Scrubbing cookies (and other headers)

[Mat Brown]

Hi all,

We're migrating over to Rack::Cache, and it's awesome. However, one
thing we ran into is that Rack::Cache is caching the Set-Cookie header
from the original server response (since it just caches all cookies).
That means, of course, that end-users are going to share cookies,
which is less than desirable.

I can work around this easily enough by subclassing
Rack::Cache::Context and overriding the store method to remove that
header before storage, but I'm wondering if it would be worth building
more explicit support for this sort of thing -- maybe by allowing
hooks into Rack::Cache, like a before_store, after_fetch, etc. etc.
Another example I can think of is modifying the Cache-Control headers,
since the headers our application returns are targeted at the caching
middleware and not suitable for the browser to receive.

Thoughts on this? I'd be open to putting together a patch if you all
think it would be worthwhile.

Cheers,
Mat