hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jonathan Moore (JIRA)" <j...@apache.org>
Subject [jira] Created: (HTTPCLIENT-963) client cache does not respect 'Cache-Control: no-store' on requests
Date Thu, 01 Jul 2010 16:17:51 GMT
client cache does not respect 'Cache-Control: no-store' on requests
-------------------------------------------------------------------

                 Key: HTTPCLIENT-963
                 URL: https://issues.apache.org/jira/browse/HTTPCLIENT-963
             Project: HttpComponents HttpClient
          Issue Type: Bug
          Components: Cache
    Affects Versions: 4.1 Alpha2
            Reporter: Jonathan Moore


"The purpose of the no-store directive is to prevent the inadvertent release or retention
of sensitive information (for example, on backup tapes). The no-store directive applies to
the entire message, and MAY be sent either in a response or in a request. If sent in a request,
a cache MUST NOT store any part of either this request or any response to it."

http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9.2

The current implementation will incorrectly cache responses to requests containing 'Cache-Control:
no-store'.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org
For additional commands, e-mail: dev-help@hc.apache.org


Mime
View raw message