[magnolia-dev] [JIRA] Updated: (MAGNOLIA-3291) Offer an SSL-aware cache policy

Tue, 08 Nov 2011 22:13:07 -0800 

     [ 
http://jira.magnolia-cms.com/browse/MAGNOLIA-3291?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Will Scheidegger updated MAGNOLIA-3291:
---------------------------------------

    Attachment:     (was: SSLAwareCacheKey.java)

> Offer an SSL-aware cache policy
> -------------------------------
>
>                 Key: MAGNOLIA-3291
>                 URL: http://jira.magnolia-cms.com/browse/MAGNOLIA-3291
>             Project: Magnolia
>          Issue Type: Improvement
>      Security Level: Public
>          Components: cache
>    Affects Versions: 4.3.5
>            Reporter: Will Scheidegger
>            Assignee: Boris Kraft
>            Priority: Minor
>         Attachments: ssl_aware_caching.patch, SSLAware.java, 
> SSLAwareCacheKey.java
>
>   Original Estimate: 0.5h
>  Remaining Estimate: 0.5h
>
> Quite often you would like to have some pages of your website served 
> SSL-encoded via https (e.g. forms etc.) and the rest regularly via http. In 
> these cases it is the easiest for the editor if he/she can simply check a 
> checkbox in the page properties marking the page as "secure". Then a redirect 
> filter could make sure that the page is actually served via https or vice 
> versa when navigating from a secure page to a regular one.
> Say /foo/bar.html is marked as "secure" in the page properties. Redirecting 
> from http://www.mydomain.com/context/foo/bar.html to 
> https://www.mydomain.com/context/foo/bar.html however will not work with the 
> default caching mechanism. The first request to /foo/bar.html (via http) will 
> return a redirect to https. This redirect is then cached and all subsequent 
> requests for /foo/bar.html (via http AND https) will return the cached 
> redirect... leading to endless redirects.
> The proposed extension (see attached patch and classes) will solve this 
> problem by providing an SSLAware cache policy. It extends the default cache 
> policy and simply also takes in respect if the request for a page was secure 
> or not.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://jira.magnolia-cms.com/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        


----------------------------------------------------------------
For list details, see: http://www.magnolia-cms.com/community/mailing-lists.html
Alternatively, use our forums: http://forum.magnolia-cms.com/
To unsubscribe, E-mail to: <[email protected]>
----------------------------------------------------------------

Reply via email to