- From: Anne van Kesteren <annevk@opera.com>
- Date: Thu, 24 Jan 2008 00:30:01 +0100
- To: "Mark Nottingham" <mnot@yahoo-inc.com>
- Cc: "WAF WG (public)" <public-appformats@w3.org>
On Wed, 23 Jan 2008 22:17:36 +0100, Mark Nottingham <mnot@yahoo-inc.com> wrote: > BTW, I understand the motivation for this now that OPTIONS is used, but > you still have a clock sync problem. Race conditions are already covered by the specification. Authors are advised to check to the Referer-Root header to prevent such issues from occuring. > Also, HTTP caches won't be able to exploit this. I'm thinking especially > of HTTP accelerators (e.g., Akamai); OPTIONS traffic is going to create > a lot of undesirable back-end communication for them, until they come up > with a workaround. My main concern is that different intermediaries are > going to come up with different strategies for caching OPTIONS results. OPTIONS is part of the traffic that is non-static. I'm not sure how much you can optimize that by using HTTP accelerators. Again though, the idea is that the request reaches the server and that the server specifies an HTTP-date indicating how long the policy is valid. -- Anne van Kesteren <http://annevankesteren.nl/> <http://www.opera.com/>
Received on Wednesday, 23 January 2008 23:26:30 UTC