Accept-Encoding should not be added to 'Vary' for non-compressable Content-Types

Question

Accept-Encoding should not be added to 'Vary' for non-compressable Content-Types

rasander opened this issue 6 months ago · comments

Micki Pedersen commented 6 months ago

Prerequisites

I have written a descriptive issue title
I have searched existing issues to ensure the bug has not already been reported

Fastify version

4.25.2

Plugin version

6.5.0

Node.js version

20.x

Operating system

Linux

Operating system version (i.e. 20.04, 11.3, 10)

Mac OS X and Linux Ubuntu

Description

"Accept-Encoding" is always added to Vary for both compressable and non-compressable content-types.
This should only be added if content-type is compressable.

This means, that caching is not working properly in nginx or CDN, because some caching applications (in my case Akamai CDN), will only cache if Content-Encoding is matching Accept-Encoding (in case Accept-Encoding is included in Vary).
For non-compressable content-types these will not match.

Steps to Reproduce

$ curl -I "http://localhost:3000/-/media/test.gif" -X GET -H "Accept-Encoding: br"
HTTP/1.1 200 OK
cache-control: public, max-age=604800
content-type: image/gif
vary: accept-encoding
content-length: 2971239
Date: Mon, 05 Feb 2024 14:50:33 GMT
Connection: keep-alive
Keep-Alive: timeout=72

$ curl -I "http://localhost:3000/-/media/test.gif" -X GET 
HTTP/1.1 200 OK
cache-control: public, max-age=604800
content-type: image/gif
vary: accept-encoding
content-length: 2971239
Date: Mon, 05 Feb 2024 14:50:47 GMT
Connection: keep-alive
Keep-Alive: timeout=72

Expected Behavior

$ curl -I "http://localhost:3000/-/media/test.gif" -X GET -H "Accept-Encoding: br"
HTTP/1.1 200 OK
cache-control: public, max-age=604800
content-type: image/gif
content-length: 2971239
Date: Mon, 05 Feb 2024 14:50:33 GMT
Connection: keep-alive
Keep-Alive: timeout=72

$ curl -I "http://localhost:3000/-/media/test.gif" -X GET 
HTTP/1.1 200 OK
cache-control: public, max-age=604800
content-type: image/gif
content-length: 2971239
Date: Mon, 05 Feb 2024 14:50:47 GMT
Connection: keep-alive
Keep-Alive: timeout=72

Matteo Collina · Answer 1 · Mon Feb 05 2024 23:07:31 GMT+0800 (China Standard Time)

Thanks for reporting! Would you like to send a Pull Request to address this issue? Remember to add unit tests.

Frazer Smith · Answer 2 · Thu Feb 29 2024 23:23:18 GMT+0800 (China Standard Time)

"Accept-Encoding" is always added to Vary for both compressable and non-compressable content-types. This should only be added if content-type is compressable.

@rasander Do you have a link to a spec that states this?

Qian (Stanley) Xu · Answer 3 · Wed Mar 27 2024 20:32:18 GMT+0800 (China Standard Time)

@rasander Could you confirm if my understanding is correct?

Wherever response.headers['content-encoding'] is defined (unless the value is identity, then the header vary should contain accept-encoding
vice versa

Open question:
if only one accept-encoding in request header, should vary header be set in response?

I have provided a PR, but I'm not so certain, if the changes in tests are all valid. @mcollina @Fdawgs

Qian (Stanley) Xu · Answer 4 · Wed Mar 27 2024 22:27:58 GMT+0800 (China Standard Time)

"Accept-Encoding" is always added to Vary for both compressable and non-compressable content-types. This should only be added if content-type is compressable.

@rasander Do you have a link to a spec that states this?

https://www.fastly.com/blog/best-practices-using-vary-header
See the section How to Use Vary to Solve Problems