避免缓存http响应 [英] Avoid caching of the http responses
问题描述
什么是最终解决方案,以避免任何类型的缓存的http数据?我们可以修改客户端和服务器 - 因此我们可以在客户端和服务器之间拆分任务。
What is the definitive solution for avoid any kind of caching of http data? We can modify the client as well as the server - so I think we can split the task between client and the server.
客户端可以附加每个请求一个随机参数 http:// URL / path?rand = 6372637263
- 我的感觉是,使用这种方式它不工作100% - 可能有一些智能代理,它可以检测...另一方面,我认为如果URL不同于前一个,代理不能简单地决定发回一些缓存的响应。
Client can append to each request a random parameter http://URL/path?rand=6372637263
– My feeling is that using only this way it is not working 100% - might be there are some intelligent proxies, which can detect that… On the other side I think that if the URL is different from the previous one, the proxy cannot simply decide to send back some cached response.
在服务器上可以控制一堆HTTP标头:
On server can control a bunch of HTTP headers:
Expires: Tue, 03 Jul 2001 06:00:00 GMT
Last-Modified: {now} GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
对此有任何评论,最好的方法是什么?
Any comments to this, what is the best approach?
推荐答案
在客户端重写URL。它污染缓存,并导致其他奇怪的语义问题。
Don't try messing with rewriting URLs at the client. It pollutes caches, and causes other weird semantic issues. Do it on the server.
Expires: Tue, 03 Jul 2001 06:00:00 GMT
Last-Modified: {now} GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
只能有一个Cache-Control头href =http://www.ietf.org/rfc/rfc2616.txt> rfc 2616 )具有多个条目的行为未定义。此外,第二个缓存控件中的MSIE特定条目为最多冗余。
There should only be one Cache-Control header (see rfc 2616) behaviour with multiple entries is undefined. Also the MSIE specific entries in the second cache-control are at best redundant.
no-store不是关于缓存,而是关于数据安全。 (它只意味着不写入磁盘 - 缓存仍然允许将响应存储在内存中)。
no-store is not about caching, it's about data security. (it only means don't write this to disk - caches are still allowed to store the response in memory).
Pragma:no-cache一个服务器响应 - 它是一个请求头,意味着接收请求的任何缓存都必须将它转发到源。
The 'Pragma: no-cache' is meaningless in a server response - it's a request header meaning that any caches receiving the request must forward it to the origin.
使用Expires(http / 1.0)和缓存控制http / 1.1)不是一个冗余 - 因为仍然有代理只有说话http / 1.0或降级协议。
Using both Expires (http/1.0) and cache-control (http/1.1) is not a redundancy - since there are still proxies out there which only speak http/1.0 or which downgrade the protocol.
虽然技术上最后修改的头是
Although technically the last modified header is redundant when you've told the client not to cache, it's probably a good idea to leave it in there.
某些浏览器会忽略缓存控制标头中的后续指令在他们遇到一个他们不认识 - 所以把重要的东西第一。
Some browsers will ignore subsequent directives in a cache-control header after they come across one they don't recognise - so put the important stuff first.
ie您的标头应如下所示:
i.e. your headers should look like:
Expires: Tue, 03 Jul 2001 06:00:00 GMT
Last-Modified: {now} GMT
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
这篇关于避免缓存http响应的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!