FortiCache
FortiCache allows a FortiGate with insufficient memory/disk space to run a cache service.
rvoong
Staff
Staff
Article Id 193484
Description
This article explains a quick way to verify if a web page is cache-able using cURL.  This can be done by examining the "Cache-Control header" and possible flags.

The Cache-Control general-header field is used to specify directives that MUST be obeyed by all caching mechanisms along the request/response chain. The directives specify behavior intended to prevent caches from adversely interfering with the request or response. These directives typically override the default caching algorithms. Cache directives are unidirectional in that the presence of a directive in a request does not imply that the same directive is to be given in the response. { Reference }.

Scope
FortiOS 5.0 and above - web cache.
FortiCache.

Solution
In order to examine the "Cache-Control header" a tool such as cURL can be used.  This can be downloaded from http://curl.haxx.se/download.html and documentation is available at http://curl.haxx.se/docs/manpage.html. The tool has to be installed before it can be used to verify whether the web page can be cached or not.

To use cURL simply go to the directory where the cURL is installed using command prompt.  Execute the following command to request a web page using cURL:

curl -v <web page url>


Example of cache-able page:

C:\Users\Fortinet\AppData\Local\Apps\cURL>curl -v http://fortinet.com
* Rebuilt URL to: http://fortinet.com/
*   Trying 66.171.121.44...
* Connected to fortinet.com (66.171.121.44) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.40.0
> Host: fortinet.com
> Accept: */*
>
< HTTP/1.1 302 Found
< Date: Tue, 26 May 2015 00:13:07 GMT
< Server: Apache/2.0.52 (Red Hat)
< Location: http://www.fortinet.com//index.html
< Cache-Control: max-age=6307200
< Expires: Thu, 25 May 2017 00:13:07 GMT
< Vary: Accept-Encoding
< Content-Length: 298
< Content-Type: text/html; charset=iso-8859-1
< Set-Cookie: qcxehlq=FGTWWW1; Path=/
< Connection: Keep-alive
< Keep-Alive: timeout=15, max=100
< Set-Cookie: cookiesession1=29D754E6IP14LW2NLJMA0NDCDEYFF56D;Path=/;HttpOnly
<
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://www.fortinet.com//index.html">here</a>
.</p>
<hr>
<address>Apache/2.0.52 (Red Hat) Server at fortinet.com Port 80</address>
</body></html>
* Connection #0 to host fortinet.com left intact

C:\Users\Fortinet\AppData\Local\Apps\cURL>curl -v http://google.com
* Rebuilt URL to: http://google.com/
*   Trying 203.121.59.38...
* Connected to google.com (203.121.59.38) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.40.0
> Host: google.com
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Location: http://www.google.com/
< Content-Type: text/html; charset=UTF-8
< Date: Tue, 26 May 2015 00:14:23 GMT
< Expires: Thu, 25 Jun 2015 00:14:23 GMT
< Cache-Control: public, max-age=2592000
< Server: gws
< Content-Length: 219
< X-XSS-Protection: 1; mode=block
< X-Frame-Options: SAMEORIGIN
< Alternate-Protocol: 80:quic,p=0
<
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>
* Connection #0 to host google.com left intact


Example of non cache-able page:

C:\Users\Fortinet\AppData\Local\Apps\cURL>curl -v http://yahoo.com
* Rebuilt URL to: http://yahoo.com/
*   Trying 206.190.36.45...
* Connected to yahoo.com (206.190.36.45) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.40.0
> Host: yahoo.com
> Accept: */*
>
< HTTP/1.1 301 Redirect
< Date: Tue, 26 May 2015 00:13:25 GMT
< Via: http/1.1 ir23.fp.gq1.yahoo.com (ApacheTrafficServer)
< Server: ATS
< Location: https://www.yahoo.com/
< Content-Type: text/html
< Content-Language: en
< Cache-Control: no-store, no-cache
< Connection: keep-alive
< Content-Length: 1450
<
<!DOCTYPE html>
<html lang="en-us"><head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
    <meta charset="utf-8">
    <title>Yahoo</title>
    <meta name="viewport" content="width=device-width,initial-scale=1,minimal-ui
">
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
    <style>
html {
    height: 100%;
}
body {
    background: #fafafc url(https://s.yimg.com/nn/img/sad-panda-201402200631.png
) 50% 50%;
    background-size: cover;
    height: 100%;
    text-align: center;
    font: 300 18px "helvetica neue", helvetica, verdana, tahoma, arial, sans-ser
if;
}
table {
    height: 100%;
    width: 100%;
    table-layout: fixed;
    border-collapse: collapse;
    border-spacing: 0;
    border: none;
}
h1 {
    font-size: 42px;
    font-weight: 400;
    color: #400090;
}
p {
    color: #1A1A1A;
}
#message-1 {
    font-weight: bold;
    margin: 0;
}
#message-2 {
    display: inline-block;
    *display: inline;
    zoom: 1;
    max-width: 17em;
    _width: 17em;
}
    </style>
</head>
<body>
<!-- status code : 301 -->
<!-- Error: GET -->
<table>
<tbody><tr>
    <td>
    <img src="https://s.yimg.com/nn/img/yahoo-logo-201402200629.png" alt="Yahoo
Logo">
    <h1 style="margin-top:20px;">Will be right back...</h1>
    <p id="message-1">Thank you for your patience.</p>
    <p id="message-2">Our engineers are working quickly to resolve the issue.</p
>
    </td>
</tr>
</tbody></table>


</body></html>
* Connection #0 to host yahoo.com left intact

Detail information about "Cache-Control header" is available at http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9

As long as "Cache-Control header" is not set to "private" or "no-cache" the page will be cached by web cache on FortiGate and FortiCache.

Contributors