Search squid archive

Re: trouble caching some url

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 15 Nov 2011 09:43:45 -0500, Sergey Yazikov wrote:
Hi, I'm wondering if anyone can help me.

I'm unable to cache the following URL and there is a HTTP header:


http://10.10.202.126/services/json?method=media.getFiles&filters[moderationStatus]=notdenied&filters[parentid]=5050233&filters[context]=comment&noCache=0&sort=upload+DESC&limit=5&start=0&fields[0]=filetype&fields[1]=uid&fields[2]=user_name&fields[3]=votecount&fields[4]=author&fields[5]=upload&fields[6]=message&fields[7]=publicUrl&fields[8]=status&fields[9]=avatar&fields[10]=user_firstname&fields[11]=user_lastname&vhost=123&APIKEY=19b3b6ffe399eb681aa3372cc2cbd6a2

GET

/services/json?method=media.getFiles&filters[moderationStatus]=notdenied&filters[parentid]=5050233&filters[context]=comment&noCache=0&sort=upload+DESC&limit=5&start=0&fields[0]=filetype&fields[1]=uid&fields[2]=user_name&fields[3]=votecount&fields[4]=author&fields[5]=upload&fields[6]=message&fields[7]=publicUrl&fields[8]=status&fields[9]=avatar&fields[10]=user_firstname&fields[11]=user_lastname&vhost=123&APIKEY=19b3b6ffe399eb681aa3372cc2cbd6a2
HTTP/1.1
Host: 10.10.202.126
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:8.0) Gecko/20100101 Firefox/8.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.8,fr-ca;q=0.5,ru;q=0.3
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
DNT: 1
Connection: keep-alive
Cookie: SABRE_ID=8961c05907e412b9bdcfcb3a2364b31a

HTTP/1.0 200 OK
Date: Tue, 15 Nov 2011 14:37:43 GMT
Server: Apache
Accept-Ranges: bytes
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-FM: ip-10-85-159-13
Expires: Thu, 19 Nov 1981 08:52:00 GMT

The object being returned to squid expired in 1981. It should not be cached. Reverse-proxy MAY ignore this provided the max-stale or max-age values are sent by the server.

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0

"no-store" - the object MUST NOT be stored anywhere other than the backend server.

"must-revalidate" - every new request MUST contact the backend server for new data or approval before re-using this object.

"no-cache" - see must-revalidate.

"post-check=0, pre-check=0" - invalid.


Pragma: no-cache
Content-Type: application/json
X-Cache: MISS from ip-10-85-159-13.ec2.internal, MISS from
fmgateway-test.testdmz.pelmorex.com
X-Cache-Lookup: MISS from ip-10-85-159-13.ec2.internal:80, MISS from
fmgateway-test.testdmz.pelmorex.com:80
Via: 1.1 ip-10-85-159-13.ec2.internal:80 (squid), 1.0
fmgateway-test.testdmz.pelmorex.com (squid/3.1.4)
Connection: close

Here is the squid.conf:

[root@fmgateway-test squid]# grep -v ^# /etc/squid/squid.conf
cache_mgr netops@xxxxxxxxxxxx
hosts_file /etc/hosts
visible_hostname fmgateway-test.testdmz.pelmorex.com
cache_effective_user squid
cache_effective_group squid
cache_dir ufs /var/spool/squid 4096 16 256
cache_mem 500 MB
maximum_object_size_in_memory 128 KB
minimum_expiry_time 120 seconds
read_ahead_gap 30 KB
negative_ttl 1 seconds
forward_timeout 30 seconds
connect_timeout 30 seconds
read_timeout 30 seconds
request_timeout 30 seconds

NP: connect_timeout being the same as forward_timeout means that alternative connections cannot be made within forward_timeout.

persistent_request_timeout 1 minute
client_lifetime 20 hours

icp_port 3130
http_port 80 accel defaultsite=api.filemobile.com ignore-cc
cache_peer api.filemobile.com parent 80 0 no-query originserver name=myAccel
acl our_sites dstdomain api.filemobile.com
http_access allow our_sites
cache_peer_access myAccel allow all

acl intsrc src 10.10.6.0/23 10.10.202.0/24 10.10.201.0/24
acl intdst dst 10.10.6.0/23 10.10.202.0/24 10.10.201.0/24
acl apache rep_header Server ^Apache
http_reply_access allow all
url_rewrite_host_header off
acl CONNECT method CONNECT
acl PURGE method PURGE
acl POST method POST
acl QUERY urlpath_regex storage
acl JS urlpath_regex js
no_cache deny QUERY
no_cache deny POST
no_cache deny JS

NOTE: "no_cache" was renamed to "cache" long ago. Remove the "no_" part of all those lines.


Also, "cache deny JS", matches the letters 'j' followed by 's' anywhere in the URL path. For example in '/services/json?'

Also, POST method is never cacheable. You can optimize your cache ACLs a bit by removing "no_cache deny POST" entirely.


http_access allow our_sites

You have "http_access allow our_sites" already listed with cache_peer_access.

http_access allow all
http_access allow intsrc
http_access allow intdst
http_access allow PURGE intsrc
http_access allow PURGE all

Since you only have one http_port, which is configured to set the domain on all requests to "api.filemobile.com". The earlier ACL test "allow our_sites" will always match. Making these http_access lines completely useless. You can remove them, and the other http_access lines below.

icp_access allow all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl internal src 10.10.201.60/32
acl sergey src 10.10.6.164/32
acl dennis src 10.10.6.176/32
http_access allow manager localhost
http_access allow manager internal
cachemgr_passwd 6twN+9Mtl all

NOTE: you had probably better change that password quickly. This is a public mailing list.

request_header_access Via allow all
request_header_access Age deny all
request_header_access X-Cache deny all
request_header_access Etag deny all

ETag is a seriously important header to prevent objects with different binary representations being mixed up. This is a bad idea.


request_header_access Expires deny all

"Expires:" is not a request header.



refresh_pattern -i ^http.*filemobile.com\/services\/php 40 90% 50
override-expire override-lastmod ignore-reload reload-into-ims
ignore-no-cache

refresh_pattern -i ^http.*filemobile.com\/services\/json 10 90% 10
override-expire override-lastmod ignore-reload reload-into-ims
ignore-no-cache reload-into-ims ignore-no-store ignore-must-revalidate

logformat combined %>a '-' '-' [%tl] "%rm %ru %>Hs HTTP/%rv"
"%{User-Agent}>h" %>st %<st %Ss

access_log /var/log/squid/access.log combined
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
buffered_logs on
strip_query_terms

I tried acl's but no result either:

acl GET method GET
acl POST method POST

acl FM_url url_regex ^http//api.filemobile.com/services/json/
cache allow POST FM_url
cache allow GET  FM_url

This might have worked to evade your "deny JS" rule. If you had left off the final '/' after '/json'.

Note how the URL has "/services/json?" instead of "/services/json/?"


I would alter the FM_url ACL definition and write the earlier "no_cache deny JS" line as: cache deny JS !FM_url


Amos


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux