Skip to content

Remove Cache-Control headers from non-cacheable HTTP error responses#18

Merged
chipitsine merged 2 commits intomasterfrom
copilot/remove-cache-control-header-502
Jan 19, 2026
Merged

Remove Cache-Control headers from non-cacheable HTTP error responses#18
chipitsine merged 2 commits intomasterfrom
copilot/remove-cache-control-header-502

Conversation

Copy link

Copilot AI commented Jan 19, 2026
edited
Loading

HAProxy was adding Cache-Control: no-cache to all error responses, including those that are not cacheable by default per RFC 9110 (e.g., 502, 503, 500). This header is redundant for non-cacheable status codes.

Changes

Removed Cache-Control from non-cacheable errors:

  • 4xx: 400, 401, 403, 407, 408, 413, 421, 422, 425, 429, 431
  • 5xx: 500, 502, 503, 504

Retained Cache-Control for cacheable-by-default errors:

  • 200, 404, 405, 410, 414, 501

Modified Files

  • src/http.c: Error message templates
  • examples/errorfiles/*.http: Example error files
  • reg-tests/http-errorfiles/errors/*.http: Test fixtures

Example

Before (502 error):

HTTP/1.1 502 Bad Gateway
Content-length: 107
Cache-Control: no-cache
Content-Type: text/html

After (502 error):

HTTP/1.1 502 Bad Gateway
Content-length: 107
Content-Type: text/html
Original prompt

This section details on the original issue you should resolve

<issue_title>improve adding headers</issue_title>
<issue_description>### Detailed Description of the Problem

when some error happen and haproxy generates 502, it also adds "cache-control: no-cache" which is not required for 502 because according to RFC only 200 and 300 codes might be cached

