Open Bug 1348707 Opened 8 years ago Updated 2 years ago

Firefox ignores only-if-cached in requests

Categories

(Core :: Networking: Cache, enhancement, P3)

Product:
Core
Component:
Networking: Cache
Version:
55 Branch
Type:
enhancement

Tracking

()

Status:
UNCONFIRMED

People

(Reporter: mnot, Unassigned)

Details

(Whiteboard: [necko-backlog])

If a request contains Cache-Control: only-if-cached, firefox ignores it; i.e., it will not generate a 504 response if there isn't a suitable response available. Spec: http://httpwg.org/specs/rfc7234.html#rfc.section.5.2.1.7 Test: https://github.com/mnot/web-platform-tests/blob/http-cache/fetch/http-cache/cc-request.html
I'm pretty sure `fetch(url, { cache: 'only-if-cached' })` works. It is limited to same-origin requests, though. I wonder if this behavior is intentional.
(In reply to Ben Kelly [not reviewing due to deadline][:bkelly] from comment #1) > I'm pretty sure `fetch(url, { cache: 'only-if-cached' })` works. It is > limited to same-origin requests, though. I wonder if this behavior is > intentional. Ben, Cache-control HTTP request header has nothing to do with fetch(). Or is the report related to DOM cache?
(In reply to Honza Bambas (:mayhemer) from comment #2) > Ben, Cache-control HTTP request header has nothing to do with fetch(). > > Or is the report related to DOM cache? My point is we have the primitives to do it because fetch API is using them: https://dxr.mozilla.org/mozilla-central/source/netwerk/protocol/http/HttpBaseChannel.cpp#2712 But the fetch API explicitly restricts this to same-origin requests to protect against cross-origin cache probing. I was suggesting perhaps http cache purposely ignores Cache-Control:only-if-cached for the same cache probing privacy issue.
(In reply to Ben Kelly [not reviewing due to deadline][:bkelly] from comment #3) > I was suggesting perhaps http cache purposely ignores > Cache-Control:only-if-cached for the same cache probing privacy issue. I was wondering about that. I note that no browser currently supports only-if-cached in requests (although some don't support a lot of other CC request directives either). If there is a legitimate privacy concern here, and there's agreement between the browsers about it, we could document (in fetch) that oic in requests should be ignored, or limited to same-origin requests.
Whiteboard: [necko-backlog]
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: -- → P1
Bulk change to priority: https://bugzilla.mozilla.org/show_bug.cgi?id=1399258
Priority: P1 → P3
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.