Re: [squid-users] Kinder, gentler ignore-auth option

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Mon, 21 May 2007 23:58:16 +0200

mån 2007-05-21 klockan 17:39 -0400 skrev Benno Blumenthal:

> But I wrote in part because I couldn't be sure which way ignore-auth was
> intended: it would be nice if the documentation were explicit about the
> header equivalent.

It's intended for public material on an authenticated server. I.e. where
the server should have responded with "Cache-Control: public" to allow
caching even if the request included authentication credentials.

Hmm.. you are right. The documentation in squid.conf.default is a bit
misleading on this. I'll fix it up.

                ignore-auth caches responses to requests with authorization,
                as if the originserver had sent ``Cache-control: public''
                in the response header. Doing this VIOLATES the HTTP standard.
                Enabling this feature could make you liable for problems which
                it causes.

Regards
Henrik

Received on Mon May 21 2007 - 15:58:22 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Jun 01 2007 - 12:00:05 MDT