Re: GET, POST, and side-effects

Shel Kaphan:
>I agree, a response-based approach could certainly be more accurate
>and flexible.  How exactly could we implement this?  Suppose that
>instead of the HTML, browser, and request changes that I mentioned
>about 5 minutes ago, that servers inserted the
>Cache-control:no-side-effects header in appropriate *responses*.  This
>then would be part of the cache's state for that particular
>request/response pair, and could control the cache's behavior for
>subsequent request of a similar nature. Yeah, I like it, and it
>requires less infrastructure change as well.
>
>Are we converging yet?

You certainly have converged with me: I think that a response header
is the only way to do this.  Doing it with extra form tags and request
headers may generate yet another spoofing problem.  The advantage of

 Cache-control:no-side-effects

over 

 Cache-control:cachable

would be that no-side-effects allows browsers to omit the `really
repost form?' dialog box on re-posts.

>--Shel

Koen.

Received on Friday, 5 January 1996 23:57:43 UTC