W3C home > Mailing lists > Public > ietf-http-wg@w3.org > October to December 2010

Re: NEW: #235: Cache Invalidation only happens upon successful responses

From: Mark Nottingham <mnot@mnot.net>
Date: Mon, 18 Oct 2010 15:28:30 +1100
Cc: "Moore, Jonathan" <jonathan_moore@comcast.com>, HTTP Working Group <ietf-http-wg@w3.org>
Message-Id: <A904CB6D-6310-42A6-8091-DC93C2FDC8A4@mnot.net>
To: Roy T. Fielding <fielding@gbiv.com>
Roy, what's your precise definition of successful? 2xx, or 2xx + 3xx?

E.g., 303 See Other seems like it's squarely within the intent of cache invalidation, since Location is included.


On 26/07/2010, at 11:33 PM, Roy T. Fielding wrote:

> On Jul 25, 2010, at 8:19 AM, Moore, Jonathan wrote:
>> By successful response, do you mean "received a response successfully" or "received a response with a 2xx response code"? If the former, I think I'd agree, but if the latter, there are definitely non-2xx response codes that would still give an indication that a cached entry wasn't valid anymore (for example, a 404).
> No, it must be a success response from the origin server.  No other response
> indicates that the cached GET is invalid because the origin server may use
> various error responses to deal with authenticatiin problems on the
> part of an attacker.
> ....Roy

Mark Nottingham   http://www.mnot.net/
Received on Monday, 18 October 2010 04:29:01 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:10:55 UTC