[squid-users] ignore-auth when signature is passed as a query

From: Rajiv Desai <rajiv_at_maginatics.com>
Date: Sat, 22 Feb 2014 19:19:56 -0800

Hi,

I use ignore-auth for caching urls with signature and that works great.
For some endpoints, signature is added as a query (which is otherwise
an "Authorization" header). Is there a way to perhaps ignore-query?

Currently, I see that replies are cached even when they have queries,
however query is a part of the url and thereby a part of the key used
for the object stored in cache.
Due to this I don't get a cache hit for a subsequent GET request which
has a different temporal signature.

I understand why the default behavior is to do what it does and the
implications of unauthorized access without signature verification.
However, for my use case bypassing signature verification with squid
cache is useful and appropriate.

Please let me know if there is a workaround with which all query
parameters can be ignore for caching purpose.

Thanks,
Rajiv
Received on Sun Feb 23 2014 - 03:20:07 MST

This archive was generated by hypermail 2.2.0 : Sun Feb 23 2014 - 12:00:06 MST