These are chat archives for spring-cloud/spring-cloud

23rd
Apr 2016
Davy De Waele
@ddewaele
Apr 23 2016 12:41
I have a Zuul Proxy with a number of Spring Boot Apps behind them that have configured their own cache control on their urls (to cache images/js/css/.....).
An out of the box Zuul Proxy will use the standard Spring Security cache control headers (no cache) and will overwrite whatever the underlying spring boot apps had configured . Is it possible to avoid doing that for all the zuul routes ? Or do I need to create a Filter in the Zuul Proxy that manually adds mappings to all the paths that I want to see cached.
Dave Syer
@dsyer
Apr 23 2016 12:51
The cache headers are on the ignored list by default
(In master anyway)
Did you change the ignored headers?
Davy De Waele
@ddewaele
Apr 23 2016 12:52
you mean sensitiveHeaders in he zuul config ?
Dave Syer
@dsyer
Apr 23 2016 12:52
Wait, no, it's the other way round. You want the headers from the backends to get to your client.
There's sensitive (per route), and ignored
If you want to get the headers from the backend you have to switch off whatever generates them in the proxy and make sure they are not ignored
Davy De Waele
@ddewaele
Apr 23 2016 12:54
backend UIs have setup caching for certain paths and the zuul gateway (I think basic Spring Security) sets its own cache control (https://docs.spring.io/spring-security/site/docs/current/reference/html/headers.html#headers-cache-control)
Dave Syer
@dsyer
Apr 23 2016 12:54
Spring Security sets some cache headers for security reasons
If you don't want that you'd have to route those paths through the proxy without hitting spring security, or configure security to treat those paths in a special way
(This is spring security, not spring cloud, really)
Davy De Waele
@ddewaele
Apr 23 2016 12:58
yes correct .... posted it here because zuul is sitting in front of it and overrides the other boot apps headers ... currently created a filter in the zuul proxy that sets proper caching headers for some paths
Dave Syer
@dsyer
Apr 23 2016 13:00
Most of Zuul configuration to do with headers is about ignoring certain headers that come from the backend, because you know they will be added again by the proxy
So you have to know if they are being added and why and where before you can get a full grip on it
Davy De Waele
@ddewaele
Apr 23 2016 13:13
so for my understanding :
  • spring security by default adds Cache-Control: no-cache, no-store, max-age=0, must-revalidate (as described here https://docs.spring.io/spring-security/site/docs/current/reference/html/headers.html#headers-cache-control)
  • Zuul will do the same (as it also has spring security). On top of that it will also add Cache-Control to zuul.ignoredHeaders.
  • My backend apps, that may have custom Cache-Control headers for certain paths are being overruled by Zuul because Zuul is ignoring those headers (due to zuul.ignoredHeaders: Cache-Control
Dave Syer
@dsyer
Apr 23 2016 16:06
Yes. I think so.