View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0008970 | Taler | exchange | public | 2024-06-19 16:59 | 2024-07-26 00:12 |
| Reporter | Florian Dold | Assigned To | Christian Grothoff | ||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | closed | Resolution | fixed | ||
| Target Version | 0.12 | Fixed in Version | 0.12 | ||
| Summary | 0008970: exchange poisons browser cache with German terms of service | ||||
| Description | Doing the following request (done by the *browser*, so wallet-core doesn't influence the accept-language header): curl -v 'https://exchange.test.taler.net/terms' \ -H 'accept: application/json' \ -H 'accept-language: en-US,en;q=0.9' [...] < HTTP/2 200 < server: nginx < date: Wed, 19 Jun 2024 14:37:01 GMT < content-type: text/plain < content-length: 15885 < vary: Accept-Encoding < access-control-allow-origin: * < access-control-expose-headers: * < avail-languages: de < cache-control: public,max-age=864000 < content-language: de < etag: exchange-tos-v0 < expires: Thu, 20 Jun 2024 14:37:01 GMT < vary: Accept-Language,Accept,Accept-Encoding < strict-transport-security: max-age=63072000; includeSubDomains; preload The response is German, and all subsequent requests the ToS will return the cached German response. That is *despite* the Vary header, so maybe our interpretation of the interaction of Vary and ETag is wrong. | ||||
| Tags | No tags attached. | ||||
|
|
From RFC9110: "The precondition header fields are then compared by recipients to determine whether any stored response is equivalent to a current representation of the resource." => According to this, the ETag refers to the *representation* of a resource. Thus we would need to include the language and mime type in the ETag. |
|
|
Fixed in 00058aa0..ed2d7f08, spec in ac374fef..8fb2ca40 |
|
|
@Florian: Note that the wallet must now check the new Taler-Terms-Version header to detect if it should show the user a new TOS to accept! |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2024-06-19 16:59 | Florian Dold | New Issue | |
| 2024-06-19 16:59 | Florian Dold | Status | new => assigned |
| 2024-06-19 16:59 | Florian Dold | Assigned To | => Christian Grothoff |
| 2024-06-19 17:20 | Florian Dold | Note Added: 0022674 | |
| 2024-06-23 10:04 | Christian Grothoff | Status | assigned => resolved |
| 2024-06-23 10:04 | Christian Grothoff | Resolution | open => fixed |
| 2024-06-23 10:04 | Christian Grothoff | Fixed in Version | => 0.12 |
| 2024-06-23 10:04 | Christian Grothoff | Note Added: 0022706 | |
| 2024-06-23 10:04 | Christian Grothoff | Note Added: 0022707 | |
| 2024-07-26 00:12 | Christian Grothoff | Status | resolved => closed |
