Closed tejaede closed 6 years ago
tejaede
commented
7 years ago UPDATE: Sending the no-cache directive is actually not an effective strategy. The original token continues to be sent. This appears to be a similar issue to https://github.com/kaazing/http2-cache.js/issues/53 in that an uncacheable request is not invalidating the existing cached request.
tejaede
commented
7 years ago @hthetiot @dpwspoon
After discussing with Jonathan, I need to amend my comments this morning. It's clear we are going to need to proactively send new tokens through the accelerator before we get a 403. Contour acquires a new token whenever it receives a 403 response so if each endpoint must receive a 403 before it can use a new token, we end up in an infinite loop of token retrieval.
The following is a reasonable use case for Contour:
And so on...
This is more of a question than a report as I am not sure whether this is the correct behavior. We certainly need to account for it though as it results in the following:
Expected: token2 is sent to accelerator and we see no break in service. Actual: token1 is sent to accelerator until it gets a 403 or we send the no-cache directive.
For the time being, we can detect whether the token has changed and, if so, include the no-cache directive.