Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validation, Last-Modified and scope of updates #839

Closed
mnot opened this issue Apr 28, 2021 · 1 comment · Fixed by #892
Closed

Validation, Last-Modified and scope of updates #839

mnot opened this issue Apr 28, 2021 · 1 comment · Fixed by #892
Assignees
@mnot
Labels
caching has-proposal

Comments

@mnot
Copy link
Member

mnot commented Apr 28, 2021

Caching 3.4.3 says:

The stored response(s) to update are identified by using the first match (if any) of:
[...]
If the new response contains one or more strong validators (see Section 8.8.1 of [Semantics]), then each of those strong validators identify the selected representation for update. All the stored responses with one of those same strong validators are identified for update.

Semantics 8.8.2.2 says about Last-Modified:

A Last-Modified time, when used as a validator in a request, is implicitly weak unless it is possible to deduce that it is strong, using the following rules:
[...]
The validator is being compared by an intermediate cache to the validator stored in its cache entry for the representation, and [t]hat cache entry includes a Date value which is at least one second after the Last-Modified value and the cache has reason to believe that they were generated by the same clock or that there is enough difference between the Last-Modified and Date values to make clock synchronization issues unlikely.

Because we're saying that validation occurs against all responses for a given URI (see #832), this has the effect of allowing a 304 response with a Last-Modified header to update all of the responses sent for that URI in that second (provided the requirement about Date is met) -- which would lead to e.g., 304 response with Content-Language: English updating other languages. That probably isn't desirable.

The obvious way to fix this is to avoid promoting Last-Modified to a strong validator when it's being used by a cache. However, see #510 -- it's necessary for it to be strong for If-Range.

It might also be worth refining caching 3.4.3 to differentiate between entity-tag updates and last-modified updates.
@mnot mnot added the caching label Apr 28, 2021
@mnot
Copy link
Member Author

mnot commented Jun 10, 2021

In 4.3.5, updating is done like this:

When a cache makes an inbound HEAD request for a target URI and receives a 200 (OK) response, the cache should update or invalidate each of its stored GET responses that could have been selected for that request (see Section 4.1).

Note that it's specified in terms of responses that could have been selected for that request, rather than "stored... responses for the applicable request URI."

If we modified 4.3.4 to specify that responses that could have been selected for the request sent are updated (still subject to further filtering down by any validators in the 304 response), I think it should work.

@mnot mnot self-assigned this Jul 1, 2021
mnot added a commit that referenced this issue Jul 6, 2021
@mnot
Clarify that only selectable responses are updated
3e41573 
Fixes #839.
@mnot mnot mentioned this issue Jul 6, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mnot mnot

Labels
caching has-proposal
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Clarify that only selectable responses are updated httpwg/http-core
1 participant
@mnot