- From: Már Örlygsson <mar@anomy.net>
- Date: Mon, 11 Feb 2002 11:05:15 +0000
- To: http-wg@cuckoo.hpl.hp.com
Hi. I'm doing a research on client-side caching of web documents sent over HTTPS - if (and how) web browsers respect "Cache-Control: (private)" and valid "Expires" headers sent by the server over a secure connection. I've searched the web extensively, but I've come up with very little reliable information outside the fact that "HTTPS is simply HTTP served over SSL" and some people second-guessing about browsers not caching HTTPS documents at all... Any authoriative information (or insight) would be most appreciated... ...and the development community could also benefit from this knowledge, as it seems not to be readily available out there. My problem: I am part of a team developing a web-app served over HTTPS. The application is split into several HTML frames (some with comletely static/generic content) and there are several image files that are an essential part of the design. Since bandwidth-use and server-load is a big issue for us, we'd like to cache as many of the pages/images as possible, while serving the whole application over HTTPS, as we don't want the users (many of which are one time users) confronted by dialog-windows notifying them about there being "both secure *and* insecure items on the page"... Cheers, and thanks in advance for anything you might be able to share. -- Már Örlygsson ------------------------------ mailto:mar@anomy.net http://mar.anomy.net
Received on Monday, 11 February 2002 12:45:08 UTC