W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2011

Re: NEW: #235: Cache Invalidation only happens upon successful responses

From: Mark Nottingham <mnot@mnot.net>
Date: Tue, 28 Jun 2011 15:20:11 +1000
Message-Id: <5091E269-0E33-4FC2-9A2C-7B9CF87A6315@mnot.net>
To: HTTP Working Group <ietf-http-wg@w3.org>
Marking for milestone -15.


On 23/06/2011, at 3:20 PM, Mark Nottingham wrote:

> """
> A cache MUST invalidate the effective Request URI (Section 4.3 of [Part1]) as well as the URI(s) in the Location and Content-Location header fields (if present) when a non-error response to a request with an unsafe method is received.
> 
> However, a cache MUST NOT invalidate a URI from a Location or Content-Location header field if the host part of that URI differs from the host part in the effective request URI (Section 4.3 of [Part1]).  This helps prevent denial of service attacks.
> 
> A cache SHOULD invalidate the effective request URI (Section 4.3 of [Part1]) when it receives a non-error response to a request with a method whose safety is unknown.
> 
> Here, a non-error response is one with a 2xx or 3xx status code.
> """

--
Mark Nottingham   http://www.mnot.net/
Received on Tuesday, 28 June 2011 05:20:37 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:41 GMT