Bug 44518 - Don't set expires header on HTTP redirect.
Summary: Don't set expires header on HTTP redirect.
Status: NEW
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_expires (show other bugs)
Version: 2.5-HEAD
Hardware: All All
: P2 enhancement (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
: 52523 (view as bug list)
Depends on:
Reported: 2008-03-02 14:52 UTC by Tai Lee
Modified: 2015-07-27 05:57 UTC (History)
3 users (show)

patch attempt for issue 4451 (2.92 KB, patch)
2009-09-15 14:16 UTC, Jerome Renard
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Tai Lee 2008-03-02 14:52:48 UTC
I have one Apache2 server setup at the front on port 80 serving static content with ExpiresDefault "access plus 1 week". This server is configured to proxy any requests that don't map to files in the document root to a second Apache2 server, for dynamic content (Django).

This works fine except for when my dynamic application generates a HTTP redirect. On redirect to dynamic content, the first Apache2 server adds an expires header which causes all the major browsers to pull the dynamic page from their cache.

09:34:33 tailee@tetsuo ~$ curl -I http://nicabate.yebisu.3030.com.au/accounts/myaccount
HTTP/1.1 302 Found
Date: Sun, 02 Mar 2008 22:34:54 GMT
Server: Apache/2.2.4 (Ubuntu) mod_python/3.3.1 Python/2.5.1
Vary: Cookie,Accept-Encoding
ETag: d41d8cd98f00b204e9800998ecf8427e
Location: http://nicabate.yebisu.3030.com.au/accounts/login?next=/accounts/myaccount
Content-Type: text/html; charset=utf-8
Cache-Control: max-age=604800
Expires: Sun, 09 Mar 2008 22:34:54 GMT

If I change my httpd.conf to ExpiresDefault "modification plus 1 week" the expires header is NOT set, but this doesn't allow me to always keep static content cached for 1 week from access.

Ideally, Apache2 should not set an expires header on redirects, or at least there should be an option for httpd.conf to disable this behaviour.
Comment 1 Nick Kew 2008-03-02 16:06:10 UTC
Marking as an enhancement request.  An application such as yours that may return different HTTP statuses should traditionally be taking care of its own Expires headers.  But you have a point: this could work as a configuration option.
Comment 2 Jerome Renard 2009-09-15 14:16:50 UTC
Created attachment 24271 [details]
patch attempt for issue 4451

Good evening.

Please find attached a patch which implement this enhancement request.

A new configuration directive has been added : ExpiresIgnoreRedirect

I tested with the following configuration : 

<Directory /Users/jerome/work/www/perso/apache/issues/44518/>
    <IfModule mod_expires.c>
        ExpiresActive On
        # When set to Yes an Expires header will be sent
        # even if a Location header is present
        # Posible values : 'Yes' or 'No'
        # Default value : No
        ExpiresIgnoreRedirect Yes
        ExpiresDefault "access plus 1 year"
        # ExpiresByType text/html M604800

Tested with ExpiresDefault and ExpiresByType and it seems to work fine.

The patch has been generated against SVN trunk.

Any comment/feedback welcome.

Best Regards.
Comment 3 Christophe JAILLET 2015-07-27 05:57:08 UTC
*** Bug 52523 has been marked as a duplicate of this bug. ***