W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2010

Re: NEW: #235: Cache Invalidation only happens upon successful responses

From: Yves Lafon <ylafon@w3.org>
Date: Mon, 26 Jul 2010 08:11:40 -0400 (EDT)
To: "Moore, Jonathan" <Jonathan_Moore@Comcast.com>
cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <alpine.DEB.1.10.1007260803130.12883@wnl.j3.bet>
On Mon, 26 Jul 2010, Moore, Jonathan wrote:

> I think this is right that we might need to look at different status codes 
> here. What about a 500 (internal server error)? It seems like the resource 
> may have been put into a different state due to a partially-completed 
> operation, and the cache, being aware of a potential change, ought to 
> invalidate and re-establish the current state.
> Let me ask the intent behind invalidation, though: is this to be done when 
> the cache *knows* the state of the resource has changed, or just when it 
> *might* have changed?

If it is a *might*, there is no need to ways for the response, any unknown 
method or unsafe method is enough to trigger invalidation, but it leads to 
denial of service attacks.

If is it a *knows*, then we have two cases:
1/ successful response (in the sense of 2xx) => invalidate
All the other cases (404, 410) are indeed giving information about the 
state of the resource, but that is no different from an unsuccesful 

So for #235, we should say that a cache MUST invalidate when there is a 
successful response and not more, as reasons to do so are covered 
elsewhere already.

> On Jul 26, 2010, at 5:19 AM, "Yves Lafon" <ylafon@w3.org> wrote:
>> On Mon, 26 Jul 2010, Mark Nottingham wrote:
>>> Good point.
>>> How about non-5xx status code?
>> Well, 405 or 413 should not trigger invalidation. We need 2xx plus status 
>> code that are making an assertion about the state of the possibly updated 
>> representation.
>>> On 25/07/2010, at 5:19 PM, Moore, Jonathan wrote:
>>>> By successful response, do you mean "received a response successfully" or 
>>>> "received a response with a 2xx response code"? If the former, I think 
>>>> I'd agree, but if the latter, there are definitely non-2xx response codes 
>>>> that would still give an indication that a cached entry wasn't valid 
>>>> anymore (for example, a 404).
>>>> Jon
>>>> ........
>>>> Jon Moore
>>>> On Jul 24, 2010, at 11:22 AM, "Mark Nottingham" <mnot@mnot.net> wrote:
>>>>> <http://trac.tools.ietf.org/wg/httpbis/trac/ticket/235>
>>>>> Any objection to specifying that invalidation only happens upon a 
>>>>> successful response (as opposed to any POST/PUT/DELETE/etc. response)?
>>>>> --
>>>>> Mark Nottingham     http://www.mnot.net/
>>> --
>>> Mark Nottingham     http://www.mnot.net/
>> -- 
>> Baroula que barouleras, au tiéu toujou t'entourneras.
>>       ~~Yves

Baroula que barouleras, au tiéu toujou t'entourneras.

Received on Monday, 26 July 2010 12:11:46 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:23 GMT