No, the notion in Origin is an exception to DNS authorities for broadening security constraints on javascript, etc. HTTP caching must not allow a non-matching-authority (including a different port) define what can be invalidated or replaced. ....Roy On Dec 13, 2011, at 7:27 PM, Mark Nottingham wrote: > <http://trac.tools.ietf.org/wg/httpbis/trac/ticket/322> > > Since we now have a definition of an Origin, it'd be good to use it where appropriate. > > Proposal for p7 2.2: > > """A protection space is defined by the origin [ref to origin rfc], combined with the realm value (if present).""" > > Proposal for p6 2.5: > > """However, a cache MUST NOT invalidate a URI from a Location or Content-Location header field if that URI does not have the same origin as that of the effective request URI (section 4.3 of [Part1]), as specified in [ref to origin rfc].""" > > Comments? > > > -- > Mark Nottingham http://www.mnot.net/ > > > >Received on Wednesday, 14 December 2011 18:58:40 UTC
This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:26 UTC