According to the specification, if both Last-Modified date and Entity
Tags are sent, both must be validated to consider the request fresh:
Then the current implementation is wrong, because it considers the
request fresh with one OR the other is fresh:
not_modified?(response.last_modified) || etag_matches?
The correct implementation would be:
modified_at && if_modified_since >= modified_at
if_none_match == etag
if if_modified_since && if_none_match
not_modified?(response.last_modified) && etag_matches?
Why bother? Sometimes I want to cache a resource considering its
timestamp, but this cache is only valid for the current user (works
response.last_modified = resource.updated_at
response.etag = current_user
In the current implementation, even the first example given by Ryan
Daigle on his blog will fail: