icicimov at gmail
Oct 30, 2009, 6:02 PM
Post #3 of 4
(465 views)
Permalink
|
|
Re: make mod_cache not cache cookies but cache contents from application side
[In reply to]
|
|
Also did you try setting the Cache header to no-cache on the apllication
side for the cookies?
2009/10/31 Igor Cicimov <icicimov [at] gmail>
> Read the mode_cache directive on the apache site and you will find your
> answer
>
>
> 2009/10/31 Arkadiusz Mi¶kiewicz <arekm [at] maven>
>
>>
>> Hi,
>>
>> Is there a way to forbid caching cookies from application level (let say
>> php
>> or mod_perl level) by mod_cache? I know method via apache config but
>> trying
>> to find one via application level. Of course I would like the rest
>> (bodies)
>> to be actually cached but not cookies itself.
>>
>> mod_cache from 2.2.14 is doing crazy things like leaking user A cookie to
>> the user B which for me is serious security issue.
>>
>> --
>> Arkadiusz Mi¶kiewicz PLD/Linux Team
>> arekm / maven.pl http://ftp.pld-linux.org/
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe [at] httpd
>> " from the digest: users-digest-unsubscribe [at] httpd
>> For additional commands, e-mail: users-help [at] httpd
>>
>>
>
|
