zoukankan      html  css  js  c++  java
  • Cookies and Caching Client Identification

    w

    HTTP The Definitive Guide

    11.6.9 Cookies and Caching
    You have to be careful when caching documents that are involved with cookie transactions. You don't
    want to assign one user some past user's cookie or, worse, show one user the contents of someone
    else's personalized document.
    The rules for cookies and caching are not well established. Here are some guiding principles for
    dealing with caches:
    Mark documents uncacheable if they are

    The document owner knows best if a document is uncacheable. Explicitly mark documents
    uncacheable if they are—specifically, use Cache-Control: no-cache="Set-Cookie" if the
    document is cacheable except for the Set-Cookie header. The other, more general practice of
    using Cache-Control: public for documents that are cacheable promotes bandwidth savings in
    the Web. Be cautious about caching Set-Cookie headers
    If a response has a Set-Cookie header, you can cache the body (unless told otherwise), but
    you should be extra cautious about caching the Set-Cookie header. If you send the same Set-
    Cookie header to multiple users, you may be defeating user targeting.
    Some caches delete the Set-Cookie header before storing a response in the cache, but that also
    can cause problems, because clients served from the cache will no longer get cookies slapped
    on them that they normally would without the cache. This situation can be improved by
    forcing the cache to revalidate every request with the origin server and merging any returned
    Set-Cookie headers with the client response. The origin server can dictate such revalidations
    by adding this header to the cached copy:
    Cache-Control: must-revalidate, max-age=0
    More conservative caches may refuse to cache any response that has a Set-Cookie header,
    even though the content may actually be cacheable. Some caches allow modes when Set-
    Cookied images are cached, but not text.
    Be cautious about requests with Cookie headers
    When a request arrives with a Cookie header, it provides a hint that the resulting content
    might be personalized. Personalized content must be flagged uncacheable, but some servers
    may erroneously not mark this content as uncacheable.
    Conservative caches may choose not to cache any document that comes in response to a
    request with a Cookie header. And again, some caches allow modes when Cookied images
    are cached, but not text. The more accepted policy is to cache images with Cookie headers,
    with the expiration time set to zero, thus forcing a revalidate every time.

  • 相关阅读:
    Qt QString判断是否是数字
    Qt 判断QString中的字符串是否为纯数字
    Qt delete和deletelater的区别
    Qt QTcpSocket waitForReadyRead()等函数用法——客户端开关读写应用笔记
    Notepad++对比两个文件不同的方法
    Qt error C1071 :在注释中遇到意外的文件结束
    Qt error C2601: “...”: 本地函数定义是非法的
    Qt 错误 C1071 在注释中遇到意外的文件结束 的解决办法
    Qt 串口和线程的简单结合(通过子线程操作串口、movetothread)
    Qt 实现多线程的串口通信
  • 原文地址:https://www.cnblogs.com/rsapaper/p/6396879.html
Copyright © 2011-2022 走看看