Re: How to interpret Cache-Control: no-cache="Set-Cookie"

Well in my case I know some of the pages I'm sending have embedded crud
("Surfing as Foobar" if you're silly enough to "log in" to hotwired). But
I can send "Vary: Cookie" on those... I wish I could be more granular and
say "Vary: Cookie=\"u\"" meaning it varies only on the cookie named u. The
truth is that I'd rather convince the Powers That Be to just remove that
so we can make hotwired and its relative sites cacheable (um, I have no
control over hotbot). Any statistics you have that would help this case
would be appreciated.

Since I don't send Expires or Last-Modified on .html responses either, I'm
not being very friendly to caches. But it is on my list, I need to figure
out how to map the posting schedules of all the different sections into
something that the server can use to set Expires. Fortunately much of the
site is properly arranged such that if content changes then the URL that
points to it changes... except for the "what's current today/this hour"
pages.

BTW I'm thinking of sending "Vary: User-Agent" on our .html pages since
almost every one of them includes some conditional based on frames or
whatnot. (In fact I can be fine-grained enough to only add that header if
certain conditionals are used.) Even this is kinda kludgy since it will
artificially increase the number of copies that a 1.1 compliant cache
would have to keep... I mean user-agent strings vary so much. It'd be way
cool if I could say "varies only if it doesn't match the regexp
'^Mozilla/[2-9]\.'".

I'm guessing based on Miguel's comments that this stuff is currently
difficult to support in Squid. But I'm willing to experiment with these
things on the origin-side if someone wants to play with them in squid.
Extensions to HTTP/1.1 probably wouldn't be accepted into Apache-core
code, but I'm interested in maintaining a set of patches (against apache)
to improve cache control.

Dean

On Mon, 14 Apr 1997, James R Grinter wrote:

> On Sat 12 Apr, 1997, Dean Gaudet <dgaudet@arctic.org> wrote:
> >I'm certain the interpretation is the first -- OK to cache if you strip
> >out the Set-Cookie headers. Consider:
>
> Can we be sure that servers sending us these headers are going to
> "do the right thing" when it comes to not also including URLs
> embedding the ID strings? For instance, Microsoft haven't been
> very good at this; and what are pathfinder.com doing nowadays?
>
> -- jrg.
Received on Tue Jul 29 2003 - 13:15:41 MDT