Pragma has never been sent out on a secure connection until recently (rev 1.13) This is brand new behavior and it causes problems with IE under SSL. At the time you even said you'd be willing to roll it back.
Coincidentally, it was sufficiently long ago that I actually forgot about it. I would characterize this as "recently", however, as given the version in which it went in, it's in all the stable 5.0.x and 5.5.x builds.
I'd be happy to leave cache-control to no-cache, it is the Pragma that is killing us. Are you aware of a client that depends solely on Pragma for cache instruction? I would argue that being unable to serve pages to IE under SSL is more significant than a caching problem in a client that doesn't understand cache-control.
I read:
// FIXME: Disabled for Mozilla FORM support over SSL
// (improper caching issue)
Indeed (I now remember the issue), there would be serious issues should this not be the default.
Now, I think you are misrepresenting the IE issue, and it's not such a big issue. I am perfectly fine with adding new configurability and documenting it properly, but defaults should lean towards the safer solution.
BTW, I really don't see any problem with not using the defaults, and actually configuring something. Is that really a big issue for you and the people who reported this problem ? For example, in JBoss, I use a different default configuration and I don't make a big issue out of it.
Rémy
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
