Hey folks - This comment (and the corresponding code) in io.js seems broken to me:
// Non auth'd & non post'd requests are cachable
I think the logic should be "Unauthenticated GET requests are
cacheable." HEAD requests could arguably be cached as well, but
that's a weird enough case that I'm not inclined to cater for it.
Any objections to this change?
Cheers,
Brian
