Opened 20 months ago

Last modified 20 months ago

#964 accepted defect

Expires header incorrectly prioritised over Cache-Control: max-age

Reported by: cbranch@… Owned by:
Priority: minor Milestone:
Component: nginx-core Version: 1.9.x
Keywords: Cc:
Sensitive: no
uname -a: Linux cbranch-vm 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt25-2 (2016-04-08) x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.9.7 built by gcc 4.9.2 (Debian 4.9.2-10)

Description

When using nginx as a caching reverse proxy, items may be cached for the wrong amount of time if the Expires header is inconsistent with max-age. Caching will be disabled if the Expires header value is in the past or malformed.

Per RFC 2616 section 14.9.3, max-age takes precedence over Expires. However, nginx prefers whichever header/directive occurs first in the response, which causes unexpected results when migrating to nginx from an RFC-compilant caching reverse proxy.

A minimally-reproducible config is attached. Observe that no file is cached when accessing http://127.0.0.2:8080/fail, but a file is cached when accessing http://127.0.0.2:8080/success.

Attachments (1)

nginx.conf (828 bytes) - added by cbranch@… 20 months ago.

Download all attachments as: .zip

Change History (2)

Changed 20 months ago by cbranch@…

comment:1 Changed 20 months ago by mdounin

  • Component changed from documentation to nginx-core
  • Status changed from new to accepted

The description isn't really correct: nginx prefers Cache-Control over Expires. But if Expires is given first and disables caching, nginx won't cache the response. This is believed to be correct, though may be suboptimal in some cases.

See 6a3ab6fdd70f for some additional details on the current behaviour. Previous attempts to address things can be found in this thread.

Note: See TracTickets for help on using tickets.