Unlike WS-Security, which can be used in a fine-grained manner, HTTPS creates a secure transport channel and so obfuscates the entire HTTP envelope (including headers). For secure web traffic, this means transferred representations bypass web intermediaries like proxies, and the HTTP metadata is only available to the client and server and not to the underlying web infrastructure.
On the one hand, this is sensible since sensitive information shouldn’t be cached or seen by intermediaries. On the other, it does inhibit sca...
HTTPS defeats caching
Share this highlighthttp://learning.oreilly.com/a/rest-in-practice/19877188/