On 18/03/11 16:08, N3O wrote:
> Hello
> i'm using squid 3.1.11 as a reverse proxy.
> Is it possible to cache pages that show the no-cache, no-store
> directives in their http headers?
"no-cache" do get cached. It only means that existing cached copies are
not to be sent to the requestor.
"no-store" is set on pages which are absolutely not allowed to be stored
to any long-term media. ie cached.
> Server: Apache/2.0.52 (Red Hat)
> Set-Cookie: PHPSESSID=de2721c82ebc2be4b9a388d2e6e3d66c; path=/
> Expires: Thu, 19 Nov 1981 08:52:00 GMT
> Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
In this case private indicates that the object contains some private
information. Caching this on a reverse-proxy will result in the cached
copy and thus the private information to be sent to all visitors. Major
personal info leakage usually resulting.
Are you fighting with PHP defaults? the php.ini setting
session.cache_limiter can be turned to not add things. The app NEEDS to
be setting its own correctly with that off, may off-the-shelf seem to
rely on the defaults.
Amos
-- Please be using Current Stable Squid 2.7.STABLE9 or 3.1.11 Beta testers wanted for 3.2.0.5Received on Fri Mar 18 2011 - 03:26:50 MDT
This archive was generated by hypermail 2.2.0 : Fri Mar 18 2011 - 12:00:03 MDT