- From: Henrik Nordstrom <henrik@henriknordstrom.net>
- Date: Fri, 26 Jun 2009 09:49:32 +0200
- To: "Yngve N. Pettersen (Developer Opera Software ASA)" <yngve@opera.com>
- Cc: Mark Nottingham <mnot@mnot.net>, Jamie Lokier <jamie@shareable.org>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
tor 2009-06-25 klockan 12:06 +0200 skrev Yngve N. Pettersen (Developer Opera Software ASA): > It *may* be that we should also check expiration first (and that is being > considered, but may require significant changes), but the purposes for > which we added it, online banking, requires checking on every view in any > case. And as mentioned, the "primary" use of the directive in many > frameworks, such as PHP, combines must-revalidate with no-cache and > no-store. must-revalidate SHOULD only have any effect once the response has become stale and also disables heuristic expiry calculation. Of course your users complained very loudly if you implemented it as no-cache. If forced checking on every view is desired then max-age=0,must-revalidate is the combination to use. max-age=0 says it's immediately stale, must-revalidate forces validation before reuse of stale copies. Regards Henrik
Received on Friday, 26 June 2009 07:50:26 UTC