You're forgetting...
5. Use a different URI.
On 2007/10/09, at 9:59 PM, Anne van Kesteren wrote:
On Tue, 09 Oct 2007 13:15:06 +0200, Henri Sivonen <[EMAIL PROTECTED]>
wrote:
[...]
Ok, so here are some potential solutions to this problem:
1. Use something other than GET.
2. Keep an _independent_ HTTP cache for access request checks.
3. Store the result of an access request check in a table.
Invalidate this
result at the end of a browser session.
4. Store the result of an access request check in a table along
with a
timeout time from a dedicated HTTP header. Invalidate this
result after
the timeout time has been reached. If there is no timeout time
do not
store the result.
I don't think 1 is really an option. I can't really judge the
feasability of 2. 3 seems annoying for debugging. 4 seems
relatively easy to specify and can work on top of the existing HTTP
cache for the URI.
--
Anne van Kesteren
<http://annevankesteren.nl/>
<http://www.opera.com/>
--
Mark Nottingham [EMAIL PROTECTED]
