| 2015-04-28 03:14:13 |
Michael Nelson |
description |
Requests to /api/2.0/applications/en/ubuntu/trusty/amd64/ and similar urls, used by the desktop USC, and being rendered with a bunch of Vary headers which should not be present (the URI is unauthenticated, does not vary on language, afaict) [1]
I'd initially thought that the different etags for identical files was also an issue, but it turns out that it's expected with the way python/django uses gzip (it defaults the mtime header to the current timestamp, so different md5 [2]).
[1] https://pastebin.canonical.com/130410/
[2] https://docs.python.org/2/library/gzip.html |
Requests to /api/2.0/applications/en/ubuntu/trusty/amd64/ and similar urls, used by the desktop USC, and being rendered with a bunch of Vary headers which should not be present (the URI is unauthenticated, does not vary on language, afaict) [1]
The etag returned is also incorrect, in the sense that it should be the md5 of the uncompressed content appended with ';gzip', as per the django source code [2], whereas what we get is the md5 of the compressed content, which is different for identical uncompressed content due to gzip including a timestamp header (see [1]). The effect of this is that all re-validation of content based on etags fails for these URIs.
[1] https://pastebin.canonical.com/130410/
[2] https://github.com/django/django/blob/master/django/middleware/gzip.py#L43 |
|
