mån 2007-05-21 klockan 17:39 -0400 skrev Benno Blumenthal: > Because my client is not a browser, it is a service that analyzes data, > and uses other services to access data, and I wrote the server/client to > let squid do the caching, rather than reinventing the wheel. I am > encouraging the data service in question to label their HTTP responses > correctly (with Cache-Control: public and Vary: Authorization) headers, > but not clear that they will pay any attention to me, a story you > probably have heard before. Ok. So requesting http://user:password@host/path without an Authorization header and refresh_pattern ignore-auth will probably do what you are looking for without the need for Vary magics.. This syntax is a Squid extension of the HTTP URI scheme but following the general Internet URI syntax. Squid automatically translates the user:password part into Basic HTTP authentication when forwarding the request to a web server (but not when forwarding to another proxy). This was implemented to allow url rewriter / redirector helpers to add login details to rewritten requests, but works equally well when received from the client. As the login credentials is in the URL it automatically becomes part of the cache key, avoiding the need for Vary. Hmm.. most likely ignore-auth isn't needed either on such URIs as there is no Authorization header. Regards Henrikm
Attachment:
signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel
