RE: Small question about the caching of password protected pages

From: Simon Austin <[email protected]>
Date: Wed, 10 Feb 1999 19:49:31 -0500

At 05:49 PM 2/10/99 -0500, Nottingham, Mark (Australia) wrote:
>Squid does not cache pages that are HTTP authenticated, unless a
>Cache-Control: public header is returned with the response (the web site
>would have to do this specifically). If they're using another authentication
>mechanism, it's perfectly possible the pages are being cached, albiet
>unlikely (they'd have to generate validators, Expires times or similar for
>the objects as they're served).
>
>This assumes Squid 2.x; Squid 1.x behaves in a similar manner, AFAIK, except
>I don't know offhand whether it will honor a Cache-Control: public
>directive.
>
>A much more likely explanation is that someone had used the browser to
>access the site in the same session.

Possible, but I was told the person had never heard of us or accessed us
before. There are no accesses in the logs from the time of the demo to
indicate that the pages had been retrieved from our server either - which
made me think of caches, and it was only then I found out the company where
the demo was done uses Squid. It's possible that the sales person has told
me the wrong information, and I'll go back and check it with them, but can
someone confirm for certain that squid doesn't cache authenticated pages
rather than that it isn't supposed to?

- Si
Received on Wed Feb 10 1999 - 17:36:29 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:44:30 MST