[Webkit-unassigned] [Bug 71509] New: WebKit doesn't respect Vary: Cookie header

Thu Nov 3 14:18:00 PDT 2011

https://bugs.webkit.org/show_bug.cgi?id=71509

           Summary: WebKit doesn't respect Vary: Cookie header
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: All
        OS/Version: All
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: New Bugs
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: deviantintegral at gmail.com

I'm running into a problem where Webkit doesn't appear to be respecting the Vary: Cookie header when Cache-Control is set. For example:

HTTP/1.1 200 OK
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.2.17
Cache-Control: public, max-age=300
Last-Modified: Thu, 03 Nov 2011 21:09:15 +0000
Expires: Sun, 11 Mar 1984 12:00:00 GMT
Vary: Cookie
ETag: "1320354555"
Content-Type: text/html; charset=utf-8
Content-Length: 23080
Date: Thu, 03 Nov 2011 21:09:15 GMT
X-Varnish: 1635548510
Age: 0
Via: 1.1 varnish
Connection: keep-alive
X-Varnish-Cache: MISS

This is causing pages previously loaded to only hit the server if a manual reload is done, or if 300 seconds pass.

To reproduce:

1. View a few pages as an anonymous user where the above Cache-Control and Vary headers are set.
2. Log into the site, such that a cookie is set the headers are now something like:

Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0

3. Browse back to one of the pages you previously loaded. Webkit won't make an outbound HTTP request even though the cookie has changed.

I've verified this in Webkit nightlies in both OS X and Windows, and haven't run into this problem in any other browsers.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.