- From: Mark Nottingham <mnot@mnot.net>
- Date: Tue, 28 Jun 2011 15:20:11 +1000
- To: HTTP Working Group <ietf-http-wg@w3.org>
Marking for milestone -15. On 23/06/2011, at 3:20 PM, Mark Nottingham wrote: > """ > A cache MUST invalidate the effective Request URI (Section 4.3 of [Part1]) as well as the URI(s) in the Location and Content-Location header fields (if present) when a non-error response to a request with an unsafe method is received. > > However, a cache MUST NOT invalidate a URI from a Location or Content-Location header field if the host part of that URI differs from the host part in the effective request URI (Section 4.3 of [Part1]). This helps prevent denial of service attacks. > > A cache SHOULD invalidate the effective request URI (Section 4.3 of [Part1]) when it receives a non-error response to a request with a method whose safety is unknown. > > Here, a non-error response is one with a 2xx or 3xx status code. > """ -- Mark Nottingham http://www.mnot.net/
Received on Tuesday, 28 June 2011 05:20:37 UTC