- From: Benjamin Hawkes-Lewis <bhawkeslewis@googlemail.com>
- Date: Sat, 28 Jan 2012 21:25:07 +0000
- To: Samuel Santos <samaxes@gmail.com>
- Cc: Kornel Lesiński <kornel@geekhood.net>, "Marat Tanalin | tanalin.com" <mtanalin@yandex.ru>, "public-html@w3.org" <public-html@w3.org>
2012/1/27 Samuel Santos <samaxes@gmail.com>: >> * History navigation (Back button) should always read POSTed pages from >> cache, even if pages had Cache-Control: no-cache set (this is >> RFC-compliant). This way there is no unexpected resubmission happening >> automatically, and—unless user forces browser to clear the cache—there is no >> need to ask any questions or switch to GET. > > > That should not work with HTTPS. Says what? > If it does, it's a serious security issue. How so? -- Benjamin Hawkes-Lewis
Received on Saturday, 28 January 2012 21:25:35 UTC