On tor, 2008-08-28 at 14:38 +1000, Mark Nottingham wrote:
> One of the things that came up in Sydney briefly was whether the stale-
> while-revalidate and max-stale refresh_pattern options would be better
> expressed as ACLs.
Yes...
> Taking this a bit further, could/should the same be true of the rest
> of the refresh_pattern options (and perhaps of the patterns themselves)?
Yes..
refresh_pattern regex matching really is a bit too blunt tool for what
it's being used for today.
The big question is how it should be expressed.
And to be honest the Squid acl system too is a bit too limited and
arcane to most users..
Ideally I'd like to see a more structured classification system unifying
a lot of the acl driven directives & refresh_pattern.. (well, two, one
early on the request, and one late when the response is known)
I vision a nested tree of matches (acl) and operators
(allow/deny/refresh_pattern/outgoing_ip/tos/no-cache/ignore-xxx/deny_info/logmessage/peergroup/...).
But it requires a different parser which is not single line oriented as
you can not express a tree on a single line in a meaningful manner..
request_access {
if [!]acls.. {
if [!]acls.. {
...
}
...
accept
}
deny
}
Regards
Henrik
This archive was generated by hypermail 2.2.0 : Fri Aug 29 2008 - 12:00:06 MDT