| Summary: | Protocol Violation: Expires should be overridden by Max-age directive | ||
|---|---|---|---|
| Product: | Apache httpd-2 | Reporter: | Srinivasa Ragavan <sragavan> |
| Component: | mod_cache | Assignee: | Apache HTTPD Bugs Mailing List <bugs> |
| Status: | CLOSED FIXED | ||
| Severity: | normal | CC: | sragavan |
| Priority: | P3 | ||
| Version: | 2.0.46 | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | other | ||
| Attachments: | if and only if maxage = -1 (NOT Specified), then Expires header is taken into account | ||
Created attachment 7149 [details]
if and only if maxage = -1 (NOT Specified), then Expires header is taken into account
This issue has already been diagnosed and has already been addressed in the 2.1-dev branch. Thank you for your effort in diagnosing this issue. |
When the proxy server sends max-age and Expires for a response like Cache-Control: max-age=10 Expires: <some future date> After 10 seconds this response should be stale in the proxy cache. But The server still responds from the cache because of Expires header. It is not overridded as per the RFC. "If a response includes both an Expires header and a max-age directive, the max-age directive overrides the Expires header, even if the Expires header is more restrictive. This rule allows an origin server to provide, for a given response, a longer expiration time to an HTTP/1.1 (or later) cache than to an HTTP/1.0 cache." When max-age is specified, the expiration comparison should not include EXPIRES header.