https://issues.apache.org/bugzilla/show_bug.cgi?id=54608
--- Comment #2 from Graham Leggett <[email protected]> --- Switching caching off completely is broken, as it signals to shared caches that they may cache the session ID. Other valid options though are "private" where the browser can cache the page but not shared caches, and "private=<header>" and "no-cache=<header>". Maybe this should specify the Cache-Control header explicitly, instead of "on" or "off". -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
