W3C home > Mailing lists > Public > ietf-http-wg-old@w3.org > September to December 2000

RE: Thanks Re Caching Problem

From: Fielding, Roy <fielding@eBuilt.com>
Date: Wed, 8 Nov 2000 14:50:17 -0800
Message-ID: <AA1E32BC8A58D411A2CB0050DACEDA43660767@raptor>
To: "'Tim Coates'" <tcoates@dynamics.net>, http-wg@cuckoo.hpl.hp.com
> >From a security end we know that HTTP/1.0 has flaws (especially when you
> introduce a web browser), but it raises the question of how many proxy
> server are there which only implement HTTP/1.0. All it seems to takes is a
> single proxy server for a response to be downgraded, and for the browser
to
> receive that downgraded response and (correctly?) ignore any settings that
> are not associated with the protocol identifier in the response - such as
> Cache-Control headers.

Incorrectly.  If a browser supports the Cache-Control header field for
any HTTP/1.x response, then it should support it for every HTTP/1.x
response.
The definition of an HTTP header field is defined by the major number,
not the minor number.

....Roy
Received on Wednesday, 8 November 2000 22:52:15 EST

This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:33:40 EDT