(i.e: setting no-cache, when it is private) But, if you want to set to a less restrictive value than it already is (i.e: setting to private, when it is no-cache), the code below will not work: (HttpCacheability. So it looks like one should only use cache-control: public when they explicitly want to override these rules for cacheability, which in general is probably not a good idea. If you are setting the cache control to a more restrictive value than it already is, it is fine. There are no other cache settings in the web.config. My goal would be to get everything to just 'no-cache, no-store'. But for PDF pages: Cache-Control: private,no-cache,no-store. aspx pages: cache-control: no-store,no-cache,no-store. You should add the privatedirective for user-personalized content, especially for responses received after login and for sessions managed via cookies. There are (I assume this should be aren't) specific headers in the response, like Cache-Control, that prevents caching. When I review the Response headers in a burpsuite session, I see for. The privateresponse directive indicates that the response can be stored only in a private cache (e.g.The status code of the response is known by the application caching, and it is considered cacheable.) Other methods, like PUT or DELETE are not cacheable and their result cannot be cached. (For example, Firefox does not support it per. A response to a POST or PATCH request can also be cached if freshness is indicated and the Content-Location header is set, but this is rarely implemented. The method used in the request is itself cacheable, that is either a GET or a HEAD method.If so, perhaps you just have not reloaded nginx after the change sudo nginx -s reload. Not all HTTP responses can be cached, these are the following constraints for an HTTP response to be cached: Is your origin sending back a Cache-Control header Or is this one of the files that would be served directly from file system. So what does "cacheable" mean? From the "cacheable" page on the MDN glossary:Ī cacheable response is an HTTP response that can be cached, that is stored to be retrieved and used later, saving a new request to the server. The response may be stored by any cache, even if the response is normally non-cacheable (emphasis mine). Many responses normally shouldn't be cached - e.g. TL DR: cache-control: public will explicitly override the default rules for which sort of responses are considered cacheable, so shouldn't be used lightly. On more careful reading of MDN, I think I've found the answer to my own question.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |