[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug in Apache (was: Nochmal Apache...)

On Thu, Apr 20, 2000 at 01:14:39PM +0200, Paul Slootman wrote:
> On Thu 20 Apr 2000, Martin Schulze wrote:
> > Klaus says: Apache (1.3.9-13) has problems with URLs that end
> > up in cgi-bin programs that are fed with data using POST.  Apache
> > tends to return an old cached page with incorrect content.
> I'd suggest adding an "Expires:" header (indicating the current time),
> and/or a "Cache-Control: no-cache" and/or "Pragma: no-cache".

Tried this, had no effect. The problem rather seems to be that Apache
ignores the POSTed content sometimes and just calls the CGI script
without any data.

> Does apache indeed return a cached page, or simply indicate that the
> page is still valid? I don't think that apache will cache pages it
> serves up itself (using apache as caching proxy is something else).

We have not configured apache that way. The script where the error occurs is
a 4 step Perl CGI script that preserves previously entered state and data in
hidden fields (which clearly show up when viewing the HTML source).
When submitting the form with additional data, apache seems to "forget"
the hidden fields as well as the newly inserted data, and calls the script
again with empty input.

With Method GET, this effect has not been seen yet (but the URLs look ugly,
of course).

> > Interestingly this does not happen when apache-ssl (
> > is used.
> I guess that's because there's no sense in caching secure documents?

That's what I thought first, too. Maybe it's the secure transaction protocol
that keeps POSTes data from being lost?

In the non-SSL version, if the effect occurs and the uninitialized form
is being sent, it seems to help if the User reloads the exact same page
(and the input is reposted). Same thing for Netscape and lynx.

> In short, I don't think this is a bug, more a feature.

It's definitely not a feature if FORMs don't get the input which has
been sent by the browser.

	-Klaus Knopper  <knopper@linuxtag.de>

Reply to: