The sf2 documentation mentions not to use ESI with a reverse proxy when compression is enabled. I can easily understand this as the proxy would not be able to find the <esi:include> tags in a compressed content.
What happen with https content ? I guess it should be the same meaning the proxy is not able to find the esi tags in a encrypted content. If this is true: 1. it should be worth mentioning this in the doc (I volunteer to do this if it is applicable), 2. should there be a mechanism to prevent esi tag generation even if 'standalone' is set to true when using the https transport ? 3. Does the Varnish configuration from the doc advertise the ESI capablity for http only or for both http and https ? I am not yet very familiar with sf2 but I wanted to raise this question... hopping it is not a stupid one ! Cheers, Victor -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
