Changeset 512


Ignore:
Timestamp:
Mar 4, 2009, 9:30:02 PM (11 years ago)
Author:
mnot@…
Message:

clarify that authenticated requests can't have their responses stored.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis/latest-roy/p6-cache.xml

    r511 r512  
    395395            <t>the "private" cache response directive (see <xref target="header.cache-control" />
    396396            does not appear in the response, if the cache is a shared cache, and</t>
     397            <t>the request does not have an Authorization header (see &header-authorization), if
     398            unless either the cache is non-shared, or the "public" directive is present  (see <xref
     399                target="header.cache-control" />).</t>           
    397400            <t>the cache understands partial responses, if the response is partial or incomplete
    398401              (see <xref target="errors.or.incomplete.response.cache.behavior" />).</t>
     
    421424      <section anchor="constructing.responses.from.caches"
    422425        title="Constructing Responses from Caches">
    423         <t>For a presented request, a non-shared cache &MAY; return a stored response, provided
     426        <t>For a presented request, a cache &MAY; return a stored response, provided
    424427          that: <list style="symbols">
    425428            <t>The presented Request-URI and that of the stored response match (see
     
    438441              its use (see <xref target="header.cache-control" /> and <xref target="header.pragma"
    439442             />).</t>
    440           </list>
    441         </t>
    442         <t>A shared cache &MAY; return a stored response, provided that: <list style="symbols">
    443             <t>The criteria for non-shared caches above are met (taking into account directives specific to shared
    444               caches; see <xref target="header.cache-control" />), and</t>
    445             <t>the stored response was not associated with an authenticated request (see
    446               &header-authorization;), unless explicitly allowed (see <xref
    447                 target="header.cache-control" />).</t>
    448443          </list>
    449444        </t>
Note: See TracChangeset for help on using the changeset viewer.