[richfaces-issues] [JBoss JIRA] Updated: (RF-9345) Richfaces HTTP Header Cache-Control settings, need 'public'

Jay Balunas (JIRA) jira-events at lists.jboss.org
Thu Nov 4 15:18:01 EDT 2010 

     [ https://jira.jboss.org/browse/RF-9345?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jay Balunas updated RF-9345:
----------------------------

    Fix Version/s: Future_4.X
                       (was: Future_3.X)


The entire team is focused on RichFaces 4.0.0 development so I can't say when/if this would be addressed in 3.3.  That being said we would certainly review and apply a patch ( always welcome :-) ) and then it would be available in SNAPSHOT.

I have moved this to Future 4.X, and we will review and hopefully be resolve in 4.0.X ( perhaps 4.0.0 as time permits ).  We did a quick search and we think that JSF 2 does not provide a solution to this on its own, so it is something we would add on top of our resource handler.

> Richfaces HTTP Header Cache-Control settings, need 'public'
> -----------------------------------------------------------
>
>                 Key: RF-9345
>                 URL: https://jira.jboss.org/browse/RF-9345
>             Project: RichFaces
>          Issue Type: Feature Request
>      Security Level: Public(Everyone can see) 
>          Components: performance
>    Affects Versions: 3.3.1, 3.3.2.CR1, 3.3.2.GA, 3.3.2.SR1, 3.3.3.BETA1, 3.3.3.CR1, 3.3.3.Final
>         Environment: This issue affect any web browser according to w3c specification
>            Reporter: igor regis
>            Assignee: Nick Belaevski
>             Fix For: Future_4.X
>
>
> If an application is running over https the web browser will only cache on disk, the Richfaces resources, if and only if, the Cache-control header (present on http header) has the value "public" on it. Otherwise the web browser will perform in memory cache, so when user restarts the browser the application will need to request all the resources again.
> For applications running on corporative network, manipulating sensitive information, it's mandatory the use of a secure connection through https protocol, and form better performance is necessary for Richfaces to provide it's resources with this "public" mark on cache-control tag.
> According the w3c specs (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9.1) Richfaces resources may be classified as public content with non individual information.
> Here (https://community.jboss.org/thread/150732?tstart=0) there is a discussion about this issue, as well as the point on Richfaces source code that need to be changed.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the richfaces-issues mailing list