lighttpd setenv.set-response-header is not working as expected

I have a web server running the latest lighttpd code. The configuration uses setenv.set-response-header but the output is different than expected.

A simplified version of the configuration is shown below. All the redirects and rewrites work as configured, but the resulting response does not have the cache-control header set to match.

I've tried nesting with else, making a flat configuration, moving the set to higher/lower tiers. Nothing so far has produced the result I was expecting.

Suggestions gratefully received!


  $HTTP["request-method"] == "GET" {

      server.document-root = "/var/www/"

      $HTTP["url"] == "/a" {
  
          setenv.set-response-header = ( 
              "Cache-Control" => "no-cache, no-store, must-revalidate"
          )  

          url.rewrite-once = ( "" => "" )

      } else {

          $HTTP["url"] == "/b" {

              $REQUEST_HEADER["x"] =~ "y" {

                  setenv.set-response-header = ( 
                      "Cache-Control" => "max-age=60, must-revalidate"
                  )  

                  url.rewrite-once = ( "" => "" )

              } else {

                  setenv.set-response-header = ( 
                      "Cache-Control" => "max-age=60, must-revalidate"
                  )  

                  url.rewrite-once = ( "" => "" )

              } 

          } else {
                      
              $HTTP["url"] == "/c" {

                  $REQUEST_HEADER["x"] =~ "y" {

                      url.redirect = ( "" => "" )

                  } else {

                      setenv.set-response-header = ( 
                          "Cache-Control" => "max-age=60, must-revalidate"
                      )  

                      url.rewrite-once = ( "" => "" )

                  }                     
              
              } else {
                          
                  $HTTP["url"] == "/d" {

                      setenv.set-response-header = ( 
                          "Cache-Control" => "max-age=60, must-revalidate"
                      )  

                      url.rewrite-once = ( "" => "" )
                  }
              }
          }
      }
  }

Solution

If the URL is rewritten using url.rewrite-once, then that target URL is what lighttpd uses as the request. When lighttpd serves that request, lighttpd generates a response. Once the response is generated, that is when setenv.set-response-header is applied.

$HTTP["url"] == "/rewrite-target" {
    setenv.set-response-header = (
      "Cache-Control" => "max-age=60, must-revalidate"
    )
}

The target resource is to what the caching headers apply, not to the original request which was rewritten. Your current placement of setenv.set-response-header is not used because those are not the target resource. The target resource is the resource after the url.rewrite-once.