Note that there really isn't any specification that describes how cookies actually work in the wild. Hopefully that will change soon, thanks to <https://datatracker.ietf.org/wg/httpstate/charter/>. Cheers, On 20/05/2010, at 4:50 PM, Angelo Höngens wrote: > On 20-5-2010 8:22, Henrik Nordström wrote: >> ons 2010-05-19 klockan 22:22 +0200 skrev Angelo Höngens: >> >>> http://wiki.squid-cache.org/SquidFaq/InnerWorkings >>> >>> "The proper way to deal with Set-Cookie reply headers, according to RFC >>> 2109 is to cache the whole object, EXCEPT the Set-Cookie header lines." >> >> Wrong reference. >> >> This is from the original Netscape Cookie specification. At that time >> Cache-Control did not exists. > > So if I understand you correctly, squid follows the behaviour dictated > in the Netscape Cookie Specification (undated), which says set-cookie > headers should never be cached. However, that was superseded by rfc2109 > (1997), which says they should be cached unless told not to. > > So by that reasoning, I would say Squid does not follow rfc. Not that I > care that much, but perhaps it would warrant an update in the > documentation or the faq page? > > -- > > > With kind regards, > > > Angelo Höngens > systems administrator > > MCSE on Windows 2003 > MCSE on Windows 2000 > MS Small Business Specialist > ------------------------------------------ > NetMatch > tourism internet software solutions > > Ringbaan Oost 2b > 5013 CA Tilburg > +31 (0)13 5811088 > +31 (0)13 5821239 > > A.Hongens@xxxxxxxxxxx > www.netmatch.nl > ------------------------------------------ > > -- Mark Nottingham mnot@xxxxxxxxxxxxx