I don't trust the vary header any farther than I can spit.
For example, at least one version of IE interprets a Vary header with
any value other than user-agent to mean "OMG, I don't understand,
don't cache this":
http://marc.info/?l=apache-modgzip&m=103958533520502&w=2
In a comment to Mark's blog post, he mentions other implementation issues:
"More complex situations -- e.g., with multiple Vary headers and
multiple request headers -- caused problems on a number of
implementations (i.e., they'd return the wrong thing)."
IMHO, we should stick to "cache-control: private."
We need that on most iframes anyway, so this keeps the cache-control
changes from rippling out quite so far.
On Tue, Jun 9, 2009 at 1:44 PM, John Panzer<[email protected]> wrote:
> This seems relevant: http://www.mnot.net/blog/2007/06/20/proxy_caching
> (It appears that Vary: is fairly safe in the sense that caches that don't
> deal with it nicely -- e.g., caching variants -- will just mark the content
> as uncacheable. Though I don't think this was rigorously tested.)
>
> --
> John Panzer / Blogger
> [email protected] / abstractioneer.org <http://www.abstractioneer.org/> /
> @jpanzer
>
>
>
> On Tue, Jun 9, 2009 at 1:25 PM, <[email protected]> wrote:
>
>> Hi Paul:
>>
>> You're absolutely right. Vary: User-Agent; is preferable to me. Do you
>> have any reason in mind for why Cache-Control: private in addition to or
>> instead of Vary would be preferable? Ie. common support by various CDNs.
>>
>> I've been thinking how best to link service of custom rpc to setting
>> this header. Ultimately JsServlet or a Filter needs to do so. Thoughts
>> on this? The best idea I had was to add something like
>> isBrowserSpecific() to JsLibrary so that the relevant output code
>> (gadget rendering, js servlet) could act accordingly.
>>
>> Kevin - re: StringBuffer, comment isn't particularly prescriptive so
>> I'll assume the complaint is use of StringBuffer rather than
>> StringBuilder. If so, fixed. If not, let me know.
>>
>>
>> http://codereview.appspot.com/63210
>>
>
