It was my understanding that the fix for IE was just the securePagesWithPragma change, which changes cache-control:no-cache to cache-control:private by default. According to the bug report, this should fix IE downloads even for secure requests. The problem is, this entire block is now ignored for secure requests, which results in no headers at all. Have I misunderstood something?
Thanks, Michael -----Original Message----- From: Richard Frovarp [mailto:rfrov...@apache.org] Sent: Tuesday, August 16, 2011 2:02 PM To: Tomcat Users List Subject: Re: Cache-Control headers not being added to secure requests On 08/16/2011 03:57 PM, Christopher Schultz wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Michael, > > On 8/16/2011 4:42 PM, Zampani, Michael wrote: >> I don't understand why it was ever present, though. Does anybody >> know why you wouldn't want these headers on secure requests? > > The svn comment says "...to reduce the likelihood of issues when > downloading files with IE.". Presumably, [MS]IE has "issues" with > downloading files with those response headers. > Some versions of MSIE have problems downloading files depending on the cache-control header. We've seen this with our course management system. From what I've seen IE doesn't download files, it caches them, then copies them into place on the filesystem. But due to the cache control headers, it couldn't copy the cached file because it wasn't allowed to, causing trouble. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
