缓存和HTTPS [英] Caching and HTTPS

问题描述

在监视浏览器和服务器之间的网络通信时，我注意到了一些有趣的事情。

I've noticed something interesting while monitoring the network communications between my browser and server. It has something to do with caching.

说我有一个CSS文件 http://domain.com/main.css （用于不安全的页面），也可以通过 https://domain.com/main.css （在安全页面中使用）。

Say I have a CSS file http://domain.com/main.css (used in unsecured pages), which can also be accessed via https://domain.com/main.css (used in secured pages).

1. 当我第一次加载不安全的页面，CSS文件将获得 200 OK 。当我重新加载页面（或转到另一个不安全的页面）时，我得到 304未修改。


2. 当我转到第一次获得安全页面时，来自https来源的CSS文件获得 200 OK 。并且当我重新加载页面（或转到另一个安全页面时，我得到 304未修改。


3. 当我返回到不安全页面，CSS文件仍然会得到 304未修改。


4. 当我返回安全页面时，CSS文件会得到一个 200 OK 。缓存副本发生了什么？如何缓存？

1. When I first load an unsecured page, the CSS file gets a 200 OK. When I reload the page (or go to another unsecured page), I get a 304 Not Modified.
2. When I go to a secured page for the first time, the CSS file from the https source gets a 200 OK. And when I reload the page (or go to another secured page, I get a 304 Not Modifie.
3. When I return to the unsecured page, the CSS file still gets a 304 Not Modified.
4. When I return to the secured page, the CSS file gets a 200 OK. What happened to the cached copy? How can I make it cached?

推荐答案

这可能会回答您的问题。可能是您的网站通过定义以下内容将此资源定义为不可缓存的资源：

This might answer your question. It might be the case that your website defines this resource as non cacheble by defining this :

Cache-Control   private, must-revalidate, max-age=0

例如（访问 https://www.google.com/ncr ）时，导致浏览器无法对其进行缓存。您是否有Fire-bug\Fiddler或类似的东西来查看响应se标头？

for example ( when accessing https://www.google.com/ncr) causing your browser not to cache it. Do you have Fire-bug\Fiddler or anything similar to view the response headers?

这篇关于缓存和HTTPS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！