[thelist] Prevent Caching in IE
Ken Schaefer
Ken at adOpenStatic.com
Mon May 5 19:38:44 CDT 2008
Cache-Control: no-cache should be enough to get browsers to stop caching content.
An invalid Expires header value (e.g. -1) is interpreted to be "expires immediately", which is why using an invalid value like -1 causes the page to expire (and IE to get a new copy)
Cheers
Ken
> -----Original Message-----
> From: thelist-bounces at lists.evolt.org [mailto:thelist-
> bounces at lists.evolt.org] On Behalf Of Bill Moseley
> Sent: Tuesday, 6 May 2008 4:11 AM
> To: thelist at lists.evolt.org
> Subject: [thelist] Prevent Caching in IE
>
> I use these headers to indicate that dynamic content should not be
> cached at all.
>
> Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-
> check=0
> Pragma: no-cache.
>
> See [1] below, though.
>
> Although it works fine in Firefox I noticed that when I would issue a
> redirect in IE back to the same page (redirect-after-POST) that IE
> would show a cached version of the page and not fetch the page.
>
> So, IE was still caching the page.
>
> Article http://support.microsoft.com/kb/234067 says to use -1 for
> Expires:
>
> <% Response.CacheControl = "no-cache" %>
> <% Response.AddHeader "Pragma", "no-cache" %>
> <% Response.Expires = -1 %>
>
> I'm not using ASP, but I have added
>
> Expires: -1
>
> in the HTTP response headers and indeed IE no longer shows a cached
> page. Problem solved.
>
> But that does not look like a valid HTTP Expires header.
>
> What should I set to force IE to always refetch the page and never
> cache the page? Something like:
>
> Expires: Thu, 01 Jan 1970 00:00:00 GMT
>
>
> BTW -- here's a separate caching issue. In this case I want the
> browser to cache static content (css, images, js) and not fetch
> it from the server again. So I set Expires way out in the future.
>
> But, Firefox does not cache SSL pages by default. That can be enabled
> by setting browser.cache.disk_cache_ssl = true in about:config. That
> gets Firefox to not fetch pages I want cached, but it also has the
> effect of putting a slash thorough the lock icon. That normally means
> that some elements on the page are not SSL.
>
>
>
> [1] Actually, that's a bit cargo-cult because of the inclusion of post-
> and pre-check. And in fact may present problems[1] with IE7.
>
> http://blogs.msdn.com/ie/archive/2006/06/01/613132.aspx
>
>
>
> --
> Bill Moseley
> moseley at hank.org
More information about the thelist
mailing list