[squid-users] HTTP Headers & caching

From: Bruce Badger <bwbadger@dont-contact.us>
Date: Tue, 2 Aug 2005 09:37:25 +1000

I have checked the FAQ, but I failed to get any clues from there.

I have a simple HTTP server which sits behind a Squid 3 reverse proxy.
 Some of the dynamic content is only available for logged in users,
and we have Squid do the RFC 2617 authentication for us.

If the origin HTTP server goes down (it does happen :-/) Squid returns
a cached response rather than an error message. This is bad because
the cached response may have been generated for another user of the
system, and so may contain sinsitive information.

Now, I *thought* I had set up the HTTP headers in these responses to
tell squid to *not* cache them, but clearly I have not understood
something. Here are the headers (as seen from a browser hitting
Squid):

HTTP/1.x 200 OK

Cache-Control: public, max-age=0

Etag: "MemberHomePage+43"

Last-Modified: Mon, 01 Aug 2005 21:39:51 GMT

Server: Swazoo/0.9.76-bb (Sydney)

Date: Mon, 01 Aug 2005 21:39:51 GMT

Content-Type: text/html

Content-Length: 4576

X-Cache: MISS from squid.xxx.net

X-Cache-Lookup: HIT from squid.xxx.net:80

Via: 1.0 squid.xxx.net (squid/3.0-PRE3-CVS)

Connection: keep-alive

So, my expectation was that the max-age would mean that no cached
responses would be served - clearly wrong.

Could someone point out my mistake, and perhaps point me to the place
in the mountain of documentation I should be looking?

Many thanks,
     Bruce
Received on Mon Aug 01 2005 - 17:37:49 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Sep 01 2005 - 12:00:01 MDT