CIBA: Pragma: no-cache
Issue #125
resolved
Examples of responses from the server (e.g. the example in 7.3. Successful Authentication Request Acknowledgement) include Cache-Control: no-store but don't include Pragma: no-cache. This is different from examples in RFC 6749. Is there any reason for this difference?
Comments (5)
-
-
I suspect the real reason is that when the examples were done in CIBA, they were started by copying and pasting a
<figure ... >from somewhere that didn't havePragma: no-cachein the response.A better answer IMHO is that
Pragma: no-cacheis not actually defined to have meaning as an HTTP response header - see the note at the end of the section https://tools.ietf.org/html/rfc7234#section-5.4 - and I'd prefer not to propagate it by way of inclusion in examples.A more nuanced answer is that there are or were apparently transparent caching proxies or something that aren't HTTP 1.1 compliant and do consider the
Pragma: no-cacheas a no cache signal. So that's maybe why it keeps showing up. Some more can be seen in this old thread: http://lists.openid.net/pipermail/openid-specs-ab/Week-of-Mon-20150223/005320.htmlBut examples are non-normative and them not having a
Pragma: no-cachein the response headers doesn't preclude your (or any) implementation from include it, if for whatever reason doing so is deemed appropriate. -
reporter
Brian, thank you for your informative comment.
-
- marked as task
-
- changed status to resolved
Reasoning explained (more or less) with no changes needed to the document.
- Log in to comment
- Assignee
- –
- Type
- Priority
- Status
- resolved
- Component
- CIBA
- Milestone
- CIBA Implementer's Draft
- Votes
- 0
- Watchers
- 0
I doubt there is any reason - we can quickly update