- From: Roy T. Fielding <fielding@gbiv.com>
- Date: Mon, 26 Jul 2010 06:33:51 -0700
- To: "Moore, Jonathan" <jonathan_moore@comcast.com>
- Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
On Jul 25, 2010, at 8:19 AM, Moore, Jonathan wrote: > By successful response, do you mean "received a response successfully" or "received a response with a 2xx response code"? If the former, I think I'd agree, but if the latter, there are definitely non-2xx response codes that would still give an indication that a cached entry wasn't valid anymore (for example, a 404). No, it must be a success response from the origin server. No other response indicates that the cached GET is invalid because the origin server may use various error responses to deal with authenticatiin problems on the part of an attacker. ....Roy
Received on Monday, 26 July 2010 13:34:24 UTC