tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Costin Manolache <cmanola...@yahoo.com>
Subject Re: [PROPOSAL] Add Post to the clear list for protected pages
Date Thu, 17 Jul 2003 03:38:48 GMT
Bill Barker wrote:

> At the moment (with the default settings), Tomcat 4.1.x and higher add
> HTTP headers to non-SSL protected pages to prevent intermediate proxies
> from
> caching them.  According to the HTTP/1.1 RFC (and even the HTTP/1.0 RFC),
> POSTed pages are not allowed to be cached by proxies (for the obvious
> reasons).  I'd like to add request.getMethod().equals("POST") to the list
> of conditions to *not* add the headers.

Not sure I understand :-)

The RFC requires that proxies don't cache POST requests. Are you saying 
we should *not* include the headers, because proxies will not cache anyway ?
Or to add the headers ? And what does it has to do with SSL ?

( I'm +0 any way )

Costin 


 
> I'm happy if I can do this in 5.x, and ecstatic if I can back-port it to
> 4.1.x (since it almost removes my need to configure the Authenticator).



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message