W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2009

Re: httpbis-p6-cache-06 and no-store response directive

From: Henrik Nordstrom <henrik@henriknordstrom.net>
Date: Thu, 25 Jun 2009 00:05:56 +0200
To: Bil Corry <bil@corry.biz>
Cc: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Message-Id: <1245881156.9223.52.camel@localhost.localdomain>
ons 2009-06-24 klockan 16:32 -0500 skrev Bil Corry:

> Is there a resource that gives the "official" way to prevent caching across all browsers and proxies?

RFC2616?

I think a lot of this headache actually comes from the ignorance
mentioned earlier. Site authors don't care, users / network operators
gets annoyed and start to bend rules trying to optimize their (or their
users) Internet experience, and suddently what should be an easy
condition no longer is trivial with multi level operator error to take
into account..


RFC2616 rules is simple:

Not cached:

Expires: Date header or older
Cache-Control: no-cache

and avoid any cache validator (Last-Modified/ETag)

Not cached by proxies but cached in browsers:

Expires: Date header or older
Cache-Control: private, max-age=NN

The Expires requirement is due to HTTP/1.0 legacy.

In practice using very old date for Expires is probably better as some
cache implementations take the Expires date literally not compensating
for clock skew when origin server clock is ahead of the cache clock...
(implementation bugs..)

Regards
Henrik
Received on Wednesday, 24 June 2009 22:06:34 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:04 GMT