![(please configure the [header_logo] section in trac.ini)](https://www.ietf.org/images/ietflogotrans.gif)
#12 closed design (fixed)
Invalidation after Update or Delete
| Reported by: | mnot@… | Owned by: | |
|---|---|---|---|
| Priority: | Milestone: | 01 | |
| Component: | p6-cache | Severity: | |
| Keywords: | Cc: |
Description
There is some ambiguity in Section13.10 as to how the word 'only' binds here:
In order to prevent denial of service attacks, an invalidation based on the URI in a Location or Content-Location header MUST only be performed if the host part is the same as in the Request-URI.
The following clarification, along with separating the clause explaining the rationale for the rule, is suggested:
An invalidation based on the URI in a Location or Content-Location header MUST NOT be performed if the host part of that URI differs from the host part in the Request-URI. This helps prevent denial of service attacks.
Change History (3)
comment:1 Changed 14 years ago by fielding@…
- Milestone set to 01
- Resolution set to fixed
- Status changed from new to closed
- version set to 00
comment:2 Changed 14 years ago by mnot@…
- version changed from 00 to d00
comment:3 Changed 14 years ago by julian.reschke@…
- Component set to p6-cache
Note: See
TracTickets for help on using
tickets.
Fixed in [77]