Cache-Control is not respecting private requests on Android #25277

umamialex · 2019-06-17T07:38:41Z

React Native version:

  React Native Environment Info:
    System:
      OS: Linux 4.4 Ubuntu 18.04.2 LTS (Bionic Beaver)
      CPU: (8) x64 Intel(R) Core(TM) i7-8565U CPU @ 1.80GHz
      Memory: 5.87 GB / 15.90 GB
      Shell: 4.4.19 - /bin/bash
    Binaries:
      Node: 10.15.3 - /usr/bin/node
      Yarn: 1.15.2 - ~/.npm-global/bin/yarn
      npm: 6.9.0 - ~/.npm-global/bin/npm
    npmPackages:
      react: 16.8.6 => 16.8.6
      react-native: https://github.com/expo/react-native/archive/sdk-33.0.0.tar.gz => 0.59.8
    npmGlobalPackages:
      react-native-cli: 2.0.1

Steps To Reproduce

Make a request to any API using the header Cache-Control: 'private'`. (Examples below use Fetch and Axios.)

Describe what you expected to happen:

Proper response in iOS:

FETCH c {
  "map": Object {
    "accept-ranges": "bytes",
    "access-control-allow-origin": "*",
    "allow": "GET,POST,PUT,PATCH,DELETE",
    "cache-control": "private",
    "connection": "keep-alive",
    "content-encoding": "gzip",
    "content-type": "application/json; charset=utf-8",
    "date": "Mon, 17 Jun 2019 07:20:15 GMT",
    "etag": "W/\"2c97-UiFwSZGHPZo8ybrKAarwVn0BPtU\"",
    "server": "Cowboy",
    "strict-transport-security": "max-age=900",
    "transfer-encoding": "Identity",
    "vary": "Accept, Accept-Encoding",
    "via": "1.1 vegur, 1.1 varnish",
    "x-cache": "MISS",
    "x-cache-hits": "0",
    "x-powered-by": "Express",
    "x-served-by": "cache-dfw18621-DFW",
    "x-timer": "S1560756015.121943,VS0,VE52",
  },
}

AXIOS Object {
  "accept-ranges": "bytes",
  "access-control-allow-origin": "*",
  "allow": "GET,POST,PUT,PATCH,DELETE",
  "cache-control": "private",
  "connection": "keep-alive",
  "content-encoding": "gzip",
  "content-type": "application/json; charset=utf-8",
  "date": "Mon, 17 Jun 2019 07:20:15 GMT",
  "etag": "W/\"2c97-UiFwSZGHPZo8ybrKAarwVn0BPtU\"",
  "server": "Cowboy",
  "strict-transport-security": "max-age=900",
  "transfer-encoding": "Identity",
  "vary": "Accept, Accept-Encoding",
  "via": "1.1 vegur, 1.1 varnish",
  "x-cache": "MISS",
  "x-cache-hits": "0",
  "x-powered-by": "Express",
  "x-served-by": "cache-dfw18621-DFW",
  "x-timer": "S1560756015.028437,VS0,VE52",
}

Proper response in Postman:

Incorrect response in Android (notice the different Cache-Control value).

FETCH c {
  "map": Object {
    "accept-ranges": "bytes",
    "access-control-allow-origin": "*",
    "age": "593",
    "allow": "GET,POST,PUT,PATCH,DELETE",
    "cache-control": "public, max-age=0",
    "connection": "keep-alive",
    "content-type": "application/json; charset=utf-8",
    "date": "Mon, 17 Jun 2019 07:20:46 GMT",
    "etag": "W/\"2c97-a+gngb0DFAIxK7psQvBD89inpZM\"",
    "server": "Cowboy",
    "strict-transport-security": "max-age=900",
    "vary": "Accept, Accept-Encoding",
    "via": "1.1 varnish",
    "x-cache": "HIT",
    "x-cache-hits": "1",
    "x-powered-by": "Express",
    "x-served-by": "cache-dfw18634-DFW",
    "x-timer": "S1560756046.196560,VS0,VE0",
  },
}

AXIOS Object {
  "accept-ranges": "bytes",
  "access-control-allow-origin": "*",
  "age": "593",
  "allow": "GET,POST,PUT,PATCH,DELETE",
  "cache-control": "public, max-age=0",
  "connection": "keep-alive",
  "content-type": "application/json; charset=utf-8",
  "date": "Mon, 17 Jun 2019 07:20:46 GMT",
  "etag": "W/\"2c97-a+gngb0DFAIxK7psQvBD89inpZM\"",
  "server": "Cowboy",
  "strict-transport-security": "max-age=900",
  "vary": "Accept, Accept-Encoding",
  "via": "1.1 varnish",
  "x-cache": "HIT",
  "x-cache-hits": "1",
  "x-powered-by": "Express",
  "x-served-by": "cache-dfw18634-DFW",
  "x-timer": "S1560756046.164569,VS0,VE0",
}

Snack, code example, or link to a repository:

// testUrl should be hitting any service with Caching enabled.
// I don't want to publicize my specific API endpoint, but feel
// free to DM me if you need help replicating the issue

// With Fetch
const headers = new Headers()
headers.set('Cache-Control', 'private')

const fr = await fetch(testUrl, {
  method: 'GET',
  headers,
})

console.log('FETCH', fr.headers)

// With Axios
const ar = await axios.get(testUrl, {
  headers: {
    'Cache-Control': 'private',
  },
})

console.log('AXIOS', ar.headers)

This is a updated version of this issue: #16795
And related to this Expo issue: expo/expo#1639

I'm relying on the Cache-Control header for specific user auth data and requests which should not be cached.

The text was updated successfully, but these errors were encountered:

dulmandakh · 2019-06-17T13:37:43Z

Value private in cache-control header is invalid, please see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control.

umamialex added the Bug label Jun 17, 2019

react-native-bot added Platform: Android Android applications. Platform: Linux Building on Linux. labels Jun 17, 2019

dulmandakh closed this as completed Jun 17, 2019

facebook locked as resolved and limited conversation to collaborators Jun 17, 2020

react-native-bot added the Resolution: Locked This issue was locked by the bot. label Jun 17, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Cache-Control is not respecting private requests on Android #25277

Cache-Control is not respecting private requests on Android #25277

umamialex commented Jun 17, 2019

dulmandakh commented Jun 17, 2019

Cache-Control is not respecting private requests on Android #25277

Cache-Control is not respecting private requests on Android #25277

Comments

umamialex commented Jun 17, 2019

Steps To Reproduce

Proper response in iOS:

Proper response in Postman:

Incorrect response in Android (notice the different Cache-Control value).

dulmandakh commented Jun 17, 2019