tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 6709] - Images on protected areas have not "Last modified" header
Date Wed, 27 Feb 2002 21:22:35 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6709>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=6709

Images on protected areas have not "Last modified" header





------- Additional Comments From patrick.luby@sun.com  2002-02-27 21:22 -------
I can comment on the "expires" header. This is for IE browsers. Some versions of 
IE like to cache content (which gets cached on the local file system) regardless 
of the values set for the "pragma" and "cache-control" headers. The use of the 
"expires" header is a common hack to work around this.

As for disabling the no-caching behavior for SSL, I see no problem with that as 
long as the org.apache.catalina.net.SSLServerSocketFactory's clientAuth attribute 
in server.xml is set to "false" (the common case).

The forcing of the no-caching behavior for SSL was an inadvertant effect of my 
implementation of the no-caching behavior. My intent was to only force this 
behavior when you are authenticating the ID of the user access a URI. My feeling 
is that if you allow anyone to access a URI but you are using SSL to protect the 
stream from eavesdropping by others, then caching should be OK.

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message