Nginx cache-control headers issue

Andrew Andonopoulos andre8525 at hotmail.com
Thu Jul 18 22:39:55 UTC 2019


Hello,

I have an nginx proxy which suddenly adding 2 cache-control headers and the last modified time is always the current time:

curl -I https://example.com/hls/5d15498d3b4e13.57348983/1280_720_3200_5d15498d3b4e13.57348983.m3u8?token=st=1563488654~exp=1563575054~acl=/hls/5d15498d3b4e13.57348983/*~hmac=863d655766652601b77c0ba1fc94a60039c4c800d9ac7097b68edfa77b9c1cdb
HTTP/1.1 200 OK
Server: nginx/1.17.0
Date: Thu, 18 Jul 2019 22:28:34 GMT
Content-Type: application/vnd.apple.mpegurl
Last-Modified: Thu, 18 Jul 2019 22:28:34 GMT
Connection: keep-alive
Expires: Thu, 18 Jul 2019 23:28:34 GMT
Cache-Control: private, max-age=3600, max-stale=0
Cache-Control: public max-age=31536000 s-maxage=31536000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Origin,X-Auth-Token,Authorization,Accept,Client-Security-Token
Access-Control-Allow-Methods: OPTIONS, GET



and this is the config:

server {
listen 443 ssl;
server_name example.com;

        # security for bypass so localhost can empty cache
        if ($remote_addr ~ "^(127.0.0.1)$") {
            set $bypass $http_secret_header;
        }


        location  '/.well-known/acme-challenge' {
                   root /usr/local/www/example.com;
                   allow all;
           default_type "text/plain";
}


        if ($arg_token) {
                        set $test_token $arg_token;
        }

        if ($cookie_token) {
                        set $test_token $cookie_token;
        }



        location / {
           #Proxy related config
           proxy_cache s3_cache;
           proxy_http_version     1.1;
           proxy_read_timeout 10s;
           proxy_send_timeout 10s;
           proxy_connect_timeout 10s;
           proxy_cache_methods GET HEAD;
           proxy_cache_use_stale  error timeout updating http_500 http_502 http_503 http_504;
           proxy_cache_lock       on;
           proxy_cache_revalidate on;
           proxy_intercept_errors on;
           proxy_cache_lock_age 10s;
           proxy_cache_lock_timeout 1h;
           proxy_cache_background_update on;
           proxy_cache_valid      200 301 302  30d;
           proxy_pass             https://s3/;
           proxy_cache_bypass     $cookie_nocache $arg_nocache;
           proxy_cache_key "$scheme$host$request_uri";


   #Proxy Buffers
   proxy_buffering on;
           proxy_buffer_size 1k;
           proxy_buffers 24 4k;
           proxy_busy_buffers_size 8k;
           proxy_max_temp_file_size 2048m;
           proxy_temp_file_write_size 32k;

           #Add Headers
           add_header             Cache-Control 'public max-age=31536000 s-maxage=31536000';
           add_header             X-Cache-Status $upstream_cache_status always;
           add_header             X-Proxy-Cache $upstream_cache_status;
           add_header             'Access-Control-Allow-Origin' '*';
           add_header             'Access-Control-Allow-Credentials' 'true';
           add_header             'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Origin,X-Auth-Token,Authorization,Accept,Client-Security-Token';
           add_header             'Access-Control-Allow-Methods' 'OPTIONS, GET';

           #Header related config
           proxy_set_header       Connection "";
           proxy_set_header       Authorization '';
           proxy_set_header       Host 'xxxxx.s3.amazonaws.com';
           proxy_hide_header      x-amz-id-2;
           proxy_hide_header      x-amz-request-id;
           proxy_hide_header      x-amz-meta-server-side-encryption;
           proxy_hide_header      x-amz-server-side-encryption;
           proxy_hide_header      Set-Cookie;
           proxy_hide_header      x-amz-storage-class;
           proxy_ignore_headers   Set-Cookie;
   proxy_ignore_headers   Cache-Control;
   proxy_ignore_headers   X-Accel-Expires Expires;


   # enable thread bool
           aio threads=default;


           akamai_token_validate $test_token;
           akamai_token_validate_key xxxxxxxxxxxxxxx;
           secure_token $token;
           secure_token_types text/xml application/vnd.apple.mpegurl;
           secure_token_content_type_f4m text/xml;
           secure_token_expires_time 100d;
           secure_token_query_token_expires_time 1h;
           secure_token_tokenize_segments on;



        }


}




I don't know why is adding this control header: Cache-Control: private, max-age=3600, max-stale=0
I don't have this in the config. Also, I re-installed Nginx but still getting the same issue



Thanks
Andrew

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20190718/72ca3f4f/attachment-0001.html>


More information about the nginx mailing list