* Jonas Sicking wrote: >Another thing that occurred to me is does HTTP caches take the full set >of request headers into account when caching? Otherwise it could be >directly harmful to include Referer-Root and Method-Check headers. The >cache might store an "authorize" reply when the request is made for >Referer-Root A and wrongly respond with the same document is checked for >Referer-Root B. No, authors have to actively prevent improper caching of the response. Ian suggested that "merely adding a Vary: header with the appropriate values will remove that problem" so even Ian would fail to set this up properly (e.g., Vary would have no effect on simple HTTP/1.0 caches). -- Björn Höhrmann · mailto:bjoern@hoehrmann.de · http://bjoern.hoehrmann.de Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de 68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/Received on Monday, 5 November 2007 09:39:57 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 8 January 2008 14:10:23 GMT