Generally, I'd think if the Origin responded with Cache-Control headers that
permit caching, it should be cached.
For e.g., for a 400 response, the Origin may include a Cache-Control: Vary
header indicating what parts of the request that it didn't like.
- Sudheer
From: Alan Carroll <solidwallofc...@yahoo-inc.com.INVALID>
To: Dev <dev@trafficserver.apache.org>
Sent: Wednesday, November 9, 2016 8:17 AM
Subject: Don't negative cache 400 responses.
We are having this problem inside Yahoo! and it seems to me to be wrong to
negative caches a 400 (HTTP_STATUS_BAD_REQUEST) because that is a user agent /
proxy problem, not an origin server problem. It can lead to easy (if temporary)
denial of service by simply sending a bogus request through ATS. I'd like to
clip that status out of is_negative_caching_appropriate.
