Skip to content

[HttpKernel] Correctly merge max-age/s-maxage and Expires headers #58376

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 3, 2024
Merged

[HttpKernel] Correctly merge max-age/s-maxage and Expires headers #58376

merged 1 commit into from
Oct 3, 2024

Conversation

aschempp
Copy link
Contributor

Q A
Branch? 5.4
Bug fix? yes
New feature? no
Deprecations? no
Issues Fix contao/contao#7494
License MIT

The ResponseCacheStrategy does not currently merge Expires and Cache-Control: max-age/s-maxage headers. Before #41665 this was not an issue, because if not all respones had all headers, they were not added to the final reponse. And we could assume a response itself is consistent between Expires and max-age.

@mpdude added heuristic caching of public responses in #41665. Unfortunately, it only looks at Cache-Control: public but if should also check if no cache information (max-age/s-maxage/Expires) is present. If that were the case, the behavior would not have changed. But it now leads to inconsistent header values because it independently keeps Expires and max-age/s-maxage.

This PR does not only fix the heuristic caching, but also merges Expires and Cache-Control headers to make sure only the lowest value is retained across all headers. For semi-BC reasons I also made sure to only add an Expires header if any of the responses contains one.

@carsonbot carsonbot added this to the 5.4 milestone Sep 24, 2024
aschempp
aschempp commented Sep 24, 2024
View reviewed changes
src/Symfony/Component/HttpKernel/Tests/HttpCache/ResponseCacheStrategyTest.php
@@ -371,7 +429,7 @@ public static function cacheControlMergingProvider()
];

yield 'merge max-age and s-maxage' => [
['public' => true, 'max-age' => '60'],
['public' => true, 'max-age' => null, 's-maxage' => '60'],
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If one response has max-age and the other has s-maxage, the final response should only have a s-maxage header and no max-age (since we don't know the "private" value for one of the responses).

@aschempp aschempp mentioned this pull request Sep 24, 2024
Open
@aschempp
Copy link
Contributor Author

BTW this will cause upstream merge issues because the ResponseCacheStrategy has received new features in Symfony 6 (see #42355). Not sure how to deal with that, should I open a second PR for Symfony 6?

@aschempp
Copy link
Contributor Author

Failing test is unrelated (5.4 branch is failing without this PR as well)

@OskarStark OskarStark changed the title [HttpKernel] Correctly merge max-age/s-maxage and Expires headers [HttpKernel] Correctly merge max-age/s-maxage and Expires headers Sep 27, 2024
@nicolas-grekas
Copy link
Member

Thank you @aschempp.

@nicolas-grekas nicolas-grekas merged commit 908a91f into symfony:5.4 Oct 3, 2024
10 of 12 checks passed
@mpdude
Copy link
Contributor

mpdude commented Oct 4, 2024

Thank you Andreas

@aschempp aschempp deleted the fix/response-strategy branch October 8, 2024 09:31
This was referenced Oct 27, 2024
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nicolas-grekas nicolas-grekas nicolas-grekas approved these changes

@Toflar Toflar Toflar approved these changes

@mtarld mtarld mtarld approved these changes

@chalasr chalasr chalasr approved these changes

Assignees
No one assigned
Labels
Bug HttpKernel Status: Reviewed
Projects
None yet
Milestone
5.4
Development

Successfully merging this pull request may close these issues.
7 participants
@aschempp @nicolas-grekas @mpdude @Toflar @mtarld @chalasr @carsonbot