https://bz.apache.org/bugzilla/show_bug.cgi?id=63988
Bug ID: 63988
Summary: Cache-control not honoured if Expires invalid
(Backport failure, RFC violation)
Product: Apache httpd-2
Version: 2.4.41
Hardware: PC
OS: Linux
Status: NEW
Severity: major
Priority: P2
Component: mod_cache
Assignee: bugs@httpd.apache.org
Reporter: nigel@technocrat.com.au
Target Milestone: ---
The 2.5-HEAD branch includes a patch (r1833876), which was backported to the
2.4 branch in r1834241. Unfortunately, a chunk of the diff was missed from the
backport, making 2.4 still non-RFC compliant with RFC7234
(https://tools.ietf.org/html/rfc7234#page-28) and previous iterations.
An interdiff of the 2 commits is as follows:
only in patch2:
unchanged:
--- mod_cache.c (revision 1833876)
+++ mod_cache.c (working copy)
@@ -1040,8 +1040,11 @@
if (reason) {
/* noop */
}
- else if (exps != NULL && exp == APR_DATE_BAD) {
- /* if a broken Expires header is present, don't cache it */
+ else if (!control.s_maxage && !control.max_age && !dconf->store_expired
+ && exps != NULL && exp == APR_DATE_BAD) {
+ /* if a broken Expires header is present, don't cache it
+ * Unless CC: s-maxage or max-age is present
+ */
reason = apr_pstrcat(p, "Broken expires header: ", exps, NULL);
}
else if (!control.s_maxage && !control.max_age
I am marking the ticket as major because of the increased server load etc that
results from this issue.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
Bug ID: 63988
Summary: Cache-control not honoured if Expires invalid
(Backport failure, RFC violation)
Product: Apache httpd-2
Version: 2.4.41
Hardware: PC
OS: Linux
Status: NEW
Severity: major
Priority: P2
Component: mod_cache
Assignee: bugs@httpd.apache.org
Reporter: nigel@technocrat.com.au
Target Milestone: ---
The 2.5-HEAD branch includes a patch (r1833876), which was backported to the
2.4 branch in r1834241. Unfortunately, a chunk of the diff was missed from the
backport, making 2.4 still non-RFC compliant with RFC7234
(https://tools.ietf.org/html/rfc7234#page-28) and previous iterations.
An interdiff of the 2 commits is as follows:
only in patch2:
unchanged:
--- mod_cache.c (revision 1833876)
+++ mod_cache.c (working copy)
@@ -1040,8 +1040,11 @@
if (reason) {
/* noop */
}
- else if (exps != NULL && exp == APR_DATE_BAD) {
- /* if a broken Expires header is present, don't cache it */
+ else if (!control.s_maxage && !control.max_age && !dconf->store_expired
+ && exps != NULL && exp == APR_DATE_BAD) {
+ /* if a broken Expires header is present, don't cache it
+ * Unless CC: s-maxage or max-age is present
+ */
reason = apr_pstrcat(p, "Broken expires header: ", exps, NULL);
}
else if (!control.s_maxage && !control.max_age
I am marking the ticket as major because of the increased server load etc that
results from this issue.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org