Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Google Chrome does not revalidate etag on back/forth

Tags:

http

browser-cache

cache-control

etag

Even though I send "cache-control: must-revalidate" Google Chrome uses a locally cached page when using the back and forth button in the browser.

This is part of the original response:

HTTP/1.1 200 OK
cache-control: private, must-revalidate
etag: "c9239b5d4b98949f8469a05062e05bb999d7512e"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

If I refresh the page I get a "HTTP/1.1 304 Not Modified" response but when I use the back button I get the following response:

Request URL:example.com
Request Method:GET
Status Code:200 OK (from cache)

The response I'm looking for is 304 or 200 OK, is it possible to achieve this?

like image 568
Dennis Avatar asked Apr 23 '13 15:04

Dennis

2 Answers

When using the back and forward buttons, the key Cache-Control directive to prevent the browser returning a cached copy of the page is no-store.

Nothing else will help, and nothing else is needed. Your Cache-Control header can simply be:

Cache-Control: no-store

There are two exceptions to this though.

  1. Opera and Safari won't revalidate no matter what headers you set (at least the versions I've tested). If you open the page in a new tab, that copy will be fresh, but the original tab will continue to show the stale version when navigating back and forth until you refresh or re-enter the url.
  2. Firefox appears to have a bug in the caching of the first page that is opened (i.e. when there is no back button). All subsequent instances of the page will refresh as you navigate back and forth, but once you backup all the way to the topmost page, it can often still be showing its initial stale copy.

Finally, I should note that using this directive is not advisable in general, since it obviously has a significant impact on bandwidth usage. The browser can't even take advantage of Etags to get a 304 Not Modified response, because it will have no stored copy to use in the event a 304 response is received.

like image 130
James Holderness Avatar answered Oct 02 '22 17:10

James Holderness

The "must-revalidate" directive applies only after the response is stale (RFC2616, sec 14.9.4). Since the response contains neither an "Expires" header nor a "max-age" directive, the browser might have treated the response as still fresh and accordingly returned the cached copy. To prevent this you should include "max-age: 0" in the Cache-Control header (and possibly an Expires header containing a date in the past), so that the cached response becomes stale immediately. Alternatively, to prevent caching, use the "no-cache" directive instead of "must-revalidate".

like image 34
Peter O. Avatar answered Oct 02 '22 19:10

Peter O.
Sign in to Comment

Related questions

How can I parse the Content-Disposition header to retrieve the filename property?
Http params in Angular 4.3
How do I read only x number of bytes of the body using Net::HTTP?
How to fix "Blocked loading mixed active content" for css and js over https
Missing observable methods RxJS 5.0.0-beta.0
Which HTTP redirect status code is best for this REST API scenario?
sub-domain cookies, sent in a parent domain request?
Making a curl to an API and get an specific field from the JSON
How to let Symfony 2 adopt the protocol scheme (http vs https)
How to download image using rest template?
Gzipping all HTTP traffic with Pyramid
How to send 204 No Content with Go http package?
HTTPOISON - insert body parameters in elixir
Any resource/codes on how fiddler works?
Parsing HTTP status code
OData / WCF Data Service - HTTP 500 Error
Get header from HttpResponse in Android
HTTP 403 Responses when using Python Scrapy
Status Code 460 on Application Load Balancer
FormatException: Invalid radix-10 number

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!