bneradt opened a new pull request, #12670: URL: https://github.com/apache/trafficserver/pull/12670
Detect and reject responses with malformed Cache-Control headers where directives are not properly comma-separated (e.g., using semicolons). When the parser cannot fully consume a Cache-Control value, leaving unparsed non-whitespace content, the header is considered malformed and no-store is set to prevent caching with incomplete information. This prevents responses from being cached with incorrect lifetimes due to partially parsed directives. For example, 'Cache-Control: public; max-age=30' (note the malformed semicolon separator) would previously cache the response based on 'public' but ignore the 'max-age=30', resulting in heuristic caching with the wrong duration. Fixes: #12029 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
