If this is true, this is a huge problem. How do we get this
addressed?
Kevin
>>> [EMAIL PROTECTED] 05/03/00 04:02PM >>>
What AOL says, and what they actually do, are two completely different
things. Not only do they cache pages with URL variables, they cache
form
submissions, cookies and HTTP authentication headers. I've had several
of my
dynamic sites compromised in this way, and in one case had a serious
security violation caused by their caching of the HTTP authentication
headers.
AOL is not a good neighbor, and they do not act in good faith.
Michael J. Sheldon
Internet Applications Developer
Phone: 480.699.1084
http://www.desertraven.com/
PGP Key Available on Request
-----Original Message-----
From: MATTHEW EHRENS [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 03, 2000 15:18
To: [EMAIL PROTECTED]
Subject: Re: [RE: AOL and Caching]
AOL does not cache objects containing a Question Mark. This is
checked
first,
regardless of file extension / mime type. Most CFM's fall under this
category
... however, your root page will probably not: ie:
http://www.company.com/
....
Other than that, you can use those Cache-Control Headers Michael
Sheldon
mentioned below. You really should only need Cache-Control Headers
for
objects that don't contain question marks...
More details on AOL's caching at:
http://webmaster.info.aol.com/index.cfm?article=12
Thanks,
Matt
--------------------------------------------------
"Mike Sheldon" <[EMAIL PROTECTED]> wrote:
The following has worked for me in preventing AOL from caching dynamic
pages. Note that this must be included in ALL pages you do not wish to
be
cached. (I like to put it in Application.cfm)
<CFSET gmts = gettimezoneinfo()>
<CFSET gmt = gmts.utcHourOffset>
<CFIF gmt EQ 0>
<CFSET gmt = "">
<CFELSEIF gmt GT 0>
<CFSET gmt = "+" & gmt >
</CFIF>
<CFHEADER NAME="Pragma" VALUE="no-cache">
<CFHEADER NAME="Cache-Control" VALUE="no-cache, must-revalidate">
<CFHEADER NAME="Last-Modified" VALUE="#dateformat(now(), 'ddd, dd mmm
yyyy')# timeformat(now(), 'HH:mm:ss') GMT#gmt#">
<CFHEADER NAME="Expires" VALUE="Mon, 26 Jul 1997 05:00:00 GMT">
Michael J. Sheldon
Internet Applications Developer
Phone: 480.699.1084
http://www.desertraven.com/
PGP Key Available on Request
-----Original Message-----
From: Skip Ogden [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 01, 2000 18:55
To: [EMAIL PROTECTED]
Subject: AOL and Caching
I searched the archives (or should I say struggled through them) and
found
nothing.
Is there something I need to know regarding CF and AOL? AOL seems to
be
caching templates and serving them instead of pulling up the latest
and
greatest.
Thanks in advance.
Skip Ogden
----------------------------------------------------------------------------
--
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk
or
send a message to [EMAIL PROTECTED] with 'unsubscribe'
in
the body.
----------------------------------------------------------------------------
--
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk
or
send a message to [EMAIL PROTECTED] with 'unsubscribe'
in
the
body.
____________________________________________________________________
Get free email and a permanent address at
http://www.netaddress.com/?N=1
----------------------------------------------------------------------------
--
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk
or send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body.
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
