W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2009

Vary: Cookie

From: Adrien de Croy <adrien@qbik.com>
Date: Wed, 03 Jun 2009 13:06:08 +1200
Message-ID: <4A25CC80.2050107@qbik.com>
To: HTTP Working Group <ietf-http-wg@w3.org>


I'm seeing quite a few responses from some servers with a Vary: Cookie 

this makes me wonder if this is desired / supported behaviour.  I 
thought cookies weren't to be stored by shared caches, which makes it 
then impossible to match on a cookie in a subsequent request.

Actually the whole aspect of caching + cookies isn't covered in 
RFC2616.  Is there another RFC I should be reading to figure out how to 
deal with this?  To date I've been treating the presence of a Cookie 
header similarly to the presence of an authorization tag wrt caching, 
since cookies are (AFAIK) mainly used to establish an association 
between a specific client and the server, and thence the implications 
are that responses are at least private to that client.



Adrien de Croy - WinGate Proxy Server - http://www.wingate.com
Received on Wednesday, 3 June 2009 01:03:47 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:10:49 UTC