apache
Ignore malformed Cache-Control directives per RFC 7234
Detect and ignore Cache-Control directives that are malformed (e.g., using semicolons instead of commas). When the parser cannot fully consume a Cache-Control directive value, leaving unparsed non-whitespace content, the directive is treated as unrecognized and ignored per RFC 7234 Section 5.2.
For example, a malformed header such as 'public; max-age=30' (note the incorrect semicolon separator) would previously set the 'public' bit but ignore the unparsed 'max-age=30', causing the response to be cached with incorrect heuristic lifetimes. Not only is this incorrect per the RFC, but the intended max-age was, from the user's perspective, mysteriously ignored. Now the entire malformed directive is ignored, allowing default caching rules to apply correctly.
Fixes: #12029
Not to prevent this one ... but is it worth doing a quick look at https://cache-tests.fyi/#cc-parse to see if there are other quick wins nearby? For instance, I think the current web page is saying ATS isn't handling
- Does HTTP cache ignore max-age with space before the =?
- Does HTTP cache ignore max-age with space after the =?
- HTTP cache must not reuse a response with a single-quoted Cache-Control: max-age
Not to prevent this one ... but is it worth doing a quick look at https://cache-tests.fyi/#cc-parse to see if there are other quick wins nearby? For instance, I think the current web page is saying ATS isn't handling
- Does HTTP cache ignore max-age with space before the =?
- Does HTTP cache ignore max-age with space after the =?
- HTTP cache must not reuse a response with a single-quoted Cache-Control: max-age
Thank you @mlibbey . I updated the code for these conditions as well and beefed up the tests for it too.