Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-10335

Responses to bots should have extra header to be used by reverse proxies

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.0.9
    • Fix Version/s: 3.0.10-RC1
    • Component/s: Sessions
    • Labels:
      None

      Description

      phpBB sends different content to bots detected by IP and/or user agent than it does to regular visitors. On the first visit both present without cookie and are otherwise indistinguishable. When phpBB is run behind a reverse proxy such a result can be cached because no cookie was present. However the page for bots could now be delivered to regular users and vice versa. To avoid this pitfall, phpBB should set an X-PHPBB-IS-BOT header. The reverse proxy can then use Vary (see e.g. https://www.varnish-cache.org/docs/trunk/tutorial/vary.html) to cache one version of the page for bots and one version of the page for regular visitors.

        Attachments

          Activity

            People

            • Assignee:
              bantu Andreas Fischer
              Reporter:
              naderman Nils Adermann
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: