mod_cache: Honour Cache-Control: no-store in a request.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1479222 13f79535-47bb-0310-9956-ffa450edef68
2025-08-01 07:26:57 +03:00 · 2013-05-05 01:12:48 +00:00
parent 4d2b3c1a7d
commit 0eb8aa4a48
5 changed files with 64 additions and 16 deletions
--- a/2
+++ b/2
@ -1,6 +1,8 @@
                                                         -*- coding: utf-8 -*-
 Changes with Apache 2.5.0

+  *) mod_cache: Honour Cache-Control: no-store in a request. [Graham Leggett]
+
  *) mod_cache: RFC2616 14.9.3 The s-maxage directive also implies the
     semantics of the proxy-revalidate directive. [Graham Leggett]

--- a/modules/cache/cache_storage.c
+++ b/modules/cache/cache_storage.c
@ -199,6 +199,13 @@ int cache_select(cache_request_rec *cache, request_rec *r)
        return DECLINED;
    }

+    /* if no-cache, we can't serve from the cache, but we may store to the
+     * cache.
+     */
+    if (!ap_cache_check_no_cache(cache, r)) {
+        return DECLINED;
+    }
+
    if (!cache->key) {
        rv = cache_generate_key(r, r->pool, &cache->key);
        if (rv != APR_SUCCESS) {
@ -206,10 +213,6 @@ int cache_select(cache_request_rec *cache, request_rec *r)
        }
    }

-    if (!ap_cache_check_allowed(cache, r)) {
-        return DECLINED;
-    }
-
    /* go through the cache types till we get a match */
    h = apr_palloc(r->pool, sizeof(cache_handle_t));

--- a/modules/cache/cache_util.c
+++ b/modules/cache/cache_util.c
@ -410,9 +410,9 @@ apr_status_t cache_remove_lock(cache_server_conf *conf,
    return apr_file_remove(lockname, r->pool);
 }

-CACHE_DECLARE(int) ap_cache_check_allowed(cache_request_rec *cache, request_rec *r) {
-    const char *cc_req;
-    const char *pragma;
+int ap_cache_check_no_cache(cache_request_rec *cache, request_rec *r)
+{
+
    cache_server_conf *conf =
      (cache_server_conf *)ap_get_module_config(r->server->module_config,
                                                &cache_module);
@ -427,16 +427,15 @@ CACHE_DECLARE(int) ap_cache_check_allowed(cache_request_rec *cache, request_rec
     * - RFC2616 14.9.4 End to end reload, Cache-Control: no-cache, or Pragma:
     * no-cache. The server MUST NOT use a cached copy when responding to such
     * a request.
-     *
-     * - RFC2616 14.9.2 What May be Stored by Caches. If Cache-Control:
-     * no-store arrives, do not serve from the cache.
     */

    /* This value comes from the client's initial request. */
-    cc_req = apr_table_get(r->headers_in, "Cache-Control");
-    pragma = apr_table_get(r->headers_in, "Pragma");
-
-    ap_cache_control(r, &cache->control_in, cc_req, pragma, r->headers_in);
+    if (!cache->control_in.parsed) {
+        const char *cc_req = cache_table_getm(r->pool, r->headers_in,
+                "Cache-Control");
+        const char *pragma = cache_table_getm(r->pool, r->headers_in, "Pragma");
+        ap_cache_control(r, &cache->control_in, cc_req, pragma, r->headers_in);
+    }

    if (cache->control_in.no_cache) {

@ -451,6 +450,32 @@ CACHE_DECLARE(int) ap_cache_check_allowed(cache_request_rec *cache, request_rec
        }
    }

+    return 1;
+}
+
+int ap_cache_check_no_store(cache_request_rec *cache, request_rec *r)
+{
+
+    cache_server_conf *conf =
+      (cache_server_conf *)ap_get_module_config(r->server->module_config,
+                                                &cache_module);
+
+    /*
+     * At this point, we may have data cached, but the request may have
+     * specified that cached data may not be used in a response.
+     *
+     * - RFC2616 14.9.2 What May be Stored by Caches. If Cache-Control:
+     * no-store arrives, do not serve from or store to the cache.
+     */
+
+    /* This value comes from the client's initial request. */
+    if (!cache->control_in.parsed) {
+        const char *cc_req = cache_table_getm(r->pool, r->headers_in,
+                "Cache-Control");
+        const char *pragma = cache_table_getm(r->pool, r->headers_in, "Pragma");
+        ap_cache_control(r, &cache->control_in, cc_req, pragma, r->headers_in);
+    }
+
    if (cache->control_in.no_store) {

        if (!conf->ignorecachecontrol) {
@ -468,7 +493,6 @@ CACHE_DECLARE(int) ap_cache_check_allowed(cache_request_rec *cache, request_rec
    return 1;
 }

-
 int cache_check_freshness(cache_handle_t *h, cache_request_rec *cache,
        request_rec *r)
 {
--- a/modules/cache/cache_util.h
+++ b/modules/cache/cache_util.h
@ -239,7 +239,16 @@ typedef struct {
 * @param r request_rec
 * @return 0 ==> cache object may not be served, 1 ==> cache object may be served
 */
-CACHE_DECLARE(int) ap_cache_check_allowed(cache_request_rec *cache, request_rec *r);
+int ap_cache_check_no_cache(cache_request_rec *cache, request_rec *r);
+
+/**
+ * Check the whether the request allows a cached object to be stored as per RFC2616
+ * section 14.9.2 (What May be Stored by Caches)
+ * @param cache cache_request_rec
+ * @param r request_rec
+ * @return 0 ==> cache object may not be served, 1 ==> cache object may be served
+ */
+int ap_cache_check_no_store(cache_request_rec *cache, request_rec *r);

 /**
 * Check the freshness of the cache object per RFC2616 section 13.2 (Expiration Model)
--- a/modules/cache/mod_cache.c
+++ b/modules/cache/mod_cache.c
@ -102,6 +102,9 @@ static int cache_quick_handler(request_rec *r, int lookup)
    /*
     * Are we allowed to serve cached info at all?
     */
+    if (!ap_cache_check_no_store(cache, r)) {
+        return DECLINED;
+    }

    /* find certain cache controlling headers */
    auth = apr_table_get(r->headers_in, "Authorization");
@ -401,6 +404,13 @@ static int cache_handler(request_rec *r)
    /* save away the possible providers */
    cache->providers = providers;

+    /*
+     * Are we allowed to serve cached info at all?
+     */
+    if (!ap_cache_check_no_store(cache, r)) {
+        return DECLINED;
+    }
+
    /* Are we PUT/POST/DELETE? If so, prepare to invalidate the cached entities.
     */
    switch (r->method_number) {