hael
>
> -Original Message-
> From: Mark Thomas [mailto:ma...@apache.org]
> Sent: Tuesday, August 23, 2011 12:49 PM
> To: Tomcat Users List
> Subject: Re: Cache-Control headers not being added to secure requests
>
> On 23/08/2011 19:09, Zampani, Mi
Wonderful!
Should I file a bug report for this? It's only a 1 line diff.
Thanks,
Michael
-Original Message-
From: Mark Thomas [mailto:ma...@apache.org]
Sent: Tuesday, August 23, 2011 12:49 PM
To: Tomcat Users List
Subject: Re: Cache-Control headers not being added to secure req
On 23/08/2011 19:09, Zampani, Michael wrote:
> Chris,
>
> Doesn't the entire securePagesWithPragma flag fail the robustness
> principle? It's specifically there to fix caching issues with IE,
> similar to the issue we're now seeing.
>
> I understand how I would create a Filter to do this, but I'
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael,
On 8/23/2011 2:09 PM, Zampani, Michael wrote:
> It seems as though the kernel of logic here is that 'pages with
> security-constraints' should have these headers automatically
> added. There should be a specific reason to add the additional
nt: Tuesday, August 23, 2011 6:48 AM
To: Tomcat Users List
Subject: Re: Cache-Control headers not being added to secure requests
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael,
On 8/22/2011 5:39 PM, Zampani, Michael wrote:
> However, I'm still confused about
>> - {request.isSec
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael,
On 8/22/2011 5:39 PM, Zampani, Michael wrote:
> However, I'm still confused about
>> - {request.isSecure()} means that the headers are only added if
>> the request is not secure since responses from secure requests
>> must not be cached
>
>
ark Thomas [mailto:ma...@apache.org]
Sent: Wednesday, August 17, 2011 12:34 AM
To: Tomcat Users List
Subject: Re: Cache-Control headers not being added to secure requests
On 16/08/2011 22:20, Zampani, Michael wrote:
> It was my understanding that the fix for IE was just the
> securePagesWithP
On 16/08/2011 22:20, Zampani, Michael wrote:
> It was my understanding that the fix for IE was just the
> securePagesWithPragma change, which changes cache-control:no-cache to
> cache-control:private by default.
> According to the bug report, this should fix IE downloads even for secure
> requ
for secure requests, which
results in no headers at all.
Have I misunderstood something?
Thanks,
Michael
-Original Message-
From: Richard Frovarp [mailto:rfrov...@apache.org]
Sent: Tuesday, August 16, 2011 2:02 PM
To: Tomcat Users List
Subject: Re: Cache-Control headers not being added
On 08/16/2011 03:57 PM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael,
On 8/16/2011 4:42 PM, Zampani, Michael wrote:
I don't understand why it was ever present, though. Does anybody
know why you wouldn't want these headers on secure requests?
The svn comme
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael,
On 8/16/2011 4:42 PM, Zampani, Michael wrote:
> I don't understand why it was ever present, though. Does anybody
> know why you wouldn't want these headers on secure requests?
The svn comment says "...to reduce the likelihood of issues whe
Hi,
CLN 1126273
http://svn.apache.org/viewvc?view=revision&revision=1126273
Seems to have disabled the automatic addition of the cache-control and pragma
response headers on secure constrained pages.
The initial revision of this file(at least the oldest copy I could find) had
this check
http://
12 matches
Mail list logo
