- From: Mark Baker <distobj@acm.org>
- Date: Wed, 22 Jun 2011 22:11:46 -0400
- To: Mark Nottingham <mnot@mnot.net>
- Cc: HTTP Working Group <ietf-http-wg@w3.org>
On Tue, Jun 21, 2011 at 8:30 PM, Mark Nottingham <mnot@mnot.net> wrote: > Proposal: > > """ > A cache MUST invalidate the effective Request URI (Section 4.3 of [Part1]) as well as the URI(s) in the Location and Content-Location header fields (if present) when a successful response to a request with an unsafe method is received. > > However, a cache MUST NOT invalidate a URI from a Location or Content-Location header field if the host part of that URI differs from the host part in the effective request URI (Section 4.3 of [Part1]). This helps prevent denial of service attacks. > > A cache SHOULD invalidate the effective request URI (Section 4.3 of [Part1]) when it receives a successful response to a request with a method whose safety is unknown. > > Here, a successful response is one with a 2xx or 3xx status code. I was thinking that "non-error response" would be superior to "successful response" in avoiding confusion, as the definition of the 2xx status code class uses the word "successful" exclusively. Mark.
Received on Thursday, 23 June 2011 02:12:14 UTC