Re: [XHR2] AnonXMLHttpRequest()

On Wed, Feb 3, 2010 at 2:34 PM, Maciej Stachowiak <mjs@apple.com> wrote:
> I don't think I've ever seen a Web server send "Vary: Cookie". I don't know offhand if they consistently send enough cache control headers to prevent caching across users.

I've heard reports of proxies caching cookied responses in some
obscure countries for short periods of time.  These bustages seem to
caught pretty quickly by proxy operators because all manner of insane
things start happening if you're serving users cached responses with
someone else's credentials.

Adam

Received on Thursday, 4 February 2010 01:22:35 UTC