On 23/02/2014 4:19 p.m., Rajiv Desai wrote: > Hi, > > I use ignore-auth for caching urls with signature and that works great. > For some endpoints, signature is added as a query (which is otherwise > an "Authorization" header). Is there a way to perhaps ignore-query? > > Currently, I see that replies are cached even when they have queries, > however query is a part of the url and thereby a part of the key used > for the object stored in cache. > Due to this I don't get a cache hit for a subsequent GET request which > has a different temporal signature. Yes. These are different resources. At least that is what the URL says. One different set of content for each auth'd users account ... > > I understand why the default behavior is to do what it does and the > implications of unauthorized access without signature verification. > However, for my use case bypassing signature verification with squid > cache is useful and appropriate. > > > Please let me know if there is a workaround with which all query > parameters can be ignore for caching purpose. In the latest Squid (3.4+) you can use a store-ID helper to de-duplicate the URLs by having it tell Squid to use a URL without those parameters as the cache key. However be VERY sure that this server is not changing any of the actual object content per-user. Oterwise you could have users cache-busting each others content and causing you even worse bandwidth waste than you have already. Amos
