[
https://issues.apache.org/jira/browse/HTTPCLIENT-963?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jonathan Moore updated HTTPCLIENT-963:
--------------------------------------
Attachment: no-store-requests.patch
The attached patch resolves this issue, and is contributed to the ASF with the
permission of my employer.
> client cache does not respect 'Cache-Control: no-store' on requests
> -------------------------------------------------------------------
>
> Key: HTTPCLIENT-963
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-963
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: Cache
> Affects Versions: 4.1 Alpha2
> Reporter: Jonathan Moore
> Attachments: no-store-requests.patch
>
>
> "The purpose of the no-store directive is to prevent the inadvertent release
> or retention of sensitive information (for example, on backup tapes). The
> no-store directive applies to the entire message, and MAY be sent either in a
> response or in a request. If sent in a request, a cache MUST NOT store any
> part of either this request or any response to it."
> http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9.2
> The current implementation will incorrectly cache responses to requests
> containing 'Cache-Control: no-store'.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
