On Thu, Jan 31, 2013 at 6:37 AM, David Morris <dwm@xpasc.com> wrote: > > > On Wed, 30 Jan 2013, Roy T. Fielding wrote: > > > Yes. Generally speaking, if the origin server puts two mutually > > exclusive directives in the same header field, they want the > > recipient to apply the most lenient one to which they are fully > > compliant (i.e., the same principle we define for extensions). > > > > If the origin server doesn't want that, then it doesn't send public. > > > > I don't see anything vague about it (at least no more vague than the > > concept of caching itself). And keep in mind that this is only a > > MAY for caches: they don't have to cache it; they have permission to. > > Ummm ... that interpretation applied to a conflict in a privacy setting > makes no sense ... a conflcit regarding privacy and/or security must > always be resolved with the most restrictive directive. > > +1 - imo if someone put no-mumble on the response that's the strongest signal due to privacy/security even in a mess of mixed signals.Received on Thursday, 31 January 2013 02:11:18 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 31 January 2013 02:11:21 GMT