ansaurus

Question

Prevent IE caching

Answer 1

A:

Modify the headers with no-cache etc. It is the usual way.

Femaref 2010-05-17 12:24:04

So writing an interceptor is better...Could you tell me which headers to add? Because i see several headers that should be put

Parhs 2010-05-17 12:25:23

Answer 2

+8 A:

Rather set the following headers on the HttpServletResponse of the page(s) in question so that you don't need to copypaste it over all pages manually:

response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // HTTP 1.1.
response.setHeader("Pragma", "no-cache"); // HTTP 1.0.
response.setDateHeader("Expires", 0); // Proxies.

This is equivalent to setting the following meta headers in the page(s) manually:

<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate">
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Expires" content="0">

Also see this answer. Don't forget to clear browser cache before testing ;)

BalusC 2010-05-17 12:49:43

Answer 3

+4 A:

I've found the following to work well:

response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private");
response.setHeader("Pragma", "no-cache");
response.setDateHeader("Expires", 0);

From the tags on this question it looks like you are using Struts. Struts 1.x allows you to do this through configuration in struts-config.xml by setting nocache="true" on the controller element:

<controller processorClass="org.apache.struts.tiles.TilesRequestProcessor" nocache="true" />

Mark Nottingham's caching tutorial is the best resource I've seen on the web about HTTP and caching if you are looking to understand more.

That being said, depending on the problem you are seeing it might be a browser history issue. See here for more information about that.

laz 2010-05-17 13:03:50

BTW: only the first three `Cache-Control` properties as shown in your example is sufficient, they (and the `Expires` header) already "implicitly" sets the subsequent properties to the desired values.

BalusC 2010-05-17 13:13:42

We arrived at those values while researching a problem where users with Opera were able to view secure pages in their browser history after logging off and destroying their session. That value was used as a fix. I'm trying to find the original link that explained how those settings were arrived at but I haven't been able to so far. Perhaps it is overkill though given that I only learned about the differences between browser cache and browser history after that research.

laz 2010-05-17 13:27:28

There was indeed a related Opera 8.x bug which was fixed halfway the previous decade. Also caching of a redirect wasn't done properly in this browser. But practically nobody uses Opera 8 nowadays.

BalusC 2010-05-17 13:53:18

Answer 4

A:

I have found that adding the no-cache headers does not always work on IE.

ziggy 2010-10-23 18:16:37

Apparently you forgot the `Expires` header. See also the answers in this question.

BalusC 2010-10-23 19:25:13

ansaurus

tags:

views:

answers:

Prevent IE caching

related questions