[Bug 63988] New: Cache-control not honoured if Expires invalid (Backport failure, RFC violation)

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[Bug 63988] New: Cache-control not honoured if Expires invalid (Backport failure, RFC violation)

Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=63988

            Bug ID: 63988
           Summary: Cache-control not honoured if Expires invalid
                    (Backport failure, RFC violation)
           Product: Apache httpd-2
           Version: 2.4.41
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: major
          Priority: P2
         Component: mod_cache
          Assignee: [hidden email]
          Reporter: [hidden email]
  Target Milestone: ---

The 2.5-HEAD branch includes a patch (r1833876), which was backported to the
2.4 branch in r1834241. Unfortunately, a chunk of the diff was missed from the
backport, making 2.4 still non-RFC compliant with RFC7234
(https://tools.ietf.org/html/rfc7234#page-28) and previous iterations.

An interdiff of the 2 commits is as follows:

only in patch2:
unchanged:
--- mod_cache.c (revision 1833876)
+++ mod_cache.c (working copy)
@@ -1040,8 +1040,11 @@
     if (reason) {
         /* noop */
     }
-    else if (exps != NULL && exp == APR_DATE_BAD) {
-        /* if a broken Expires header is present, don't cache it */
+    else if (!control.s_maxage && !control.max_age && !dconf->store_expired
+             && exps != NULL && exp == APR_DATE_BAD) {
+        /* if a broken Expires header is present, don't cache it
+         * Unless CC: s-maxage or max-age is present
+         */
         reason = apr_pstrcat(p, "Broken expires header: ", exps, NULL);
     }
     else if (!control.s_maxage && !control.max_age

I am marking the ticket as major because of the increased server load etc that
results from this issue.

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 63988] Cache-control not honoured if Expires invalid (Backport failure, RFC violation)

Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=63988

--- Comment #1 from Christophe JAILLET <[hidden email]> ---
Hi,

not sure to understand.

http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/cache/mod_cache.c?diff_format=h&r1=1834241&r2=1834240&pathrev=1834241

http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/mod_cache.c?diff_format=h&r1=1833876&r2=1833875&pathrev=1833876

are exactly the same.

Could you double-check or elaborate?

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

[Bug 63988] Cache-control not honoured if Expires invalid (Backport failure, RFC violation)

Bugzilla from bugzilla@apache.org
In reply to this post by Bugzilla from bugzilla@apache.org
https://bz.apache.org/bugzilla/show_bug.cgi?id=63988

--- Comment #2 from Nigel Cunningham <[hidden email]> ---
Yes, I agree that they are there. Interesting.

When I downloaded the SVN and compared them, they weren't the same. And when I
checked the RHEL package source, it was lacking that fragment too. I can't dig
further right now, but I'll get back to you as soon as I can. Hopefully I'll be
able to say it's a fail on my part :)

Thanks for the quick response!

Nigel

--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]