Discussion:
httpclient-cache caches HEAD requests with missing body
Tobias Gesellchen
2018-04-28 19:49:14 UTC
Permalink
Hi all,

since httpclient-cache 4.4 HEAD requests can be cached with a `null` response body. Subsequent GET requests to the same target then use the headers "If-None-Match" and "If-Modified-Since" to leverage caching via HTTP protocol. In that case a server can respond with status code 304 and an empty response body, which leads to an invalid cache entry.

You can find example logs along with a mini app to demonstrate the issue at https://github.com/gesellix/httpclient-cache-demo.
I have already prepared a simple fix (based on httpclient-cache 4.5.5) at https://github.com/gesellix/httpcomponents-client/tree/disable-cache-for-null-resource.

My questions are:
1) did I miss some detail or use the cache library in a wrong way?
2) would the proposed fix be a good candidate for a pull request?

Thanks!
Tobias


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-***@hc.apache.org
For additional commands, e-mail: httpclient-users-***@hc.apache.org
Oleg Kalnichevski
2018-04-29 11:10:35 UTC
Permalink
Post by Tobias Gesellchen
Hi all,
since httpclient-cache 4.4 HEAD requests can be cached with a `null`
response body. Subsequent GET requests to the same target then use
the headers "If-None-Match" and "If-Modified-Since" to leverage
caching via HTTP protocol. In that case a server can respond with
status code 304 and an empty response body, which leads to an invalid
cache entry.
You can find example logs along with a mini app to demonstrate the
issue at https://github.com/gesellix/httpclient-cache-demo.
I have already prepared a simple fix (based on httpclient-cache
4.5.5) at https://github.com/gesellix/httpcomponents-client/tree/disa
ble-cache-for-null-resource.
1) did I miss some detail or use the cache library in a wrong way?
2) would the proposed fix be a good candidate for a pull request?
Thanks!
Tobias
Hi Tobias

The fix you are proposing looks good to me but I would like someone
with a more in-depth knowledge of caching to take a look at it. Could
you please raise a JIRA for this issue, raise a PR at GitHub and
reference that PR from JIRA? I'll try to get Jon to take a quick look
at your patch.

Cheers

Oleg

---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-***@hc.apache.org
For additional commands, e-mail: httpclient-users-***@hc.apache.org
Tobias Gesellchen
2018-04-29 13:15:28 UTC
Permalink
Post by Oleg Kalnichevski
Post by Tobias Gesellchen
Hi all,
since httpclient-cache 4.4 HEAD requests can be cached with a `null`
response body. Subsequent GET requests to the same target then use
the headers "If-None-Match" and "If-Modified-Since" to leverage
caching via HTTP protocol. In that case a server can respond with
status code 304 and an empty response body, which leads to an invalid
cache entry.
You can find example logs along with a mini app to demonstrate the
issue at https://github.com/gesellix/httpclient-cache-demo.
I have already prepared a simple fix (based on httpclient-cache
4.5.5) at https://github.com/gesellix/httpcomponents-client/tree/disa
ble-cache-for-null-resource.
1) did I miss some detail or use the cache library in a wrong way?
2) would the proposed fix be a good candidate for a pull request?
Thanks!
Tobias
Hi Tobias
The fix you are proposing looks good to me but I would like someone
with a more in-depth knowledge of caching to take a look at it. Could
you please raise a JIRA for this issue, raise a PR at GitHub and
reference that PR from JIRA? I'll try to get Jon to take a quick look
at your patch.
Cheers
Oleg
Hi Oleg,

I've raised https://issues.apache.org/jira/browse/HTTPCLIENT-1920 along with the PR https://github.com/apache/httpcomponents-client/pull/101

Thanks for the quick feedback!

Best,
Tobias


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-users-***@hc.apache.org
For additional commands, e-mail: httpclient-users-***@hc.apache.org
Loading...