Changeset 1999 for draft-ietf-httpbis/latest/p7-auth.xml
- Timestamp:
- 27/11/12 03:10:52 (10 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
draft-ietf-httpbis/latest/p7-auth.xml
r1963 r1999 28 28 <!ENTITY end-to-end.and-hop-by-hop "<xref target='Part1' x:rel='#end-to-end.and.hop-by-hop.header-fields' xmlns:x='http://purl.org/net/xml2rfc/ext'/>"> 29 29 <!ENTITY status.403 "<xref target='Part2' x:rel='#status.403' xmlns:x='http://purl.org/net/xml2rfc/ext'/>"> 30 <!ENTITY shared-and-non-shared-caches "<xref target='Part6' x:rel='#shared.and.non-shared.caches' xmlns:x='http://purl.org/net/xml2rfc/ext'/>">30 <!ENTITY caching-authenticated-responses "<xref target='Part6' x:rel='#caching.authenticated.responses' xmlns:x='http://purl.org/net/xml2rfc/ext'/>"> 31 31 ]> 32 32 <?rfc toc="yes" ?> … … 482 482 </t> 483 483 <t> 484 When a shared cache (see &shared-and-non-shared-caches;) receives a request 485 containing an Authorization field, it &MUST-NOT; return the 486 corresponding response as a reply to any other request, unless one 487 of the following specific exceptions holds: 488 </t> 489 <t> 490 <list style="numbers"> 491 <t>If the response includes the "s-maxage" cache-control 492 directive, the cache &MAY; use that response in replying to a 493 subsequent request. But (if the specified maximum age has 494 passed) a proxy cache &MUST; first revalidate it with the origin 495 server, using the header fields from the new request to allow 496 the origin server to authenticate the new request. (This is the 497 defined behavior for s-maxage.) If the response includes "s-maxage=0", 498 the proxy &MUST; always revalidate it before re-using 499 it.</t> 500 501 <t>If the response includes the "must-revalidate" cache-control 502 directive, the cache &MAY; use that response in replying to a 503 subsequent request. But if the response is stale, all caches 504 &MUST; first revalidate it with the origin server, using the 505 header fields from the new request to allow the origin server 506 to authenticate the new request.</t> 507 508 <t>If the response includes the "public" cache-control directive, 509 it &MAY; be returned in reply to any subsequent request.</t> 510 </list> 484 See &caching-authenticated-responses; for details of and requirements 485 pertaining to handling of the Authorization field by HTTP caches. 511 486 </t> 512 487 </section>
Note: See TracChangeset
for help on using the changeset viewer.