I don't see why *you* should have to hit your urls with an ugly stick because the ISP is misbehaving. I don't see why you (and other app developers) have to spend 10 times the CPU time serving SSL just because of one misconfigured ISP.
You didn't think of this because this is something that should. not. happen. Taco Fleur wrote: > Yes, I've already emailed them asking to explain. > I took the soft approach, as there might be something I missed? > This raises the questions: should everyone know to append a unique > string to pages behind a sign in > Should we now be putting pages that require sign in behind SSL, even > though the data is not that sensitive to warrent the extra overhead of > SSL? > > I never thought about something like this before, an ISP caching data > that should only be accessible by users who signed in. > > > On 8/30/07, *Haikal Saadh* <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > > By rights, they should. But through either malice or stupidity, sounds > like like they're not. > > I wonder if this is something a phone call could resolve. > > And if an ISP was exposing my private pages to someone else, that > sounds > like grounds for a lawsuit... > > Taco Fleur wrote: > > Yes, it sounds like it is a content caching issue, as both users > are > > with iprimus... > > Its pretty serious though... Should they not play by the rules and > > look at last modified dates etc? > > > > thanks guys. > > > > > > On 8/30/07, *Haikal Saadh* < [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > <mailto:[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>> > wrote: > > > > > > The aggressive-content-caching proxy is a possible > explanation for > > this. > > > > Maybe try adding No-Cache headers to your responses? > > > > Taco Fleur wrote: > > > It's nothing like that. We don't append cftoken to the url. > > > The user signs in, sees the correct information, then goes to > > another > > > page and sees the information from another user they don't > know (so > > > they say). > > > > > > I have not been able to replicate this myself. > > > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "cfaussie" group. To post to this group, send email to cfaussie@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cfaussie?hl=en -~----------~----~----~----~------~----~------~--~---
