On Nov 4, 2005, at 10:56 AM, William A. Rowe, Jr. wrote:
It leaves us wondering; how can allow from/deny from n.n.n.n be mapped
to
RFC 2616 semantics, or at least, without running the many server hooks
on
later requests? The only way I can see, is that we should have any
more
explicit allow from/deny from leave a marker in the request record
from that
authorization phase, and mark it nocache if the request doesn't
otherwise
set the authentication required headers.
Cache-control: private
is what should be added for any resource under access control.
....Roy