For a specific application, a customer needs to create a policy to delete the set-cookie header, and cache the content data from OCS, when the OCS sends a specific HTTP response header as:
Cache-Control: no-cache="set-cookie"
Also, if there is a Vary directive in the HTTP response header, the content should be cached.
Here is the policy to handle an HTTP response header from OCS to ProxySG, which expects the appliance to delete the set-cookie header, and cache the content data.
Cache-Control: public, no-cache="set-cookie"
Set-Cookie: value
For example:
HTTP/1.1 200 OK
Server: Netscape-Enterprise/6.1 AOL
Cache-Control: public, max-age=315360000, s-maxage=315360000, no-cache="set-cookie"
Vary: User-Agent,Accept-Encoding
Set-Cookie: JSESSIONID_LC_Cell02=00000P53BBaYcNWsB75UsG2JtGr:163jk78jh; Path=/; Domain=.xyz.com
Content-type: text/html
Date: Wed, 18 Aug 2004 19:52:21 GMT
Last-modified: Wed, 18 Aug 2004 19:52:15 GMT
Content-Length: 11
Hello World
result: cached, remove cookie. as:
HTTP/1.1 200 OK
Server: Netscape-Enterprise/6.1 AOL
Cache-Control: public, max-age=315360000, s-maxage=315360000, no-cache="set-cookie"
Vary: User-Agent,Accept-Encoding
Content-type: text/html
Date: Wed, 18 Aug 2004 19:52:21 GMT
Last-modified: Wed, 18 Aug 2004 19:52:15 GMT
Content-Length: 11
Proxy-Connection: Keep-Alive
Connection: Keep-Alive
Age: 19
Hello World
If there is a set-cookie header, but the policy does not contain Cache-Control: public, no-cache="set-cookie", the content is not cached.
If there is a vary header, the content is cached.
This can be applied in local proxy, VPM policy, or through CPL.
Here is the sample policy:
<Cache>
url.host.substring=my-special-web-url condition=HTTP_Force_Cache cache(yes) force_cache(all)
<Proxy>
url.host.substring=my-special-web-url condition=HTTP_Suppress_Cookies action.SuppressCookies(yes)
define condition HTTP_Uncacheable
url.path.regex=my_java_security_check
url.path.regex=my_special_security_logout
response.header.Cache-Control=!"((?i)public)"
response.header.Cache-Control="((?i)private)|((?i)no-store)|(((?i)no-cache)([^=]|$))"
request.header.Cache-Control="((?i)private)|((?i)no-store)|((?i)no-cache)"
end condition HTTP_Uncacheable
define condition HTTP_Set_Cookie
response.header.Set-Cookie="."
response.header.Set-Cookie2="."
end condition HTTP_Set_Cookie
define condition HTTP_Cacheable_Suppress_Cookies
response.header.Cache-Control='((?i)no-cache)=("?)((?i)set-cookie)("?)'
end condition HTTP_Cacheable_Suppress_Cookies
define condition HTTP_Cacheable_Vary
response.header.Vary="((?i)user-agent)|((?i)accept-encoding)"
end condition HTTP_Cacheable_Vary
define condition HTTP_Force_Cache
condition=!HTTP_Uncacheable condition=HTTP_Cacheable_Suppress_Cookies
condition=!HTTP_Uncacheable condition=!HTTP_Set_Cookie condition=HTTP_Cacheable_Vary
end condition HTTP_Force_Cache
define condition HTTP_Suppress_Cookies
condition=!HTTP_Uncacheable condition=HTTP_Cacheable_Suppress_Cookies
end condition HTTP_Suppress_Cookies
define action SuppressCookies
delete(response.header.Set-Cookie)
delete(response.header.Set-Cookie2)
end action SuppressCookies