https://bz.apache.org/bugzilla/show_bug.cgi?id=65513
--- Comment #3 from scott.t.na...@gmail.com --- I agree that this is a legitimate and appropriate change, but I wanted to express my concerns about the impacts of making the change in Tomcat 9. You've acknowledged my concerns and provided background and explanation for the change, so I'm quite satisfied. I'll have no heartache with closing WONTFIX. I do strongly believe that this change warrants an entry on the "Notable Changes" section of the web site (what I referred to as the migration guide based on the URL). For me personally, I read the changelog as items of interest, but I read the notable changes as things I may need to update in my configuration/code when upgrading. I understand that "CONFIDENTIAL only implies private caching, not no caching", but Tomcat 9 has always implemented it as no caching. However, I'm moving on - I understand that the issue has been fixed and the behavior has changed. I appreciate the suggested workaround idea of setting securePagesWithPragma="true". I will look into it, but I do have a strict requirement for "Cache-Control: private", so I'm not sure the securePagesWithPragma branch will satisfy my needs. Thank you gentlemen for your informative and thorough responses. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org