Hello, currently many users of an Argentinian ISP that have deployed
BlueCoat appliances is over-caching all of the blogspot's blogs.
Here an example:
GET / HTTP/1.1
Host: locodelassembly.blogspot.com
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Last-Modified: Sat, 13 Oct 2007 19:17:38 GMT
Cache-Control: max-age=0 private << A comma is missing before
"private"
ETag: "64c8fb95-536b-4642-96bc-e498fd3978da"
Date: Thu, 23 Oct 2008 22:09:49 GMT
X-Content-Type-Options: nosniff
Server: GFE/1.3
Content-Length: 17633
Connection: Keep-Alive
Age: 631 << BlueCoat, in some kind of lawyer attitude took advantage
of the syntax error to have an excuse to give cached response with no
re-validation at all.
I don't know if this is the real version of the proxy-cache but here
it goes:
GET / HTTP/1.1
Host: blogger
HTTP/1.1 302 Found
Server: BlueCoat-Security-Appliance/1.1.00
Location: http://www.blogger.com/
Connection: close
Content-Length: 90
<HTML>
<HEAD><TITLE>Redirection</TITLE></HEAD>
<BODY><H1>Redirect</H1></BODY>
</HTML>
Please if possible fix this up, especially because my ISP is one of
the biggest on Argentina (and Spain) and this is not going unnoticed
and I've heard several people talking about switching to the
competence ;-) (your competitor, the ISP is almost a monopoly already,
hence the ultra low quality of the service...).
The ISP is to be blamed about this of course, but I think that
blogspot should be proxy-cache aware and in fact it seems that aims to
be, it is only that missing comma that it is preventing blogspot to
work properly here.
PS: Other Cache-Control methods that would do the job quite well with
the proxies of my ISP are no-cache, no-store, must-revalidate and
proxy-revalidate. Those that controls caching by timing like max-age
are ignored. The same problem also exists with Expires, it is
completely ignored. A very idiotic configuration of course, this way
sites that tries to alleviate bandwidth utilization by using
expiration times gets cached more than it should and the proxy never
informs the user-agent with a warning header as the RFC says...
PD2: Here a test from another place just to confirm that it is the
Cache-Control header the problem:
First with the following PHP code
<?php
header("Cache-Control: max-age=0 private");
?>
Connected.
GET /bluecoat/test.php HTTP/1.1
Host: hernan83.freestarthost.com
HTTP/1.1 200 OK
Date: Thu, 23 Oct 2008 22:42:40 GMT
Server: Apache/1.3.33 (Unix) mod_ssl/2.8.22 OpenSSL/0.9.7d SE/0.5.3
Cache-Control: max-age=0 private
X-Powered-By: PHP/4.4.0
Content-Type: text/html
Content-Length: 0
Connection: Keep-Alive
Age: 0
Disconnected.
Connected.
GET /bluecoat/test.php HTTP/1.1
Host: hernan83.freestarthost.com
HTTP/1.1 200 OK
Date: Thu, 23 Oct 2008 22:42:40 GMT
Server: Apache/1.3.33 (Unix) mod_ssl/2.8.22 OpenSSL/0.9.7d SE/0.5.3
Cache-Control: max-age=0 private
X-Powered-By: PHP/4.4.0
Content-Type: text/html
Content-Length: 0
Connection: Keep-Alive
Age: 16 << Cached reply
Disconnected.
Now with this PHP code:
<?php
header("Cache-Control: max-age=0, private");
?>
Connected.
GET /bluecoat/test.php HTTP/1.1
Host: hernan83.freestarthost.com
Cache-Control: no-cache << To force the proxy to flush the cache
HTTP/1.1 200 OK
Date: Thu, 23 Oct 2008 22:44:43 GMT
Server: Apache/1.3.33 (Unix) mod_ssl/2.8.22 OpenSSL/0.9.7d SE/0.5.3
Cache-Control: max-age=0, private
X-Powered-By: PHP/4.4.0
Content-Type: text/html
Content-Length: 0
Connection: Keep-Alive
Disconnected.
Now two more tries to verify it is not necessary the client-side Cache-
Control when the server-side Cache-Control is properly made:
Connected.
GET /bluecoat/test.php HTTP/1.1
Host: hernan83.freestarthost.com
HTTP/1.1 200 OK
Date: Thu, 23 Oct 2008 22:44:57 GMT
Server: Apache/1.3.33 (Unix) mod_ssl/2.8.22 OpenSSL/0.9.7d SE/0.5.3
Cache-Control: max-age=0, private
X-Powered-By: PHP/4.4.0
Content-Type: text/html
Content-Length: 0
Connection: Keep-Alive
Disconnected.
Connected.
GET /bluecoat/test.php HTTP/1.1
Host: hernan83.freestarthost.com
HTTP/1.1 200 OK
Date: Thu, 23 Oct 2008 22:45:07 GMT
Server: Apache/1.3.33 (Unix) mod_ssl/2.8.22 OpenSSL/0.9.7d SE/0.5.3
Cache-Control: max-age=0, private
X-Powered-By: PHP/4.4.0
Content-Type: text/html
Content-Length: 0
Connection: Keep-Alive
Disconnected.
