00802: Bad headers sent when using cache with If-Modified-Since enabled

Summary: Bad headers sent when using cache with If-Modified-Since enabled
Created: 2006-09-14 17:37
Status: Closed - fixed for 2.2.5
Category: Bug
From: psvo?
Priority: 554
Version: 2.1.26
OS: Linux / Apache 1.3 / PHP 5

Description: $EnableIMSCaching doesn't work with my version of Apache and PHP. When I issue second request to the same page, I get this replay:

HTTP/1.x 304 Not Modified
Date: Thu, 14 Sep 2006 22:18:27 GMT
Server: Apache/1.3.34 (Unix)  (Gentoo) PHP/5.0.5-pl5-gentoo
Connection: Keep-Alive
Keep-Alive: timeout=15, max=99
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0

And then the next request isn't cached. I was able to fix it by sending all $HTTPHeaders before header("HTTP/1.0 304 Not Modified"); in scripts/caches.php. The bad Cache-Control header is probably sent by PHP or Apache (e.g. pmwiki.org doesn't have this problem).

This Bug may prevent Internet Explorer from downloading attachments when the user is logged in to the wiki.

Tested by attaching a pdf file to the sandbox page. Attempting to download the attachment in IE as an anonymous user and an authenticated user. Anonymous users could download it. Authenticated users could not. Both anonymous and authenticated users in Firefox could.

Try editing your php.ini for your apache server, look for this:

; Set to {nocache,private,public,} to determine HTTP caching aspects
; or leave this empty to avoid sending anti-caching headers.
; session.cache_limiter = nocache
session.cache_limiter =

removing "nocache" fixed it for me

To fix this, you can edit caches.php as follows: —Eemeli Aro April 20, 2009, at 03:32 PM

<       { header("HTTP/1.0 304 Not Modified"); exit(); }
>     if (@$_SERVER['HTTP_IF_MODIFIED_SINCE']==$HTTPLastMod) {
>       header("HTTP/1.0 304 Not Modified");
>       header("Cache-Control: no-cache");
>       header("Expires: ");
>       header("Last-Modified: $HTTPLastMod");
>       exit();
>     }

Shouldn't that be more like header("Cache-Control: "); to suppress the header which is obviously broken? --Petko July 15, 2009, at 09:51 PM

No, since Cache-Control: no-cache will force the browser to revalidate the request every time, which is the proper thing to do — as seen on line 38 of caches.php. The incorrect headers on 304 responses are a result of the way PmWiki handles headers via the $HTTPHeaders array: it's only handled within the PrintFmt function, which is never called for 304 responses. Hence my fix above, which directly sets the proper headers using PHP's header() function. Without the fix, PHP will send its default headers that include the draconian cache-control shown in the original report above. —Eemeli Aro July 23, 2009, at 09:40 AM