Create a policy for deleting a set-cookie header and cache content data.


<< Back to Knowledge Search

Solution

Overview

For a specific application, a customer needs to create a policy to delete the set-cookie header, and cache the content data from OCS, when the OCS sends a specific HTTP response header as:

Cache-Control: no-cache="set-cookie"

Also, if there is a Vary directive in the HTTP response header, the content should be cached.

Cause
Resolution

Here is the policy to handle an HTTP response header from OCS to ProxySG, which expects the appliance to delete the set-cookie header, and cache the content data.

Cache-Control: public, no-cache="set-cookie"
Set-Cookie: value

For example:

HTTP/1.1 200 OK
Server: Netscape-Enterprise/6.1 AOL
Cache-Control: public, max-age=315360000, s-maxage=315360000, no-cache="set-cookie"
Vary: User-Agent,Accept-Encoding
Set-Cookie: JSESSIONID_LC_Cell02=00000P53BBaYcNWsB75UsG2JtGr:163jk78jh; Path=/;  Domain=.xyz.com
Content-type: text/html
Date: Wed, 18 Aug 2004 19:52:21 GMT
Last-modified: Wed, 18 Aug 2004 19:52:15 GMT
Content-Length: 11
 
Hello World

result:  cached, remove cookie. as:
HTTP/1.1 200 OK
Server: Netscape-Enterprise/6.1 AOL
Cache-Control: public, max-age=315360000, s-maxage=315360000, no-cache="set-cookie"
Vary: User-Agent,Accept-Encoding
Content-type: text/html
Date: Wed, 18 Aug 2004 19:52:21 GMT
Last-modified: Wed, 18 Aug 2004 19:52:15 GMT
Content-Length: 11
Proxy-Connection: Keep-Alive
Connection: Keep-Alive
Age: 19

Hello World

If there is a set-cookie header, but the policy does not contain Cache-Control: public, no-cache="set-cookie", the content is not cached.

If there is a vary header, the content is cached.

This can be applied in local proxy, VPM policy, or through CPL.

 

 Here is the sample policy:

<Cache>
              url.host.substring=my-special-web-url condition=HTTP_Force_Cache cache(yes) force_cache(all)

<Proxy>

              url.host.substring=
my-special-web-url condition=HTTP_Suppress_Cookies action.SuppressCookies(yes)
 
define condition HTTP_Uncacheable

  url.path.regex=my_java_security_check

  url.path.regex=my_special_security_logout

  response.header.Cache-Control=!"((?i)public)"

  response.header.Cache-Control="((?i)private)|((?i)no-store)|(((?i)no-cache)([^=]|$))"

  request.header.Cache-Control="((?i)private)|((?i)no-store)|((?i)no-cache)"

end condition HTTP_Uncacheable

 
define condition HTTP_Set_Cookie

  response.header.Set-Cookie="."

  response.header.Set-Cookie2="."

end condition HTTP_Set_Cookie

 
define condition HTTP_Cacheable_Suppress_Cookies

  response.header.Cache-Control='((?i)no-cache)=("?)((?i)set-cookie)("?)'

end condition HTTP_Cacheable_Suppress_Cookies

 
define condition HTTP_Cacheable_Vary

   response.header.Vary="((?i)user-agent)|((?i)accept-encoding)"  

end condition HTTP_Cacheable_Vary

 
define condition HTTP_Force_Cache

   condition=!HTTP_Uncacheable condition=HTTP_Cacheable_Suppress_Cookies

   condition=!HTTP_Uncacheable condition=!HTTP_Set_Cookie condition=HTTP_Cacheable_Vary

end condition HTTP_Force_Cache

 
define condition HTTP_Suppress_Cookies

   condition=!HTTP_Uncacheable condition=HTTP_Cacheable_Suppress_Cookies

end condition HTTP_Suppress_Cookies

 
define action SuppressCookies

   delete(response.header.Set-Cookie)

   delete(response.header.Set-Cookie2)

end action SuppressCookies

Workaround
Additional Information
Bug Number
InQuira Doc IdKB4948
Attachment

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      ProxySG
Software      SGOS 5, SGOS 6
Topic      Authentication, Control, Installation / Configuration, Policy Management
Article Number      000008807
Summary     
Was this helpful?
Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat