[
https://issues.apache.org/jira/browse/HTTPCLIENT-1384?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nicolas Richeton updated HTTPCLIENT-1384:
-----------------------------------------
Attachment: httpclient-patch.txt
Here is a new patch, based on latest trunk.
This patch moves the remaining invalidation method from BasicHttpCache to
HttpCacheInvalidator.
The unit test in now included and pass with an overridden cache invalidator.
I've added back the setter for CacheKeyGenerator on the builder, as it required
to ensure that the cache invalidator uses the same key generator as the http
cache. It could be removed with the proper documentation on the
HttpCacheInvalidator interface, explaining why implementations MUST use the
default key generator from HttpClient.
I've also improved the javadoc.
This patch includes only the minimum changes to allow successful overriding of
the cache invalidator and should be applied to correctly fix this issue.
I think we should continue refactoring (maybe on another issue) and merge
HttpCacheInvalidator#flushCacheEntriesFor( HttpHost host, HttpRequest request)
into HttpCacheInvalidator#flushInvalidatedCacheEntriesFor(HttpHost host,
HttpRequest request, HttpResponse response).
These 2 methods are called in CachingExec#handleBackendResponse and
flushCacheEntriesFor lacks the response object which is required to check the
response status. Having only 2 methods (before and after request) would also be
easier to understand.
> Expose CacheInvalidator in CachingHttpClientBuilder
> ---------------------------------------------------
>
> Key: HTTPCLIENT-1384
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1384
> Project: HttpComponents HttpClient
> Issue Type: Wish
> Components: HttpCache
> Affects Versions: 4.2.5, 4.3 Beta2
> Reporter: Nicolas Richeton
> Fix For: 4.3 Final
>
> Attachments: httpclient-patch.txt, patch.txt
>
>
> There is currently no way to customize the CacheInvalidator. Could it be
> possible to allow setting a CacheInvalidator in CachingHttpClientBuilder
> (eg. CachingHttpClientBuilder#setCacheInvalidator())
> Our use case :
> - HttpClientCache is used in a Caching Reverse Proxy (shared cache, exposed
> to public connections)
> - We have to ensure the cache cannot be flush by a random user.
> - The default CacheInvalidator flushes all variants of an URI when receiving
> anything other than GET, HEAD (compliant with RFC)
> - It is currently possible for a user to flush the whole cache by sending
> POST requests of all uri (this may be harmful even only on a home page).
> While it is not RFC-compliant, we need at least the ability to prevent
> invalidation in CacheInvalidator#flushInvalidatedCacheEntriesFor and/or
> control invalidation with custom method (PURGE) and other criteria (like
> remote ip)
> The same applies to HttpClientCache 4.2.5: CachingHttpClient which does not
> allow provide a custom CacheInvalidator
> Would this sound ok for you ?
--
This message was sent by Atlassian JIRA
(v6.1#6144)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
