On Nov 7, 2005, at 2:09 PM, Ruediger Pluem wrote:
The problem is that without Cache-Control: private, any downstream
cache
would have the exact same problem. There's no way for it to know that
the response differs based on IPs unless the Origin says so. --
justin
This is true. But in the case of a forward proxy that is used to give
office users access to the internet in general based on there IP this
is no problem.
Then either the forward proxy has an external agreement with the
source (and can override the cache-control) or it has no clue
about the source and cannot safely cache the content. In any
case, the messages that we send must be correctly marked as
private because that is our configuration.
If the forward proxy sends a request that has no Cookie and
no Authorization, then it is likely that a cache-control private
response is indicative of IP-based access control. If you want
to code up a forward ProxyCache override based on that, go wild.
....Roy
