session.cache_limiter nocache / private / public ?

Anon

Hi all,

I am building a Sessions application with PHP 4.0.2 in a RedHat Linux 6.2 system.

I am getting the "Data Missing error" when I press the back button in some pages.
I have read the documentation at php.net and I understand that this is because the default value for session.cache_limiter (in the php.ini file) is nocache, which prevents caching.

The php.ini file only says that:
session.cache_limiter = nocache ; set to {nocache,private,public} to determine HTTP caching aspects

... which is NOT very helpful 🙁

So, what I would like to know is the meaning of the "private" and "public" options for session.cache_limiter Anyone?

Thanks in advance.

Ricardo Dias Marques
ricmarques@spamcop.net

Anon

I believe that "private" is intended to mean "OK to cache on one user's system" and "public" is intended to mean "OK to cache on a shared system, such as a proxy server" ... but I have not experimented with those definitions to determine their effect in the PHP4 environment.

Anon

Hallo Steve,

On 15 October 2000, Steve Yelvington wrote:

I believe that "private" is intended to
mean "OK to cache on one user's system"
and "public" is intended to mean "OK to
cache on a shared system, such as a proxy > server" [snip]

Thanks a lot for the tip 🙂

By reading what you wrote, it suddenly struck me: maybe "nocache", "public" and "private" refers to HTTP (protocol) headers. So I went on (re-)reading the HTTP 1.1 Specification at
http://www.w3.org/Protocols/rfc2068/rfc2068

... and there I was able to find what I think is the official answer and that confirms what you just said:

"14.9.1 What is Cachable

[snip]

public
Indicates that the response is cachable by any cache, even if it would normally be non-cachable or cachable only within a non-shared cache. (See also Authorization, section 14.8, for additional details.)

private
Indicates that all or part of the response message is intended for a single user and MUST NOT be cached by a shared cache. This allows an origin server to state that the specified parts of the response are intended for only one user and are not a valid response for requests by other users. A private (non-shared) cache may cache the response.

Note: This usage of the word private only controls where the response may be cached, and cannot ensure the privacy of the message /content.

no-cache
Indicates that all or part of the response message MUST NOT be cached anywhere. This allows an origin server to prevent caching even by caches that have been configured to return stale responses to client requests.

Note: Most HTTP/1.0 caches will not recognize or obey this directive."

I just added this info as a note at
http://www.php.net/manual/ref.session.php
in the hope that it helps someone else.

Thanks again Steve!

Ricardo Dias Marques
ricmarques@spamcop.net