W3C home > Mailing lists > Public > public-webappsec@w3.org > May 2015

Re: SRI for preemptive cache validation

From: Jeff Kaufman <jefftk@google.com>
Date: Tue, 19 May 2015 15:57:20 -0400
Message-ID: <CAMJ6YUsOYTSuOqA4Df3dmmT7PoysGstanWvz4-Ru-3WOUhUyuQ@mail.gmail.com>
To: Brian Smith <brian@briansmith.org>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>, Joel Weinberger <jww@google.com>
On Tue, May 19, 2015 at 9:28 AM, Jeff Kaufman <jefftk@google.com> wrote:
> Yes, for the same origin HTTP/2 case I think pushing 304s could do
> what we need here. Just to confirm, if a server pushes:
>     resource: /example.js
>     status: 304 Not Modified
>     etag: foo
> and the browser has /example.js in cache with ETag 'foo', then if the
> browser would otherwise have made an "if not modified" request with
> ETag "foo" it instead treats it as already validated?

Update: I just tested this with SPDY/3.1 in Chrome and Firefox and
pushing 304s doesn't work this way.  Details in
Received on Tuesday, 19 May 2015 19:57:52 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:49 UTC