let us not add cache-control header when not needed

an example of vtest with 502

2026-01-09T21:47:04.3773315Z ##[group]Test case: reg-tests/quic/ssl_client_auth.vtc
2026-01-09T21:47:04.3779102Z **** dT    0.000
2026-01-09T21:47:04.3779494Z *    top   TEST reg-tests/quic/ssl_client_auth.vtc starting
2026-01-09T21:47:04.3780237Z **** top   extmacro def ***
2026-01-09T21:47:04.3780607Z **** top   extmacro def date(...)
2026-01-09T21:47:04.3780996Z **** top   extmacro def string(...)
2026-01-09T21:47:04.3781474Z **** top   extmacro def localhost=127.0.0.1
2026-01-09T21:47:04.3781922Z **** top   extmacro def bad_backend=127.0.0.1:34563
2026-01-09T21:47:04.3782321Z **** top   extmacro def listen_addr=127.0.0.1:0
2026-01-09T21:47:04.3782594Z **** top   extmacro def bad_ip=192.0.2.255
2026-01-09T21:47:04.3782905Z **** top   macro def testdir=/__w/haproxy/haproxy/reg-tests/quic
2026-01-09T21:47:04.3783320Z **** top   macro def tmpdir=/tmp/haregtests-2026-01-09_21-46-08.wFwmm3/vtc.1932.0626274c
2026-01-09T21:47:04.3783689Z **** top   macro def vtcid=vtc.1932.0626274c
2026-01-09T21:47:04.3783948Z **   top   === varnishtest "Test the client auth"
2026-01-09T21:47:04.3784196Z *    top   VTEST Test the client auth
2026-01-09T21:47:04.3784509Z **   top   === feature cmd "$HAPROXY_PROGRAM -cc 'feature(QUIC) && !feature...
2026-01-09T21:47:04.3784969Z **** dT    0.009
2026-01-09T21:47:04.3785263Z **   top   === setenv VTC_SOCK_TYPE quic
2026-01-09T21:47:04.3785825Z **   top   === include ${testdir}/../ssl/ssl_client_auth.vtci
2026-01-09T21:47:04.3786339Z **   top   Begin include '/__w/haproxy/haproxy/reg-tests/quic/../ssl/ssl_client_auth.vtci'
2026-01-09T21:47:04.3786728Z **   top   === feature ignore_unknown_macro
2026-01-09T21:47:04.3786967Z **   top   === server s1 -repeat 3 {
2026-01-09T21:47:04.3787200Z **   s1    Starting server
2026-01-09T21:47:04.3787397Z **** s1    macro def s1_addr=127.0.0.1
2026-01-09T21:47:04.3787622Z **** s1    macro def s1_port=45689
2026-01-09T21:47:04.3787839Z **** s1    macro def s1_sock=127.0.0.1:45689
2026-01-09T21:47:04.3788075Z *    s1    Listen on 127.0.0.1:45689
2026-01-09T21:47:04.3788294Z **   top   === haproxy h1 -conf {
2026-01-09T21:47:04.3788528Z **** h1    macro def h1_closed_sock=127.0.0.1:41491
2026-01-09T21:47:04.3788789Z **** h1    macro def h1_closed_addr=127.0.0.1
2026-01-09T21:47:04.3789022Z **** h1    macro def h1_closed_port=41491
2026-01-09T21:47:04.3789273Z **   s1    Started on 127.0.0.1:45689 (3 iterations)
2026-01-09T21:47:04.3789501Z **** dT    0.011
2026-01-09T21:47:04.3789688Z **** h1    VTC_SOCK_TYPE value: 'quic'
2026-01-09T21:47:04.3789974Z **** h1    macro def h1_cli_sock=127.0.0.1:41851
2026-01-09T21:47:04.3790217Z **** h1    macro def h1_cli_addr=127.0.0.1
2026-01-09T21:47:04.3790440Z **** h1    macro def h1_cli_port=41851
2026-01-09T21:47:04.3790949Z **** h1    setenv(cli, 6) for TCP socket
2026-01-09T21:47:04.3791302Z **** h1    macro def h1_clearlst_sock=127.0.0.1:46825
2026-01-09T21:47:04.3791736Z **** h1    macro def h1_clearlst_addr=127.0.0.1
2026-01-09T21:47:04.3792145Z **** h1    macro def h1_clearlst_port=46825
2026-01-09T21:47:04.3792560Z **** h1    setenv(clearlst, 7) for TCP socket
2026-01-09T21:47:04.3792995Z **** h1    macro def h1_ssl_sock=127.0.0.1:56618
2026-01-09T21:47:04.3793411Z **** h1    macro def h1_ssl_addr=127.0.0.1
2026-01-09T21:47:04.3793804Z **** h1    macro def h1_ssl_port=56618
2026-01-09T21:47:04.3794156Z **** h1    setenv(ssl, 8) for QUIC socket
2026-01-09T21:47:04.3794580Z **   h1    haproxy_start
2026-01-09T21:47:04.3795254Z **** h1    opt_worker 0 opt_daemon 0 opt_check_mode 0 opt_mcli 0
2026-01-09T21:47:04.3796264Z **** h1    argv|exec "/__w/haproxy/haproxy/haproxy" -d -dM -dI -dW  -f "/tmp/haregtests-2026-01-09_21-46-08.wFwmm3/vtc.1932.0626274c/h1/cfg" 
2026-01-09T21:47:04.3796751Z **** h1    conf|    global
2026-01-09T21:47:04.3797199Z **** h1    conf|\tstats socket "/tmp/haregtests-2026-01-09_21-46-08.wFwmm3/vtc.1932.0626274c/h1/stats.sock" level admin mode 600
2026-01-09T21:47:04.3797705Z **** h1    conf|    stats socket "fd@${cli}" level admin
2026-01-09T21:47:04.3797944Z **** h1    conf|
2026-01-09T21:47:04.3798117Z **** h1    conf|    global
2026-01-09T21:47:04.3798382Z **** h1    conf|    .if streq("$VTC_SOCK_TYPE",quic)
2026-01-09T21:47:04.3798806Z **** h1    conf|        # required for backend connections
2026-01-09T21:47:04.3799292Z **** h1    conf|        expose-experimental-directives
2026-01-09T21:47:04.3799729Z **** h1    conf|    .endif
2026-01-09T21:47:04.3800062Z **** h1    conf|    .if feature(THREAD)
2026-01-09T21:47:04.3800293Z **...

</details>



<!-- START COPILOT CODING AGENT SUFFIX -->

- Fixes chipitsine/haproxy#17

<!-- START COPILOT CODING AGENT TIPS -->
---

✨ Let Copilot coding agent [set things up for you](https://github.com/chipitsine/haproxy/issues/new?title=✨+Set+up+Copilot+instructions&body=Configure%20instructions%20for%20this%20repository%20as%20documented%20in%20%5BBest%20practices%20for%20Copilot%20coding%20agent%20in%20your%20repository%5D%28https://gh.io/copilot-coding-agent-tips%29%2E%0A%0A%3COnboard%20this%20repo%3E&assignees=copilot) — coding agent works faster and does higher quality work when set up for your repo.

@chipitsine
Remove unnecessary Cache-Control headers from non-cacheable error res…
a981059 
…ponses

Co-authored-by: chipitsine <2217296+chipitsine@users.noreply.github.com>
Copilot AI changed the title [WIP] Remove cache-control header for 502 responses Remove Cache-Control headers from non-cacheable HTTP error responses Jan 19, 2026
Copilot AI requested a review from chipitsine January 19, 2026 20:35
@chipitsine chipitsine marked this pull request as ready for review January 19, 2026 20:40
@chipitsine chipitsine merged commit 90e096f into master Jan 19, 2026
36 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chipitsine chipitsine Awaiting requested review from chipitsine

Assignees

@chipitsine chipitsine

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@chipitsine