On 4/01/20 11:49 pm, Andrei Pozolotin wrote: > Alex: > > On 2020-01-03 14:19, Alex Rousskov wrote: >>> Question: how can one force the caching of 302 responses >>> without the Expires header and with Strict-Transport-Security max-age >>> header? >> >> >> You can modify Squid to handle Strict-Transport-Security specially or >> you can write an ICAP or eCAP service that would add a "more standard" >> Cache-Control:max-age header to the response (with even more work, it >> would be possible to drop the added response header before it leaves >> Squid). > > 1. thank you for your suggestions > > 2. just to confirm I got this right: > > there is no way to use any current squid configuration options > or any existing squid plugins to cache 302 responses without Expires > header, > instead must write some brand new code, correct? Expires header is an HTTP/1.0 protocol feature. Its absence has no meaning. The 302 response is explicitly defined in HTTP as a *temporary* object which can change at any time. The *presence* of Cache-Control:max-age or Expires set a minimum time the response is guaranteed not to change. Since your use-case is a software archive mirrors you should investigate whether the objects stored there are truly identical. If they are, the Store-ID feature can be used to de-duplicate the URLs the 302 are pointing at so *they* are cached efficiently. <https://wiki.squid-cache.org/Features/StoreID> Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
