RE: Thanks Re Caching Problem

> >From a security end we know that HTTP/1.0 has flaws (especially when you
> introduce a web browser), but it raises the question of how many proxy
> server are there which only implement HTTP/1.0. All it seems to takes is a
> single proxy server for a response to be downgraded, and for the browser
> receive that downgraded response and (correctly?) ignore any settings that
> are not associated with the protocol identifier in the response - such as
> Cache-Control headers.

Incorrectly.  If a browser supports the Cache-Control header field for
any HTTP/1.x response, then it should support it for every HTTP/1.x
The definition of an HTTP header field is defined by the major number,
not the minor number.


Received on Wednesday, 8 November 2000 14:55:42 UTC