Re: [squid-users] Authorization header

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Mon, 30 Jul 2007 15:59:51 +0200

On mån, 2007-07-30 at 05:04 -0700, Ricardo Newbery wrote:
> Under "How come some objects do not get cached?"
>
> http://wiki.squid-cache.org/SquidFaq/InnerWorkings#head-
> aed2acb07aed79ef1f7a590447b6a45a8dd8e7d1
>
> we read:
>
> > Responses for requests with an Authorization header are cachable
> > ONLY if the reponse includes Cache-Control: Public.
> >
> > Responses with Vary headers are NOT cachable because Squid
> > does not yet support Vary features.
>
>
> The second line is no longer true. Correct?

Correct.

> And regarding the first line, is this behavior overridden if we
> include any "no_cache" or "cache" directives in the squid.conf?

No, only if you include the ignore-auth flag in refresh_pattern.

the cache (aka no_cache) directive can only further limit what Squid can
cache. It can not make otherwise uncacheable content cached. Only
refresh_pattern override flags can do that..

> I'm
> trying to determine if the following Authorization line in my
> squid.conf is superfluous:
>
> acl ac_cookie req_header Cookie [-1] __ac
> acl auth_header req_header Authorization [-1] .*
> cache deny ac_cookie auth_header

> Would I get the same result with just:
>
> acl ac_cookie req_header Cookie [-1] __ac
> cache deny ac_cookie

I would say so yes.

Regards
Henrik
Received on Mon Jul 30 2007 - 08:00:04 MDT

This archive was generated by hypermail pre-2.1.9 : Wed Aug 01 2007 - 12:00:04 MDT