- From: Koen Holtman <k.holtman@chello.nl>
- Date: Thu, 17 Jun 2004 18:10:04 -0400 (EDT)
- To: Joris Dobbelsteen <joris.dobbelsteen@mail.com>
- Cc: WWW WG <ietf-http-wg@w3.org>
Hi Joris, On Wed, 16 Jun 2004, Joris Dobbelsteen wrote: > > > A slight question about the Content-Location header and its impact on > caching. I don't know whether I'm interpreting the RFC text correctly... > > I request the root page "/", > Which returns "Content-Location: /Default.aspx" I'm assuming that you mean that the root page returns a 200 response, not a redirect. (A Content-location in a redirect would be somewhat unusual, the redirect usually has a Location only. If the response you have in mind _is_ a redirect, actually my answer below also applies) > > Would the proxy new threat "/" and "/Default.aspx" are the same locations? > Or should it rather keep these two seperately and create/update both "/" and > "/Default.aspx" in the cache? No, the proxy should treat them as different locations and create/update separately. From rfc2616: A cache cannot assume that an entity with a Content-Location different from the URI used to retrieve it can be used to respond to later requests on that Content-Location URI. Basically, this rule is there for security reasons. A cache cannot know (and should never assume) that the URLs http://website/Default.aspx and http://website/ are under the control of the same author. If it would falsely assume this, then the author of Default.aspx can spoof the contents of http://website/ for all users of the cache. > > This is because users like to type > http://website/ > And my pages refer to the home page as > http://website/Default.aspx > > Thanks, > > - Joris Koen.
Received on Thursday, 17 June 2004 18:25:39 UTC