httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Roy T. Fielding" <field...@kiwi.ICS.UCI.EDU>
Subject Re: Set-Cookie header and caching
Date Sat, 24 Jun 2000 06:26:25 GMT
>Roy, I'm just curious: are you referring to HTTP/1.0 when you say that
>there are plenty of cache control mechanisms available?

I answered the same question off-list before seeing this message, but
for everyone else...

All of the HTTP/1.1 cache controls can be used in HTTP/1.0, it is
just that some older proxies will only respect Expires.  That's why
people wishing to disable shared caching use some combination of

    Cache-control: private, max-age=3600
    Expires: Thu, 01 Jan 1970 00:00:00 GMT
    Vary: Set-Cookie

to get the right effect on all systems.  Regardless, Set-Cookie does
not imply no-cache because many cookies can and should be cached.
Whether or not the response is cacheable depends on the cookie semantics
for that resource, and hence must be set by the origin server.
If they don't set it right, that is their problem.

>Anyway, the patch is backed out.



View raw message