- From: Mark Nottingham <mnot@yahoo-inc.com>
- Date: Fri, 12 Oct 2007 14:16:16 +1000
- To: Anne van Kesteren <annevk@opera.com>
- Cc: "Henri Sivonen" <hsivonen@iki.fi>, "Jonas Sicking" <jonas@sicking.cc>, public-appformats@w3.org
You're forgetting... 5. Use a different URI. On 2007/10/09, at 9:59 PM, Anne van Kesteren wrote: > > On Tue, 09 Oct 2007 13:15:06 +0200, Henri Sivonen <hsivonen@iki.fi> > wrote: >> [...] > > Ok, so here are some potential solutions to this problem: > > 1. Use something other than GET. > > 2. Keep an _independent_ HTTP cache for access request checks. > > 3. Store the result of an access request check in a table. > Invalidate this > result at the end of a browser session. > > 4. Store the result of an access request check in a table along > with a > timeout time from a dedicated HTTP header. Invalidate this > result after > the timeout time has been reached. If there is no timeout time > do not > store the result. > > I don't think 1 is really an option. I can't really judge the > feasability of 2. 3 seems annoying for debugging. 4 seems > relatively easy to specify and can work on top of the existing HTTP > cache for the URI. > > > -- > Anne van Kesteren > <http://annevankesteren.nl/> > <http://www.opera.com/> > -- Mark Nottingham mnot@yahoo-inc.com
Received on Friday, 12 October 2007 04:18:57 UTC