HTTP response caching

Question

Hi,

I want to ensure that my servet's response is never cached by the broswer, such that even if two identical requests are made (a nanosecond apart), the server is always contacted. Is this the correct way to achieve this:

class MyServlet extends HttpServlet {

    protected void doGet(HttpServletRequest request, HttpServletResponse response) {
        response.setHeader("Cache-Control", "no-cache");
    }
}

Thanks, Don

Answer 1

According to microsoft, these headers are required for IE: Cache-Control, Pragma and expires (that should be negative)

Example:

Pragma: no-cache Cache-Control: no-cache Expires: -1

Answer 2

We use:

    // HTTP 1.1
    response.setHeader("Cache-Control", "private, no-store, no-cache, must-revalidate");
    // HTTP 1.0
    response.setHeader("Pragma", "no-cache");

Answer 3

In addition to before said, I would suggest to do this not in servlet, but in filter, placed before other filters/servlets, so that you can add no-caching to the whole application, without need to add or call this "response.set.." in each of servlets.

Answer 4

No, that's not the correct way. Here is the correct way:

response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // HTTP 1.1.
response.setHeader("Pragma", "no-cache"); // HTTP 1.0.
response.setDateHeader("Expires", 0); // Proxies.

You'll probably see someone else suggesting other entries/attributes, but those are completely irrelevant when at least the above are mentioned.

Don't forget to clear your browser cache before testing after the change.

See also:

• Caching tutorial for webmasters
• Making sure a page is not cached across all browsers