[
https://issues.apache.org/jira/browse/HTTPCLIENT-1384?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13723931#comment-13723931
]
Nicolas Richeton commented on HTTPCLIENT-1384:
----------------------------------------------
Hi Jon,
If I understand the code correctly, the CachingExec flush the cache before
processing the request.
public CloseableHttpResponse execute(...) throws IOException, HttpException {
...
if (clientRequestsOurOptions(request)) {
...
}
final HttpResponse fatalErrorResponse =
getFatallyNoncompliantResponse(request, context);
if (fatalErrorResponse != null) {
return Proxies.enhanceResponse(fatalErrorResponse);
}
....
flushEntriesInvalidatedByRequest(route.getTargetHost(), request);
<-- Flush cache
if (!cacheableRequestPolicy.isServableFromCache(request)) {
log.debug("Request is not servable from cache");
return callBackend(route, request, context, execAware);
}
final HttpCacheEntry entry = satisfyFromCache(target, request);
if (entry == null) {
return handleCacheMiss(route, request, context, execAware);
} else {
return handleCacheHit(route, request, context, execAware, entry);
}
}
I already made a unit test in our application and cache is flushed even with
error responses.
I'll adapt it to HttpClientCache test cases.
> Expose CacheInvalidator in CachingHttpClientBuilder
> ---------------------------------------------------
>
> Key: HTTPCLIENT-1384
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1384
> Project: HttpComponents HttpClient
> Issue Type: Wish
> Components: HttpCache
> Affects Versions: 4.2.5, 4.3 Beta2
> Reporter: Nicolas Richeton
>
> There is currently no way to customize the CacheInvalidator. Could it be
> possible to allow setting a CacheInvalidator in CachingHttpClientBuilder
> (eg. CachingHttpClientBuilder#setCacheInvalidator())
> Our use case :
> - HttpClientCache is used in a Caching Reverse Proxy (shared cache, exposed
> to public connections)
> - We have to ensure the cache cannot be flush by a random user.
> - The default CacheInvalidator flushes all variants of an URI when receiving
> anything other than GET, HEAD (compliant with RFC)
> - It is currently possible for a user to flush the whole cache by sending
> POST requests of all uri (this may be harmful even only on a home page).
> While it is not RFC-compliant, we need at least the ability to prevent
> invalidation in CacheInvalidator#flushInvalidatedCacheEntriesFor and/or
> control invalidation with custom method (PURGE) and other criteria (like
> remote ip)
> The same applies to HttpClientCache 4.2.5: CachingHttpClient which does not
> allow provide a custom CacheInvalidator
> Would this sound ok for you ?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
