Re: #290 [was: SHOULD-level requirements in p6-caching]

On 04/05/2011, at 8:01 PM, Poul-Henning Kamp wrote:

> In message <E18FC49C-0865-4534-8A14-C30BA8D40295@mnot.net>, Mark Nottingham wri
> tes:
> 
>>> I would like to see the text say that if there is a "Cache-Control:"
>>> header "Pragma:" MUST be ignored, to resolve the possible conflicts
>>> between them.
>> 
>> We already have:
>> 
>>> A cache SHOULD treat "Pragma: no-cache" as if the client had sent
>>>   "Cache-Control: no-cache".
>> 
>> 
>> so that makes them equivalent. 
> 
> That is probably a bit more than I would read into it.
> 
> But that does not in any way resolve what to do if you have both
> and they are in conflict.
> 
> I think it is a good idea to state clearly that Cache-Control takes
> precedence if both are present.


A couple of things come to mind.

In requests, Pragma: no-cache is defined to be equivalent to CC: no-cache. I don't think we can change that now, as most implementations that I'm aware of honour that requirement, and more importantly, clients will have a reasonable expectation that this will continue.  A gateway cache can choose to ignore request directives, because it has implicit permission from the origin, of course.

We can have a discussion about CC: no-cache vs. other CC directives, but AFAIK the long-held consensus on that is that max-age (for example) does NOT trump no-store, because no-store is more restrictive than max-age, and implementations need to behave conservatively in the face of conflicting directives. That's one of the reasons that the text in p6 is written like it is.

However, in the case of responses, 2616, defined Pragma: no-cache as

> When the no-cache directive is present in a request message, an application SHOULD forward the request toward the origin server even if it has a cached copy of what is being requested. This pragma directive has the same semantics as the no-cache cache-directive (see section 14.9) and is defined here for backward compatibility with HTTP/1.0. Clients SHOULD include both header fields when a no-cache request is sent to a server not known to be HTTP/1.1 compliant.

and then

>       Note: because the meaning of "Pragma: no-cache as a response
>       header field is not actually specified, it does not provide a
>       reliable replacement for "Cache-Control: no-cache" in a response


So, we already say* that Pragma: no-cache doesn't have any meaning in responses, and should be ignored.

Does that cover the cases you're concerned about, or are you arguing that CC: max-age (etc.) in requests overrides Pragma: no-cache?

Cheers,

* I see we have a bug in p6, in that it says it has the same semantics as the response directive, not the request directive; I'll fix that momentarily. 

--
Mark Nottingham   http://www.mnot.net/

Received on Wednesday, 4 May 2011 10:20:50 UTC