Richfaces HTTP Header Cache-Control settings, need 'public'
-----------------------------------------------------------
Key: RF-9345
URL: https://jira.jboss.org/browse/RF-9345
Project: RichFaces
Issue Type: Feature Request
Security Level: Public (Everyone can see)
Components: performance
Affects Versions: 3.3.3.Final, 3.3.3.CR1, 3.3.3.BETA1, 3.3.2.SR1, 3.3.2.GA,
3.3.2.CR1, 3.3.1
Environment: This issue affect any web browser according to w3c
specification
Reporter: igor regis
If an application is running over https the web browser will only cache on
disk, the Richfaces resources, if and only if, the Cache-control header
(present on http header) has the value "public" on it. Otherwise the web
browser will perform in memory cache, so when user restarts the browser the
application will need to request all the resources again.
For applications running on corporative network, manipulating sensitive
information, it's mandatory the use of a secure connection through https
protocol, and form better performance is necessary for Richfaces to provide
it's resources with this "public" mark on cache-control tag.
According the w3c specs
(http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9.1) Richfaces
resources may be classified as public content with non individual information.
Here (https://community.jboss.org/thread/150732?tstart=0) there is a discussion
about this issue, as well as the point on Richfaces source code that need to be
changed.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
richfaces-issues mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/richfaces-issues
