On Sat, Oct 23, 2004 at 10:46:52AM -0700, Justin Erenkrantz wrote:
> --On Friday, October 15, 2004 10:48 AM +0200 R?diger Pl?m
> <[EMAIL PROTECTED]> wrote:
>
> >please find attached a new more general approch to prevent cookies from
> >being stored in the cache.
> >As proposed by Justin I replaced my original CacheStoreCookies directive
> >with the more
> >general CacheIgnoreHeaders directive. So far I only tested it for myself.
> >If someone could test / have a look at it, it would be nice and
> >appreciated.
> >Meanwhile I try to
> >get additional testers and will report about the results later.
>
> Looks good. I committed a variant of the patch to HEAD, and have proposed
> it for backport to 2.0.x. Thanks! -- justin
I'd like to see this patch backported to 2.0.x as well.
At our jsp sites (approx 6 million hits per day) we use apache as a reverse
caching proxy for tomcat. Tomcat (that is to say: the j2ee spec) more or
less insists on creating sessions for everything. Often, web-applications
built by third parties don't get all the details of setting http caching
headers exactly right (if at all,..) So, we often see Set-cookie headers on
cachable pages. Prior to apache 2.0.50 this wasn't a very big issue; these
pages would be cached, many people would be using the same cookie and that
was that. However, after apache-2.0.50 apache would store cookies as well.
This resulted in storing multiple cookies for the same web page which
confused tomcat to the point of breaking.
Because of this we're more or less forced to keep on using 2.0.49 until all
webapps are fixed. Most webapps however will probably never be fixed, so we
may have to resort to extrema measures as putting apache-2.0.52 in front of
apache-2.0.49, as in:
internet--2.0.52[without caching]--2.0.49[with caching]--tomcat
Fortunately the CacheIgnoreHeaders patch solves exactly this problem for us!
We use it in production on rather busy sites and it works perfectly.
Since I'd rather use regular apache-2.0.x versions instead of CVS checkouts,
I'd like to see this patch backported to 2.0.x, please.
--
Dick Snippe - Publieke Omroep Internet Services
Mediacentrum kamer 138 Sumatralaan 45 Hilversum \ fight war
tel +31 35 6774252, email [EMAIL PROTECTED] []() \ not wars
