2007/8/21, Oliver Schoett <os@xxxxxx>: > Amos Jeffries wrote: > > With squid its better to pass [the session id] as a cookie (which apparently gets > > stripped from any cached objects). > > > > Not so sure about that. If you use URL rewriting, an URL like > > http://x.y/app/showUserProfile;jsessionid=NNNN > > works fine for several users, because they are distinguished by their > jsessionid. If the jsessionid is passed in a cookie instead, all users > fetch the same URL > > http://x.y/app/showUserProfile > > and might end up seeing each other's profiles when squid caches this URL. > How to avoid squid cache this url which come with cookid?thanks.
