cowboy icon indicating copy to clipboard operation
cowboy copied to clipboard

Published 20 hours ago verified publisher icon ninenines

Always set vary: accept-encoding when compression is enabled

Open tanguilp opened this issue 3 years ago • 1 comments

When compression is enabled, cowboy only sets accept-encoding in the list of headers of the vary header when content is actually compressed.

That is, a response to a request without the Accept-Encoding header will not contain vary: accept-encoding.

As far as I understand, it means for HTTP caches that the response to such a request can be returned even when the Accept-Encoding header is set. As a result, an HTTP cache could return a uncompressed response to an HTTP client that sets the Accept-Encoding header, which is suboptimal.

Not 100% sure about my interpretation of the RFCs here, some links that may help:

  • https://stackoverflow.com/questions/25329405/why-isnt-vary-origin-response-set-on-a-cors-miss
  • https://lists.w3.org/Archives/Public/ietf-http-wg/2004JanMar/0021.html

tanguilp avatar Jul 24 '21 14:07 tanguilp

Another source: https://www.fastly.com/blog/best-practices-using-vary-header#compression-at-work

tanguilp avatar Jul 25 '21 11:07 tanguilp

Good catch, we should always set it. Now the compress handler will always add vary: accept-encoding.

essen avatar Jan 08 '24 09:01 essen