On Tue, 19 Jun 2001, Roy T. Fielding wrote: > Yes, it is intentional, and we won't be adding set-cookie to the list. > That would violate the intent of 304. can you expand on that? i never quote rfcs, but 1945 says: 304 Not Modified If the client has performed a conditional GET request and access is allowed, but the document has not been modified since the date and time specified in the If-Modified-Since field, the server must respond with this status code and not send an Entity-Body to the client. Header fields contained in the response should only include information which is relevant to cache managers or which may have changed independently of the entity's Last-Modified date. Examples of relevant header fields include: Date, Server, and Expires. A cache should update its cached entity to reflect any new field values given in the 304 response. in this guy's case sounds like set-cookie it falls into here: "or which may have changed independently of the entity's Last-Modified date" quoting his email: "The cookie records, in part, the time of the last access to the site. Therefore for each access the cookie is updated."
