a bit more complicated
> * than this. Ideally we should strip the cookie
> * header from the reply but still cache the reply body.
> * More confusion at draft-ietf-http-state-mgmt-05.txt.
> */
> else if (EBIT_TEST(reply->misc_headers, HDR_SET_COOKIE))
> httpMakePrivate(entry);
>
>My questions are:
>
>1. Does my analysis of the situation make sense?
>
>2. How do I not cache the entry in this case? Change that branch of
> the if/then/else to just do nothing?
httpMakePrivate() makes the object uncachable. Are you sure
the requests are being cached? What does store.log say?
Duane W.
Received on Mon Apr 14 1997 - 13:35:07 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:34:59 MST