[apollo-datasource-rest] HTTPCache incorrectly caches 302 redirects #39
Comments
glasser
added a commit
that referenced
this issue
Nov 24, 2022
RESTDataSource contained a memoization cache (separate from the HTTP-header-sensitive shared cache) which caches all GET requests forever. This wasn't even documented for the first four years of RESTDataSource's existence and led to a lot of confusion. In this new major version, this cache will instead by default only de-duplicate *concurrent* GET requests. This also introduces `deduplicationPolicyFor()` which lets you tune how de-duplication works, including restoring v4 semantics (see the changeset for code snippets). Fixes #40. Fixes #72. Fixes #73. Fixes #46. Maybe fi-xes #39 but we could use a unit test. Somewhat addresses #65 but only for the de-duplication cache (we should still allow direct control over the cache key for the HTTP).
|
There's two things going on here. The first issue is that there are two layers of caching in Apollo Server and one of them is basically a sledgehammer that caches all GETs forever. We are going to fix that in #100. However, this is going to reveal the opposite issue — we won't cache any redirects at all (assuming you don't change the |
glasser
added a commit
that referenced
this issue
Nov 28, 2022
RESTDataSource contained a memoization cache (separate from the HTTP-header-sensitive shared cache) which caches all GET requests forever. This wasn't even documented for the first four years of RESTDataSource's existence and led to a lot of confusion. In this new major version, this cache will instead by default only de-duplicate *concurrent* GET requests. This also introduces `deduplicationPolicyFor()` which lets you tune how de-duplication works, including restoring v4 semantics (see the changeset for code snippets). Fixes #40. Fixes #72. Fixes #73. Fixes #46. Maybe fi-xes #39 but we could use a unit test. Somewhat addresses #65 but only for the de-duplication cache (we should still allow direct control over the cache key for the HTTP).
glasser
added a commit
that referenced
this issue
Nov 28, 2022
RESTDataSource contained a memoization cache (separate from the HTTP-header-sensitive shared cache) which caches all GET requests forever. This wasn't even documented for the first four years of RESTDataSource's existence and led to a lot of confusion. In this new major version, this cache will instead by default only de-duplicate *concurrent* GET requests. This also introduces `deduplicationPolicyFor()` which lets you tune how de-duplication works, including restoring v4 semantics (see the changeset for code snippets). Fixes #40. Fixes #72. Fixes #73. Fixes #46. Fixes #39 (though it "introduces" #102). Somewhat addresses #65 but only for the de-duplication cache (we should still allow direct control over the cache key for the HTTP).
glasser
added a commit
that referenced
this issue
Nov 29, 2022
RESTDataSource contained a memoization cache (separate from the HTTP-header-sensitive shared cache) which caches all GET requests forever. This wasn't even documented for the first four years of RESTDataSource's existence and led to a lot of confusion. In this new major version, this cache will instead by default only de-duplicate *concurrent* GET requests. This also introduces `deduplicationPolicyFor()` which lets you tune how de-duplication works, including restoring v4 semantics (see the changeset for code snippets). Fixes #40. Fixes #72. Fixes #73. Fixes #46. Fixes #39 (though it "introduces" #102). Somewhat addresses #65 but only for the de-duplication cache (we should still allow direct control over the cache key for the HTTP).
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In package apollo-datasource-rest, the datasource is incorrectly storing a 302 redirect with the caching headers supplied by the final resource. Then when the request is checked, the original URL is assumed to be fresh and it does not check the original redirect again. This goes against the HTTP spec for 302 redirects (and caused a problem for me in my app)
I've created an integration spec that demonstrates the problem in my fork: https://github.com/gburgett/apollo-server/blob/rest-caching/packages/apollo-datasource-rest/src/__tests__/integration.test.ts
To reproduce:
cache-control: public, max-age=31536000, immutableAt this point, the expected behavior is that the new resource is returned. The actual behavior is that the old resource is served from the HTTP cache.
Our current workaround is to set the TTL to 0 in the caching options for this data source.
The text was updated successfully, but these errors were encountered: