httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Graham Leggett <>
Subject Re: cache trouble (Re: [vote] 2.1.9 as beta)
Date Mon, 07 Nov 2005 23:41:24 GMT
Ruediger Pluem wrote:

> If I have a forward proxy to which I limit access via IP based access control
> I should add Cache-Control: private to any response I get back from the backend
> (either a Remote Proxy or the origin server).

A very important distinction: forward and reverse proxy authentication 
works completely differently from each other.

In a forward proxy configuration, you authenticate access to the proxy 
using Proxy-Authenticate. Once authenticated you can view cached content.

In a reverse proxy (or any normal content) configuration, you 
authenticate access to content using WWW-Authenticate, and here the 
Cache-Control: private must be used to make sure that content generated 
for you is not inadvertently delivered to someone else.

Cache-Control: private is not necessary in the forward proxy config. It 
is necessary in the reverse proxy / normal config case.


View raw message