by jove, i think i've got it!

2007-08-13 @ 22:24#

ok, after the whack on the head earlier today, a quick check of the RFCs and some code cleanup, i think i have the proper caching directives for cookie-less, cookie-d, and authenticated GET/HEAD requests. i hereby submit the following traces:

REQUEST: ************** GET /xcs/blogging/ HTTP/1.1 Host: localhost Accept: */* RESPONSE: ************** HTTP/1.1 200 OK Server: Microsoft-IIS/5.1 Date: Tue, 14 Aug 2007 02:22:35 GMT X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 X-Exyus: 0.8.2781.38443 2007-08 Last-Modified: Tue, 14 Aug 2007 02:22:10 GMT ETag: jP7knFoirqpOEPQ/UD0aFw== Cache-Control: public,must-revalidate,post-check=1,pre-check=2 Content-Type: text/html; charset=utf-8 Content-Length: 5738 REQUEST: ************** GET /xcs/blogging/ HTTP/1.1 Host: localhost Accept: */* Authorization: Basic xxxxxxxxxxxxxxxx== RESPONSE: ************** HTTP/1.1 200 OK Server: Microsoft-IIS/5.1 Date: Tue, 14 Aug 2007 02:22:09 GMT X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 X-Exyus: 0.8.2781.38443 2007-08 Set-Cookie: session-user=xxx; path=/ Expires: Mon, 01 Jan 0001 01:00:00 GMT Last-Modified: Tue, 14 Aug 2007 02:22:10 GMT ETag: jP7knFoirqpOEPQ/UD0aFw== Cache-Control: private,must-revalidate,nocache="set-cookie",max-age=0,post-check=1,pre-check=2 Content-Type: text/html; charset=utf-8 Content-Length: 5738

code