ETag – reconfigure or remove

ETags (Entity Tags) are used to check if something (image, script, etc) in the browser’s cache matches the one on the server.

They’re an alternative to using Last-Modified Date.

However, as the default format included inode (for Apache) and server version (for IIS) it caused problems with large scale websites that have multiple servers as these would return a different ETag for exactly the same file just because it was on a different server.

The options are to reconfigure how ETag is set up in Apache / IIS or disable it.

http://developer.yahoo.com/blogs/ydn/high-performance-sites-rule-13-configure-etags-7211.html 

Another issue with including inode information in the header is security. Revealing this information can aid attacks on other network-based services:

http://www.juniper.net/security/auto/vulnerabilities/vuln6939.html

Leave a Reply

Your email address will not be published. Required fields are marked *