W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > January to April 1997

Re: Issues-list item "CACHING-CGI"

From: <http-wg@cuckoo.hpl.hp.com>
Date: Wed, 16 Apr 1997 11:54:48 +0100
To: mogul@pa.dec.com
Cc: http-wg@cuckoo.hpl.hp.com
Message-Id: <8525647B.0019C195.00@mta2.lotus.com>
X-Mailing-List: <http-wg@cuckoo.hpl.hp.com> archive/latest/3071

>The question here is "when should a cache store and reuse a response
>from a CGI script?".

CGI is no different than any other part of the server.  I think it
is a mistake to encode namespace assumptions into the protocol,
particularly when we have already provided a means for origin servers
to explicitly mark something as non-cachable.

>   We note one exception to this rule: since some applications have
>   traditionally used GETs and HEADs with query URLs (those containing a
>   "?" in the rel_path part) to perform operations with significant side
>   effects, caches MUST NOT treat responses to such URLs as fresh unless
>   the server provides an explicit expiration time. This specifically
>   means that responses from HTTP/1.0 servers for such URIs should not
>   be taken from a cache. See section 9.1.1 for related information.

I would prefer to delete the above from the spec.

>[9.1.1 defines "safe methods".]
>I propose adding this to the end of section 13.9:
>    Note that some HTTP/1.0 cache operators have found that it is
>    dangerous to cache responses to requests for URLs including the
>    string "cgi-bin".  HTTP/1.1 caches should follow this practice
>    for responses that do not include an explicit expiration time.
>    HTTP/1.1 origin servers that want to allow caching of responses
>    for URLs including "?" or "cgi-bin" SHOULD include an explicit
>    expiration time.  Explicit expiration times may be specified
>    using Expires, or the max-age directive of Cache-Control, or
>    both.

I think it is a bad idea -- whether or not a resource is based on
a script has nothing to do with its cachability.  If we need a backwards
way to protect against old CGI scripts, then use the Last-Modified
distinction that Ari mentioned.

Received on Wednesday, 16 April 1997 04:25:28 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 7 January 2015 14:40:19 UTC