On Monday 20 January 2014 at 12:49, Juraci Paixão Kröhling wrote:
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512On 01/20/2014 11:50 AM, Peter Palaga wrote:Hi Juca,[...] the same URL yields different results [...]One URL can also return distinct language versions of the pagedepending on the visitor's preferences (not sure if these arestored in a cookie or JCR). -- PPOk, so, another situation might be that one user gets a page in EN,with the cache headers, and gets the cached version once he changesto, say, ES. Not good, but not the end of the world as well, I guess.The other scenario seems more critical to me, as a cached page mightleak some information from one user to another user.But just a reminder: the default setting is still "no-cache", so, anadministrator would have to explicitly and actively set the value to acaching value. Arguably, the administrator would be aware of suchcases (ie: web accelerator/cache between the server and the user,pages in multiple languages, ...).I guess the question than changes to: is it worth having this feature?Or is the risk just too high for the benefit?Juca.-----BEGIN PGP SIGNATURE-----Version: GnuPG v2.0.22 (GNU/Linux)Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/iQEcBAEBCgAGBQJS3Q1VAAoJECKM1e+fkPrXbyUIAIg/n8wICRYHmuqhu5VP1RczwjWgsZwgOkAh9j2CygOuhtVOhAVsCunTGSRv/ZIvr+ElPU13/zU7uXwLo5vXHg9IkJwa+361krKWqotNlwYwNL3SbAMj4+LCH5lMm15uJJ0WvlhHbbmOP0lQ/Xgd6on2KnhPnSzP6p/y1cOaBgTn/7Jsi95BfAnKArKus4gfuYRvBjIknTLJlVhGSTNQYDChEc8TkQjYS3uvUkRG61PLLVD7lOPF+cH0PNFDf3ncHPbJXeH4Louyox0sspZrXARE6WHd+LGUNiJX0bS3cQFlm2EkHym6K8MbJblO2WJd2w97R1ZnR2CFDs8dIUoh41c==nYzl-----END PGP SIGNATURE-----_______________________________________________gatein-dev mailing list