Headers References

HTTP Response Status codes:

Additional Information

Following are some remarks on a few of the HTTP headers that are often misunderstood.

Expires

Date the response expires and should no longer be used by a cache. See http://www.mnot.net/cache_docs/ or pg 183. Note that this header should be overruled by the Cache-Control header in a HTTP1.1 client.

Cache-Control: must-revalidate

Note that the O'Reilly book (and many other places, including IE) implement this incorrectly! See http://www.mnot.net/cache_docs/ or RFC2616.

P3P

Compact P3P Privacy statement. See http://www.p3pwriter.com/LRN_111.asp for a description of the token meanings. See also Info on IE6's Privacy features and impact on HTTP Cookies.

Set-Cookie

Info on IE's Privacy features and impact on HTTP Cookies