Quite often you would like to have some pages of your website served SSL-encoded via https (e.g. forms etc.) and the rest regularly via http. In these cases it is the easiest for the editor if he/she can simply check a checkbox in the page properties marking the page as "secure". Then a redirect filter could make sure that the page is actually served via https or vice versa when navigating from a secure page to a regular one.

Say /foo/bar.html is marked as "secure" in the page properties. Redirecting from http://www.mydomain.com/context/foo/bar.html to https://www.mydomain.com/context/foo/bar.html however will not work with the default caching mechanism. The first request to /foo/bar.html (via http) will return a redirect to https. This redirect is then cached and all subsequent requests for /foo/bar.html (via http AND https) will return the cached redirect... leading to endless redirects.

The proposed extension (see attached patch and classes) will solve this problem by providing an SSLAware cache policy. It extends the default cache policy and simply also takes in respect if the request for a page was secure or not.