Menu
What should a http client do if server returned Cache-Control: private, public ?
I have a feeling private should override public, but I can't find a confirmation in the RFC (other than MUST in private and MAY in public).
578
I believe http://greenbytes.de/tech/webdav/draft-ietf-httpbis-p6-cache-20.html#rfc.section.3 is pretty clear -- if it's labeled "private" it needs to be considered private, no matter whether "public" appears as well
167
From a pragmatic point of view, err on the side of caution and treat it "private".
That way you cause a little extra network traffic for the lousy server, but keep your user's (potentially private) data safe.
33
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
