On 8/03/2016 12:26 a.m., Eduard Bagdasaryan wrote: > Hello, > > This patch introduces a new ACL-driven " risky_server_pconn_reuse" option. > This option provides fine-grained control over persistent connection > reuse when forwarding HTTP requests that Squid cannot retry. It is useful > in environments where opening new connections is very expensive > (e.g., all connections are secured with TLS with complex client and server > certificate validation) and race conditions associated with persistent > connections are very rare and/or only cause minor problems. > > Example: > acl SpeedIsWorthTheRisk method POST > risky_server_pconn_reuse allow SpeedIsWorthTheRisk >
* To fit with the rest of the directives this should be called server_pconn_for_nonretriable. * This is not a RFC violation, so you dont need to wrap any of its code in USE_HTTP_VIOLATIONS. The current Squid behaviour was just a hack Alex added years back to prevent the old behaviour this is trying to selectively re-enable now. Since it was causing so many client-visible error messages when we first moved to HTTP/1.1 defaults. * What the risk is should probaly be noted in the documentation; That the requests it enables to re-use pconn can result in 500 errors reaching clients/users eyes if there are any network delivery issues, or the server closes its connection while the request is still bufferd by TCP. * only indent cf.data.pre text with 1 tab, not 2. Amos _______________________________________________ squid-dev mailing list [email protected] http://lists.squid-cache.org/listinfo/squid-dev
