Re: Cookie problem & thanks

From: Duane Wessels <>
Date: Mon, 16 Dec 96 12:45:49 -0800 writes:

> said:
>} I'd rather not introduce another option, but just make it the
>} default behaviour to NOT cache responses with cookies.
>Isn't there another problem here...
>You start up on a service, it sends you a cookie to uniquely identify
>Subsequent requests to that service may result in pages which contain no
>cookie, *but* vary according to the cookie which you are sending to the
>service in your request headers.
>This is a real swine since some people will use cookies to modify content
>(which we therefore want to treat as private objects), and others will use
>them to try and track what users are doing which I would prefer to defeat
>by caching!!!
>The easy solution is to not cache either pages with set-cookie headers and
>pages resulting from requests with cookies embedded in the request header.
> Unfortunately finding the percentage of pages in this latter catagory is
>probably not possible without adding extra code into squid.


I think in this situation we need to hold some ground against the trend
towards making more and more objects uncachable. People who serve up
content have quite a few ways of marking pages to prevent caching. If
they are giving out dynamic pages based on cookies, or whatever, they
should set Cache-Control headers or at least Expires.

Duane W.
Received on Mon Dec 16 1996 - 12:57:30 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:33:54 MST