- From: Adrien de Croy <adrien@qbik.com>
- Date: Wed, 03 Jun 2009 13:06:08 +1200
- To: HTTP Working Group <ietf-http-wg@w3.org>
Hi I'm seeing quite a few responses from some servers with a Vary: Cookie header. this makes me wonder if this is desired / supported behaviour. I thought cookies weren't to be stored by shared caches, which makes it then impossible to match on a cookie in a subsequent request. Actually the whole aspect of caching + cookies isn't covered in RFC2616. Is there another RFC I should be reading to figure out how to deal with this? To date I've been treating the presence of a Cookie header similarly to the presence of an authorization tag wrt caching, since cookies are (AFAIK) mainly used to establish an association between a specific client and the server, and thence the implications are that responses are at least private to that client. thanks. Adrien -- Adrien de Croy - WinGate Proxy Server - http://www.wingate.com
Received on Wednesday, 3 June 2009 01:03:47 UTC