Re: cookie problems

From: Dancer <dancer@dont-contact.us>
Date: Tue, 26 Oct 1999 07:15:44 +0000

Henrik Nordstrom wrote:
>
> Simon Greaves wrote:
>
> > It's true that the site logon does now work, and I understand why it now
> > works since squid will not cache the dynamic stuff hence will re-request
> > the asp page. Presumably the reason it didn't work before was not an
> > issue with squid, but rather the website's implementation, ie squid had
> > no way of knowing it should contact the remote site.
>
> Sounds like it.
>
> Pages with private content (i.e. session cookies) must contain
>
> Cache-Control: private
> (or any stronger non-cacheability directive)
>
> A note from the other point of view is that you should NOT have a
> refresh_pattern setting with a min age other than 0 unless you know what
> you are doing, or you are likely to cache dynamic pages not designed for
> caching.

That - to me - begs the question of what squid does with 'Cache-control:
private'. Best case assumption: If user information is available, the
page is cached but can only generate a hit for the same user. Worst case
assumption: Page is not cached at all.

D
Received on Tue Oct 26 1999 - 01:25:38 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:49:04 MST