Re: Session tracking

Brian Behlendorf (
Tue, 18 Apr 1995 21:29:39 +0500

On Tue, 18 Apr 1995, Dave Kristol wrote:
> One problem with this proposal is what should proxies do with
> SessionID? Here's one proposal. Don't use SessionID as part of the
> cache key. If a document is in the cache, return it, and reflect back
> to the client any SessionID sent by the client. If the document is not
> in the cache, pass through any SessionID.

No - if the document is in the cache, there are two options based on whether
there was an "Expires:" header in the HTTP response. First, if there was no
Expires: header when the object was first fetched, do an If-Modified-Since,
and pass the Session-ID information through in both requests. If there
was an Expires: header, no If-Modified-Since request is necessary, and
don't bother with sending an old Session-ID.

The logic is, if content providers are labelling their content with
"Expires:" headers, they are essentially saying "I grant permission to
redistribute without notification - I'm more interested in lots of people
seeing this than I am with knowing their viewing habits".


--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-- http://www.[hyperreal,organic].com/