Uploaded image for project: 'Magnolia'
  1. Magnolia
  2. MAGNOLIA-3291

Offer an SSL-aware cache policy

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 4.3.5
    • Fix Version/s: 4.4.6
    • Component/s: cache
    • Labels:
    • Patch included:
      Yes

      Description

      Quite often you would like to have some pages of your website served SSL-encoded via https (e.g. forms etc.) and the rest regularly via http. In these cases it is the easiest for the editor if he/she can simply check a checkbox in the page properties marking the page as "secure". Then a redirect filter could make sure that the page is actually served via https or vice versa when navigating from a secure page to a regular one.

      Say /foo/bar.html is marked as "secure" in the page properties. Redirecting from http://www.mydomain.com/context/foo/bar.html to https://www.mydomain.com/context/foo/bar.html however will not work with the default caching mechanism. The first request to /foo/bar.html (via http) will return a redirect to https. This redirect is then cached and all subsequent requests for /foo/bar.html (via http AND https) will return the cached redirect... leading to endless redirects.

      The proposed extension (see attached patch and classes) will solve this problem by providing an SSLAware cache policy. It extends the default cache policy and simply also takes in respect if the request for a page was secure or not.

        Checklists

        Acceptance criteria

          Attachments

          1. ssl_aware_caching.patch
            0.7 kB
          2. SSLAware.java
            3 kB
          3. SSLAwareCacheKey.java
            3 kB

            Activity

              People

              Assignee:
              ochytil Ondrej Chytil
              Reporter:
              will Will Scheidegger
              Votes:
              1 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Date of First Response:

                  Checklists

                  DoD

                    Time Tracking

                    Estimated:
                    Original Estimate - 0.5h
                    0.5h
                    Remaining:
                    Remaining Estimate - 0.5h
                    0.5h
                    Logged:
                    Time Spent - Not Specified
                    Not Specified