Bug 1236160
| Summary: | OpenShift proxy ignores no-transform cache-control directive, performs transparent compression regardless | ||
|---|---|---|---|
| Product: | OpenShift Online | Reporter: | Evgeny Kapun <abacabadabacaba> |
| Component: | Containers | Assignee: | Miciah Dashiel Butler Masters <mmasters> |
| Status: | CLOSED WONTFIX | QA Contact: | Meng Bo <bmeng> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 2.x | CC: | jokerman, libra-bugs, mmccomas, xtian |
| Target Milestone: | --- | Keywords: | UpcomingRelease |
| Target Release: | 2.x | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2017-05-31 18:22:11 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
We apologize, however, we do not plan to address this report at this time. The majority of our active development is for the v3 version of OpenShift. If you would like for Red Hat to reconsider this decision, please reach out to your support representative. We are very sorry for any inconvenience this may cause. |
If a client sends a request with `Accept-Encoding: gzip' header, OpenShift will reply with a compressed response. My tests showed that this happens even if the server running on the gear doesn't provide compressed responses, which means that the compression is performed by OpenShift proxy. For example, in one of my tests, the origin server sent the following response: HTTP/1.1 200 OK Content-Type: text/plain Cache-Control: no-transform Content-Length: 11 Hello world The client, however, received the following response: HTTP/1.1 200 OK Date: Fri, 26 Jun 2015 17:25:11 GMT Content-Type: text/plain Cache-Control: no-transform Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 31 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive [gzip-compressed data] As you can see, the proxy compressed the response, even though it contained the `Cache-Control: no-transform' header. Quoting the relevant RFC: A proxy MUST NOT transform the payload (Section 3.3 of [RFC7231]) of a message that contains a no-transform cache-control directive (Section 5.2 of [RFC7234]). A proxy MAY transform the payload of a message that does not contain a no-transform cache-control directive. A proxy that transforms a payload MUST add a Warning header field with the warn-code of 214 ("Transformation Applied") if one is not already in the message (see Section 5.5 of [RFC7234]). A proxy that transforms the payload of a 200 (OK) response can further inform downstream recipients that a transformation has been applied by changing the response status code to 203 (Non-Authoritative Information) (Section 6.3.4 of [RFC7231]). Also, it would be nice if such transparent compression could be disabled by an administrator for his own server, as it is sometimes undesirable [1]. [1]: https://stackoverflow.com/questions/30397457/disable-gzip-compression-on-openshift-php-cartridge