- From: Brian Smith <brian@briansmith.org>
- Date: Mon, 21 Sep 2009 10:05:25 -0500
- To: "'Henrik Nordstrom'" <henrik@henriknordstrom.net>, "'Mark Nottingham'" <mnot@mnot.net>
- Cc: "'HTTP Working Group'" <ietf-http-wg@w3.org>
Henrik Nordstrom wrote: > But this part of the specifications should only be advisory and best > practice recommendation, giving browsers permission to bypass freshness > controls on accesses due to history navigation, not a strict > requirement on implementaitons to do exactly this. Why does the HTTP specification even need to mention history lists. The vast majority of HTTP caches do not even maintain history lists. The ones that do (built into browsers) will design their history list mechanism according to their own security & performance goals. Plus, as Henrik noted previously, there's a lot more to a browser history list than caching the HTTP request/response (ActiveX/plugin state, Javascript state, SVG animation state, Javascript APIs for controlling history, etc.) Regards, Brian
Received on Monday, 21 September 2009 15:06:09 UTC