Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 3.1.0.Beta2, 3.0.20.Final
Affects Version/s: 3.0.14.Final
Component/s: None
Labels:
None

Steps to Reproduce:
Hide

Add the @Cache annotation with isPrivate = true & a max-age to a @GET endpoint which for example returns the current date.

Call the endpoint from any browser - you will receive the actual date.

Call the endpoint via curl or any other browser (or make sure you clear your browser cache first), and you will still receive the old date (cause the response is cached server side).
Show
Add the @Cache annotation with isPrivate = true & a max-age to a @GET endpoint which for example returns the current date. Call the endpoint from any browser - you will receive the actual date. Call the endpoint via curl or any other browser (or make sure you clear your browser cache first), and you will still receive the old date (cause the response is cached server side).

Description

My understanding is, that if a HTTP response contains the private flag in the cache-control header field, any 'shared' cache must not store this information. The response is only to be cached by the browser cache for example.

RestEasy offers the annotation @Cache, also with the property 'isPrivate', but having a look at the ServerCacheInterceptor class, it is not taken into account. Every response is put in the cache, as long as:

it is a response to a HTTP GET
the request object does not contain the 'DO_NOT_CACHE_RESPONSE' attribute
the response contains a cache-control header field
and that field is not set to 'no-cache'.

There is no check for flags like private (or no-store) for example. But since it is a public/shared cache for any client, it should have some.

Attachments

Activity

People

Assignee:: Alessio Soldano

Reporter:: Shi Zuma (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2016/06/17 3:42 AM

Updated:: 2017/01/18 5:56 PM

Resolved:: 2016/08/30 6:06 PM