Hi Vincent,

HAProxy does not follow the max-age in the Cache-Control anyway.
Here is what the configuration would look like:

backend X
  http-request cache-use cors if METH_OPTIONS
  http-response cache-store cors if METH_OPTIONS

cache cors
 total-max-size 64
 max-object-size 1024
 max-age 60

You see, the time the object will be cached by HAProxy is defined in your
cache storage bucket.


On Wed, Aug 7, 2019 at 1:47 PM GALLISSOT VINCENT <vincent.gallis...@m6.fr>

> Hi there,
> May I add that, in the CORS implementation, there is a specific header
> used for the caching duration: *Access-Control-Max-Age*
> This header is supported by most of browsers and its specification is
> available : https://fetch.spec.whatwg.org/#http-access-control-max-age
> One would think of using this header value instead of the well known
> Cache-Control header when dealing with CORS and OPTIONS requests.
> Cheers,
> Vincent
> ------------------------------
> *De :* Baptiste <bed...@gmail.com>
> *Envoyé :* mercredi 7 août 2019 12:38
> *À :* HAProxy; William Lallemand
> *Objet :* [cache] allow caching of OPTIONS request
> Hi there,
> Please find in attachement a couple of patches to allow caching responses
> to OPTIONS requests, used in CORS pattern.
> In modern API where CORS is applied, there may be a bunch of OPTIONS
> requests coming in to the API servers, so caching these responses will
> improve API response time and lower the load on the servers.
> Given that HAProxy does not yet support the Vary header, this means this
> feature is useful in a single case, when the server send the following
> header "set access-control-allow-origin: *".
> William, can you check if my patches look correct, or if this is totally
> wrong and then I'll open an issue on github for tracking this one.
> Baptiste

Reply via email to