Last Comment Bug 298227 - lack of cache control headers in Bugzilla - attachments cant be created and login requested multiple times for users behind a caching proxy
: lack of cache control headers in Bugzilla - attachments cant be created and l...
Status: RESOLVED DUPLICATE of bug 167808
:
Product: Bugzilla
Classification: Server Software
Component: Attachments & Requests (show other bugs)
: unspecified
: x86 Linux
: -- major (vote)
: ---
Assigned To: Nobody; OK to take it and work on it
: default-qa
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2005-06-20 04:10 PDT by Aleksander Adamowski
Modified: 2007-10-02 13:06 PDT (History)
0 users
See Also:
QA Whiteboard:
Iteration: ---
Points: ---


Attachments

Description Aleksander Adamowski 2005-06-20 04:10:46 PDT
User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050513 Fedora/1.7.8-1.3.1
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050513 Fedora/1.7.8-1.3.1

This problem is tested in all known to me installations of Bugzilla; Mozilla's
own bugzilla.mozilla.org, landfill.mozilla.org 2.18 (I cannot test with
bugzilla-tip as it has more severe problems), KDE's, Mandriva Linux, Gnome
Bugzilla and many others:

I'm connecting to Bugzilla through a caching Squid proxy, which is configured to
also cache pages whose URL contains a question mark (relying on proper cache
control headers from the HTTP server).

Bugzilla doesn't generate any cache control headers (see
http://www.mnot.net/cache_docs/ for an excellent tutorial on web caching for web
application authors), so many .cgi pages get cached by the proxy and cause
various problems:
1) the login page is presented to the user multiple times during his session
with Bugzilla

2) there's a problem with Bugzilla attachments handling CGI script - when I
click "Create an attachment" and supply the file, content type and all required
info, then click "Submit", I have to login again (that's acceptable), and after
providing my username and password, I get an error "You didn't specify a file to
attach" (if I recall correctly). Tested with many bugzillas, even with
http://landfill.bugzilla.org  2.18 branch.

When I switch Mozilla proxy settings to direct Internet connection, ewerything
works fine.


For more discussion on those bugs, see the Mandrake/Mandriva bugzilla where the
problem has been originally discovered:

http://qa.mandriva.com/show_bug.cgi?id=4798
http://qa.mandriva.com/show_bug.cgi?id=6638


Reproducible: Always

Steps to Reproduce:
1. Install a Squid proxy and configure it to also cache URLs that contain a
question mark, e.g.: 
acl QUERY urlpath_regex cgi-bin
no_cache deny QUERY

instead of:

acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY

2. Configure your browser to use that proxy
3. Try working with Bugzilla, creating new bugs, attaching files etc.

Actual Results:  
When working with bugzilla, login is requested multiple times from the user, and
files cannot be attached.

After supplying a file, a login page is the next one presented, and the next is
a "You didn't specify a file to
attach" error. Because of the 2nd request - the login page - the attachment gets
"lost" between 1st (file attachment form) and 3rd request (error page).


Expected Results:  
User should be asked for login once, and it should be possible to attach files
to bugs.
Comment 1 Aleksander Adamowski 2005-06-20 04:12:11 PDT
BTW, I've just checked - the problem also exists with standard Squid
configuration (with forbidden caching of URLs containing '?'). So skip the
remark about configuring Squid to cache those.
Comment 2 Marc Schumann [:Wurblzap] 2005-06-20 04:21:27 PDT
Is this a duplicate of bug 167808?
Comment 3 Aleksander Adamowski 2005-06-20 04:37:54 PDT
Maybe. I'm not entirely sure that enabling cache control headers would solve the
problem - I only suspect that link between those problems. I'll mark this bug as
dependent on bug 167808.
Comment 4 Dave Miller [:justdave] (justdave@bugzilla.org) 2007-10-02 13:06:29 PDT
I'm fairly positive that adding cache-control headers would fix this.

*** This bug has been marked as a duplicate of bug 167808 ***

Note You need to log in before you can comment on or make changes to this bug.