For a specific application, a customer needs to create a policy to delete the set-cookie header, and cache the content data from OCS, when the OCS sends a specific HTTP response header as:

Cache-Control: no-cache="set-cookie"

Also, if there is a Vary directive in the HTTP response header, the content should be cached.

Here is the policy to handle an HTTP response header from OCS to ProxySG, which expects the appliance to delete the set-cookie header, and cache the content data.

Cache-Control: public, no-cache="set-cookie"
Set-Cookie: value

For example:

HTTP/1.1 200 OK
Server: Netscape-Enterprise/6.1 AOL
Cache-Control: public, max-age=315360000, s-maxage=315360000, no-cache="set-cookie"
Vary: User-Agent,Accept-Encoding
Set-Cookie: JSESSIONID_LC_Cell02=00000P53BBaYcNWsB75UsG2JtGr:163jk78jh; Path=/;  Domain=.xyz.com
Content-type: text/html
Date: Wed, 18 Aug 2004 19:52:21 GMT
Last-modified: Wed, 18 Aug 2004 19:52:15 GMT
Content-Length: 11
 
Hello World

result:  cached, remove cookie. as:
HTTP/1.1 200 OK
Server: Netscape-Enterprise/6.1 AOL
Cache-Control: public, max-age=315360000, s-maxage=315360000, no-cache="set-cookie"
Vary: User-Agent,Accept-Encoding
Content-type: text/html
Date: Wed, 18 Aug 2004 19:52:21 GMT
Last-modified: Wed, 18 Aug 2004 19:52:15 GMT
Content-Length: 11
Proxy-Connection: Keep-Alive
Connection: Keep-Alive
Age: 19

Hello World

If there is a set-cookie header, but the policy does not contain Cache-Control: public, no-cache="set-cookie", the content is not cached.

If there is a vary header, the content is cached.

This can be applied in local proxy, VPM policy, or through CPL.

 Here is the sample policy:

<Cache>

   url.host.substring=my-special-web-url condition=HTTP_Force_Cache cache(yes) force_cache(all)

<Proxy>

   url.host.substring=my-special-web-url condition=HTTP_Suppress_Cookies action.SuppressCookies(yes)

 
define condition HTTP_Uncacheable

   url.path.regex=my_java_security_check
   url.path.regex=my_special_security_logout
   response.header.Cache-Control=!"((?i)public)"
   response.header.Cache-Control="((?i)private)|((?i)no-store)|(((?i)no-cache)([^=]|$))"
   request.header.Cache-Control="((?i)private)|((?i)no-store)|((?i)no-cache)"
end condition HTTP_Uncacheable
 
define condition HTTP_Set_Cookie
  response.header.Set-Cookie="."
  response.header.Set-Cookie2="."
end condition HTTP_Set_Cookie
 
define condition HTTP_Cacheable_Suppress_Cookies
  response.header.Cache-Control='((?i)no-cache)=("?)((?i)set-cookie)("?)'
end condition HTTP_Cacheable_Suppress_Cookies
 
define condition HTTP_Cacheable_Vary
   response.header.Vary="((?i)user-agent)|((?i)accept-encoding)"  
end condition HTTP_Cacheable_Vary
 
define condition HTTP_Force_Cache
   condition=!HTTP_Uncacheable condition=HTTP_Cacheable_Suppress_Cookies
   condition=!HTTP_Uncacheable condition=!HTTP_Set_Cookie condition=HTTP_Cacheable_Vary
end condition HTTP_Force_Cache
 
define condition HTTP_Suppress_Cookies
   condition=!HTTP_Uncacheable condition=HTTP_Cacheable_Suppress_Cookies
end condition HTTP_Suppress_Cookies
 
define action SuppressCookies
   delete(response.header.Set-Cookie)
   delete(response.header.Set-Cookie2)
end action SuppressCookies