Bill Barker wrote:
> At the moment (with the default settings), Tomcat 4.1.x and higher add
> HTTP headers to non-SSL protected pages to prevent intermediate proxies
> from
> caching them. According to the HTTP/1.1 RFC (and even the HTTP/1.0 RFC),
> POSTed pages are not allowed to be cached by proxies (for the obvious
> reasons). I'd like to add request.getMethod().equals("POST") to the list
> of conditions to *not* add the headers.
Not sure I understand :-)
The RFC requires that proxies don't cache POST requests. Are you saying
we should *not* include the headers, because proxies will not cache anyway ?
Or to add the headers ? And what does it has to do with SSL ?
( I'm +0 any way )
Costin
> I'm happy if I can do this in 5.x, and ecstatic if I can back-port it to
> 4.1.x (since it almost removes my need to configure the Authenticator).
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
