W3C home > Mailing lists > Public > public-webappsec@w3.org > May 2015

Re: SRI for preemptive cache validation

From: Jeff Kaufman <jefftk@google.com>
Date: Tue, 19 May 2015 15:57:20 -0400
Message-ID: <CAMJ6YUsOYTSuOqA4Df3dmmT7PoysGstanWvz4-Ru-3WOUhUyuQ@mail.gmail.com>
To: Brian Smith <brian@briansmith.org>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>, Joel Weinberger <jww@google.com>
On Tue, May 19, 2015 at 9:28 AM, Jeff Kaufman <jefftk@google.com> wrote:
> Yes, for the same origin HTTP/2 case I think pushing 304s could do
> what we need here. Just to confirm, if a server pushes:
>
>     resource: /example.js
>     status: 304 Not Modified
>     etag: foo
>
> and the browser has /example.js in cache with ETag 'foo', then if the
> browser would otherwise have made an "if not modified" request with
> ETag "foo" it instead treats it as already validated?
>

Update: I just tested this with SPDY/3.1 in Chrome and Firefox and
pushing 304s doesn't work this way.  Details in
http://www.jefftk.com/p/preemptive-cache-validation-pushing-304s
Received on Tuesday, 19 May 2015 19:57:52 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:13 UTC