On Nov 7, 2005, at 2:06 AM, Nick Kew wrote:
On Monday 07 November 2005 03:26, Paul Querna wrote:Cache-control: private is what should be added for any resource under access control.I'd prefer something a little less drastic, like 'faking' a header out of remote-ip.
Why? All you accomplish is to cause this problem of a downstream cache not knowing that there is access control. If you don't want access control, then don't use access control. ....Roy