IE prevents HTTPS downloads when non-caching header is sent

General discussion about web technology.
Post Reply
dhouwn
Bug Buster
Posts: 968
Joined: Thu Mar 19, 2009 12:51 pm

IE prevents HTTPS downloads when non-caching header is sent

Post by dhouwn »

Read this blog post from ex-IE-dev Eric Law and the comments to it:
http://blogs.msdn.com/ieinternals/archi ... cache.aspx


I guess IE is the only browser implementing this (security?) feature.
Now where is the security gain in this and why did "major customers (especially banks)" ask for this feature? :?


/edit:
After racking my brains for nearly half an hour, I came to the conclusion that this feature couldn't possibly have been meant for security but merely to save some HTTPS traffic…
Now Microsoft could have at least given the user a better error message, like let's say:
In order to save some traffic for our valuable customers this download has been blocked. This message is brought to you by Acme Banking Corp. Have a nice day!
So this thread is probably better off in the 'Web Tech' sub forum.
Last edited by dhouwn on Sun Oct 04, 2009 5:45 pm, edited 4 times in total.
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-GB; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3
Top
Alan Baxter
Ambassador
Posts: 1586
Joined: Fri Mar 20, 2009 4:47 am
Location: Colorado, USA

Re: IE prevents HTTPS downloads when non-caching header is sent

Post by Alan Baxter »

So moved. Thanks for the info. It's much more informative than the error message IE provides.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3
Top
Post Reply

Return to “Web Tech”