Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Apache module deflate disables server cache #13219

Closed
LukeOwlclaw opened this issue Jan 9, 2015 · 8 comments
Closed

Apache module deflate disables server cache #13219

LukeOwlclaw opened this issue Jan 9, 2015 · 8 comments

Comments

@LukeOwlclaw
Copy link

LukeOwlclaw commented Jan 9, 2015

On my server I had Apache module deflate enabled (sudo a2enmod deflate).
I noticed that my server never returned HTTP response 304 (not modified) but instead always returns the whole document (with HTTP code 200).
Turns out, that there is for many years an issue with handling Etags together with the modified-since headers (-> https://issues.apache.org/bugzilla/show_bug.cgi?id=45023)

Is this an issue which oc should handle gracefully? Maybe by warning the admin? Or can we just ignore it?

One option would be of course to disable deflate module: sudo a2dismod deflate

Another is to rewrite the "If-None-Match" header, sent by the client via .htaccess:

<ifModule mod_headers.c>
    <ifModule mod_deflate.c>
    RequestHeader  edit "If-None-Match" "(.*)-gzip" "$1"
  </ifModule>
</ifModule>

However, this requires: sudo a2enmod headers

@karlitschek
Copy link
Contributor

Yes. We definitely should detect this and give a warning.

@LukasReschke
Copy link
Member

Generally speaking enabling a deflate mechanism is from a security PoV anyways a bad idea when using TLS: https://en.wikipedia.org/wiki/BREACH_%28security_exploit%29

@LukeOwlclaw
Copy link
Author

So then it would be best if during installation deflate was disabled via .htaccess?

<ifModule mod_deflate.c>
   SetEnv no-gzip 1
</ifModule>

@ghost
Copy link

ghost commented Feb 21, 2015

A possible solution was posten a longer time ago here: #4783 (comment)

@PVince81
Copy link
Contributor

PVince81 commented Oct 7, 2016

Hmm, is mod_deflate still corrupting files nowadays ?

@ghost
Copy link

ghost commented Oct 7, 2016

Good question, we still have also #4783 open.

@PVince81
Copy link
Contributor

closing in favor of #4783

@lock
Copy link

lock bot commented Aug 2, 2019

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock bot locked as resolved and limited conversation to collaborators Aug 2, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

5 participants