Skip to content

Consider adding a "Vary":"Origin" HTTP response header in SockJS implementation [SPR-12310] #16915

New issue
New issue
Closed
Closed
Consider adding a "Vary":"Origin" HTTP response header in SockJS implementation [SPR-12310]#16915
Assignees
bclozel
Labels
in: webIssues in web modules (web, webmvc, webflux, websocket)type: taskA general task
Milestone
4.1.2
@spring-projects-issues

Description

@spring-projects-issues
spring-projects-issues
opened on Oct 7, 2014

Brian Clozel opened SPR-12310 and commented

The current SockJS implementation sends CORS HTTP headers in some cases, including a "Access-Control-Max-Age" header that specifies how long the client should keep that response in cache (even though some browsers don't follow that advice).

For the sake of completeness, our implementation could also send a "Vary":"Origin" header in order to tell browsers and proxies that the current response is cachable but varies on the "Origin" HTTP request header.

This issue is a sub-task of #16921

Metadata

Metadata

Assignees

Labels

in: webIssues in web modules (web, webmvc, webflux, websocket)type: taskA general task

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions