Solutions

Create a policy for deleting a set-cookie header and cache content data.

Solutions ID:    KB4948
Version:    1.0
Status:    Published
Published date:    02/27/2012
 

Problem Description

For a specific application, a customer needs to create a policy to delete the set-cookie header, and cache the content data from OCS, when the OCS sends a specific HTTP response header as:

Cache-Control: no-cache="set-cookie"

Also, if there is a Vary directive in the HTTP response header, the content should be cached.

Resolution

Here is the policy to handle an HTTP response header from OCS to ProxySG, which expects the appliance to delete the set-cookie header, and cache the content data.

Cache-Control: public, no-cache="set-cookie"
Set-Cookie: value

For example:

HTTP/1.1 200 OK
Server: Netscape-Enterprise/6.1 AOL
Cache-Control: public, max-age=315360000, s-maxage=315360000, no-cache="set-cookie"
Vary: User-Agent,Accept-Encoding
Set-Cookie: JSESSIONID_LC_Cell02=00000P53BBaYcNWsB75UsG2JtGr:163jk78jh; Path=/;  Domain=.xyz.com
Content-type: text/html
Date: Wed, 18 Aug 2004 19:52:21 GMT
Last-modified: Wed, 18 Aug 2004 19:52:15 GMT
Content-Length: 11
 
Hello World

result:  cached, remove cookie. as:
HTTP/1.1 200 OK
Server: Netscape-Enterprise/6.1 AOL
Cache-Control: public, max-age=315360000, s-maxage=315360000, no-cache="set-cookie"
Vary: User-Agent,Accept-Encoding
Content-type: text/html
Date: Wed, 18 Aug 2004 19:52:21 GMT
Last-modified: Wed, 18 Aug 2004 19:52:15 GMT
Content-Length: 11
Proxy-Connection: Keep-Alive
Connection: Keep-Alive
Age: 19

Hello World

If there is a set-cookie header, but the policy does not contain Cache-Control: public, no-cache="set-cookie", the content is not cached.

If there is a vary header, the content is cached.

This can be applied in local proxy, VPM policy, or through CPL.

 

 Here is the sample policy:

<Cache>
              url.host.substring=my-special-web-url condition=HTTP_Force_Cache cache(yes) force_cache(all)

<Proxy>

              url.host.substring=
my-special-web-url condition=HTTP_Suppress_Cookies action.SuppressCookies(yes)
 
define condition HTTP_Uncacheable

  url.path.regex=my_java_security_check

  url.path.regex=my_special_security_logout

  response.header.Cache-Control=!"((?i)public)"

  response.header.Cache-Control="((?i)private)|((?i)no-store)|(((?i)no-cache)([^=]|$))"

  request.header.Cache-Control="((?i)private)|((?i)no-store)|((?i)no-cache)"

end condition HTTP_Uncacheable

 
define condition HTTP_Set_Cookie

  response.header.Set-Cookie="."

  response.header.Set-Cookie2="."

end condition HTTP_Set_Cookie

 
define condition HTTP_Cacheable_Suppress_Cookies

  response.header.Cache-Control='((?i)no-cache)=("?)((?i)set-cookie)("?)'

end condition HTTP_Cacheable_Suppress_Cookies

 
define condition HTTP_Cacheable_Vary

   response.header.Vary="((?i)user-agent)|((?i)accept-encoding)"  

end condition HTTP_Cacheable_Vary

 
define condition HTTP_Force_Cache

   condition=!HTTP_Uncacheable condition=HTTP_Cacheable_Suppress_Cookies

   condition=!HTTP_Uncacheable condition=!HTTP_Set_Cookie condition=HTTP_Cacheable_Vary

end condition HTTP_Force_Cache

 
define condition HTTP_Suppress_Cookies

   condition=!HTTP_Uncacheable condition=HTTP_Cacheable_Suppress_Cookies

end condition HTTP_Suppress_Cookies

 
define action SuppressCookies

   delete(response.header.Set-Cookie)

   delete(response.header.Set-Cookie2)

end action SuppressCookies


Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
 
 
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.
 
 

Your response will be used to improve our document content.

Ask a Question