IIS/ASP.NET使用缓存控制进行响应:所有请求均为私有 [英] IIS/ASP.NET responds with cache-control: private for all requests
问题描述
为什么来自ASP.NET的所有响应都包含Cache-Control: private?甚至是404响应? IIS中是否有可以设置此默认值的东西,并且可以配置它吗?还是ASP.NET中有设置此功能的东西?
Why does all responses from ASP.NET contain Cache-Control: private? Even a 404 response? Is there something in IIS that sets this default value, and is there a way to configure it? Or is there something in ASP.NET that sets this?
对于动态内容(即所有MVC结果),我不希望它被浏览器缓存,因为它是动态的并且可以随时更改.静态内容托管在CDN上,因此IIS不提供.
For dynamic content (that is, all MVC results) I would not like it to be cached by the browser, since it is dynamic and can change at any time. Static content is hosted on a CDN, so is not served by IIS.
为澄清起见,我非常了解Cache-Control: private是什么,private,public,no-store等之间的区别以及如何使用/何时使用它们.我的问题是,为什么IIS/ASP.NET默认添加Cache-Control: private,以及如何防止默认添加它.我知道 可以用于缓存动态页面,但是在我的应用程序中,我 不想缓存动态页面/响应.例如,我不希望缓存XHR JSON响应,因为它们包含动态内容.不幸的是,服务器会自动将Cache-Control: private添加到所有响应中,因此我必须在任何地方手动覆盖它.
To clarify, I understand very well what Cache-Control: private is, the difference between private, public, no-store, etc and how/when to use them. The question I have is why Cache-Control: private is added by default by IIS/ASP.NET and how to prevent it from being added by default. I understand that it can be useful to cache dynamic pages, but in my application I don't want to cache dynamic pages/responses. For example, I don't want XHR JSON responses to be cached, since they contain dynamic content. Unfortunately the server adds Cache-Control: private to all responses automatically, so I have to manually override it everywhere.
如何复制:使用MVC打开Visual Studio并创建一个新的ASP.NET Framework(是的,框架,不是Core.我们还不能将我们的系统迁移到Core)解决方案.项目.现在,在IIS Express中启动项目(只需按下播放按钮),并在浏览器中使用F12 devtools查看http响应.您将看到它包含Cache-Control: private.我的问题是,什么添加了此标题,以及如何防止默认添加 ?
How to reproduce: Open visual studio and create a new ASP.NET Framework (yes, framework, no not Core. We are not able to migrate our system to core yet) solution with an MVC project. Now start the project in IIS Express (just press the play button), and use F12 devtools in the browser to look at the http response. You will see that it contains Cache-Control: private. My question is, what adds this header, and how can I prevent it from being added by default?
推荐答案
在社区给出的出色答案中加我一点;
Adding my bit to the great answers, given by community;
1. http 缓存标题属性
1. http caching header attrubute Cache-Control: private is added by default by IIS/ASP.NET ?
缓存请求指令
客户端可以在HTTP请求中使用的标准Cache-Control指令.
Standard Cache-Control directives that can be used by the client in an HTTP request.
Cache-Control: max-age=<seconds>
Cache-Control: max-stale[=<seconds>]
Cache-Control: min-fresh=<seconds>
Cache-Control: no-cache
Cache-Control: no-store
Cache-Control: no-transform
Cache-Control: only-if-cached
缓存响应指令
服务器可以在HTTP响应中使用的标准Cache-Control指令.
Standard Cache-Control directives that can be used by the server in an HTTP response.
Cache-Control: must-revalidate
Cache-Control: no-cache
Cache-Control: no-store
Cache-Control: no-transform
Cache-Control: public
Cache-Control: private
Cache-Control: proxy-revalidate
Cache-Control: max-age=<seconds>
Cache-Control: s-maxage=<seconds>
IIS默认使用安全的,更明显的/有用的(默认是私有的)
2.如何防止默认添加它?
IIS/asp.net allows this to be configured from the day it was introduced like this, ref1, ref2, ref3, ref4 and
System.Web命名空间提供了启用浏览器-服务器通信的类和接口.该名称空间包括System.Web.HttpRequest类,该类提供有关当前HTTP请求的大量信息; System.Web.HttpResponse类,用于管理向客户端的HTTP输出;还有System.Web.HttpServerUtility类,该类提供对服务器端实用程序和进程的访问. System.Web还包括用于cookie操作,文件传输,异常信息和输出缓存控制的类.
The System.Web namespace supplies classes and interfaces that enable browser-server communication. This namespace includes the System.Web.HttpRequest class, which provides extensive information about the current HTTP request; the System.Web.HttpResponse class, which manages HTTP output to the client; and the System.Web.HttpServerUtility class, which provides access to server-side utilities and processes. System.Web also includes classes for cookie manipulation, file transfer, exception information, and output cache control.
protected void Application_BeginRequest()
{
Context.Response.Cache.SetCacheability(HttpCacheability.NoCache);
}
这篇关于IIS/ASP.NET使用缓存控制进行响应:所有请求均为私有的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
