Uploaded image for project: 'Magnolia'
  1. Magnolia
  2. MAGNOLIA-3291

Offer an SSL-aware cache policy

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 4.3.5
    • Fix Version/s: 4.4.6
    • Component/s: cache
    • Labels:
    • Patch included:
      Yes
    • Magnolia Release:
      4.4.6

      Description

      Quite often you would like to have some pages of your website served SSL-encoded via https (e.g. forms etc.) and the rest regularly via http. In these cases it is the easiest for the editor if he/she can simply check a checkbox in the page properties marking the page as "secure". Then a redirect filter could make sure that the page is actually served via https or vice versa when navigating from a secure page to a regular one.

      Say /foo/bar.html is marked as "secure" in the page properties. Redirecting from http://www.mydomain.com/context/foo/bar.html to https://www.mydomain.com/context/foo/bar.html however will not work with the default caching mechanism. The first request to /foo/bar.html (via http) will return a redirect to https. This redirect is then cached and all subsequent requests for /foo/bar.html (via http AND https) will return the cached redirect... leading to endless redirects.

      The proposed extension (see attached patch and classes) will solve this problem by providing an SSLAware cache policy. It extends the default cache policy and simply also takes in respect if the request for a page was secure or not.

        Attachments

        1. ssl_aware_caching.patch
          0.7 kB
        2. SSLAware.java
          3 kB
        3. SSLAwareCacheKey.java
          3 kB

          Activity

            People

            Assignee:
            ochytil Ondrej Chytil
            Reporter:
            will Will Scheidegger
            Votes:
            1 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Date of First Response:

                Time Tracking

                Estimated:
                Original Estimate - 0.5h
                0.5h
                Remaining:
                Remaining Estimate - 0.5h
                0.5h
                Logged:
                Time Spent - Not Specified
                Not Specified