ons 2007-05-23 klockan 17:29 -0400 skrev Benno Blumenthal:
> Then the first user that gets a protected page will prevent the
> challenge from being sent to all subsequent users, breaking
> authentication for that page.
What specs says should be used in such cases, when caching is desired,
is
Cache-Control: max-age=0, must-revalidate
and since authentiation is also used
Cache-Control: max-age=0, must-revalidate, public
Should be possible to add refresh_pattern options for this I suppose,
but not sure if it will find many valid uses outside your setup. But if
you submit a patch it may be considered.
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Fri Jun 01 2007 - 12:00:05 MDT