DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=34560>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=34560 ------- Additional Comments From [EMAIL PROTECTED] 2005-04-24 00:13 ------- Created an attachment (id=14814) --> (http://issues.apache.org/bugzilla/attachment.cgi?id=14814&action=view) patch to head cvs (1.30) line 437: //+++++ ASF Bugzilla Bug 34560 fix: boolean requireAuthentication = false; for(i=0; i < constraints.length; i++) { if (constraints[i].getAuthConstraint()) { requireAuthentication=true; break; } } //+++++ // Make sure that constrained resources are not cached by web proxies // or browsers as caching can provide a security hole if (requireAuthentication && disableProxyCaching && //+++++ SSL can be cached (by browser only, and by user choice), authenticated resources must not. [...] -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
