Alex Rousskov wrote:
>
>On Fri, 18 Aug 2000, Hirohiko Nakano wrote:
>
>> I use Squid 2.3 Stable 3 on RetHat Linux 6.2. Now, I am planning to
>> design and implement another Http auth scheme, which needs sending
>> auth-info from server to client. I decide to use Pragma: header to
>> transfer auth-info to client (because Authentication-Info: header is
>> not supported by Squid yet).
>>
>> Squid supports "public", "max-age" and "must-revalidate"
>> cache-control directives, so I use these directives to cache
>> authorized response. I am very happy. But, when I (= server) send to
>> 304 response to squid with Pragma: header(including auth-info),
>> Squid sends old (cached) Pragma: header to client! My authentication
>> sheme does not work!
>
>Last time I checked Pragma headers were not allowed in HTTP 304
>responses (along with most other HTTP headers). Are you sure they are
>allowed?
>
>Alex.
>
Thank you for your response.
I checked the latest RFC of HTTP/1.1.
I think that 304HTTP response can include general headers (for example Pragma:).
I think that Pragma header MUST be passed through by a proxy.
My modification is valid to RFC?
How about this probrem?
RFC2616 says:
6 Response
After receiving and interpreting a request message, a server responds with an HTTP response message.
Response = Status-Line ; Section 6.1
*(( general-header ; Section 4.5
| response-header ; Section 6.2
| entity-header ) CRLF) ; Section 7.1
CRLF
[ message-body ] ; Section 7.2
4.5 General Header Fields
There are a few header fields which have general applicability for both request and response messages, but which do not
apply to the entity being transferred. These header fields apply only to the message being transmitted.
general-header = Cache-Control ; Section 14.9
...
| Pragma ; Section 14.32
...
*** Pragma header is a general header. Response messages can include Pragma header. ***
10.3.5 304 Not Modified
If the client has performed a conditional GET request and access is allowed, but the document has not been modified, the
server SHOULD respond with this status code. The 304 response MUST NOT contain a message-body, and thus is always
terminated by the first empty line after the header fields.
...
If the conditional GET used a strong cache validator (see section 13.3.3), the response SHOULD NOT include other
entity-headers. Otherwise (i.e., the conditional GET used a weak validator), the response MUST NOT include other
entity-headers; this prevents inconsistencies between cached entity-bodies and updated headers.
...
If a cache uses a received 304 response to update a cache entry, the cache MUST update the entry to reflect any new
field values given in the response.
*** This section does not mention how to handle general headers. I think Pragma header is allowed in 304responses. ***
14.32 Pragma
The Pragma general-header field is used to include implementation- specific directives that might apply to any recipient
along the request/response chain. All pragma directives specify optional behavior from the viewpoint of the protocol;
however, some systems MAY require that behavior be consistent with the directives.
Pragma = "Pragma" ":" 1#pragma-directive
pragma-directive = "no-cache" | extension-pragma
extension-pragma = token [ "=" ( token | quoted-string ) ]
...
Pragma directives MUST be passed through by a proxy or gateway application, regardless of their significance to that
application, since the directives might be applicable to all recipients along the request/response chain. It is not
possible to specify a pragma for a specific recipient; however, any pragma directive not relevant to a recipient SHOULD
be ignored by that recipient.
...
*** Pragma header MUST be passed through by a proxy. ***
---- Hirohiko Nakano nakano@hp-info.med.osaka-u.ac.jp -- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Sun Aug 20 2000 - 06:59:48 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:54:56 MST