I've got an application where I'm using a text editor to insert images and banners etc. It gets the banner by calling an AJAX request to get the banner, then it compiles the JS.
I want a quick/easy way to cache the request. So I was hoping to just cache the response in the browser cache for 30 seconds.
So I'm trying to get it working in Chrome, but it keeps sending the request and the server keeps responding 200 Ok.
Here's the relevant part of my web config:
WebContentInterceptor webContentInterceptor = new WebContentInterceptor();
webContentInterceptor.setUseCacheControlHeader(true);
webContentInterceptor.setUseExpiresHeader(true);
webContentInterceptor.setUseCacheControlNoStore(true);
webContentInterceptor.setCacheSeconds(30);
registry.addInterceptor(webContentInterceptor);
And the cache control headers as per chrome:
Request URL:https://localhost:8443/admin/banners/json/by_shortcode/banner_test
Request Method:GET
Status Code:200 OK
Request Headersview source
Accept:*/*
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Cookie:sidebar_closed=1; SPRING_SECURITY_REMEMBER_ME_COOKIE=UmljaGFyZC5HaWxsaW5nQGdtYWlsLmNvbToxNDIzODgzOTI1MTY4OmU1OGM2YzVjNjIwMWIyNWM3OTZlMWM5MThjMDc0MDg4; JSESSIONID=70842F221D3172686E406242AD3F5E02
Host:localhost:8443
Referer:https://localhost:8443/admin/pages/new
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.94 Safari/537.36
X-Requested-With:XMLHttpRequest
Response Headers
Cache-Control:max-age=30
Content-Type:application/json;charset=UTF-8
Date:Mon, 02 Feb 2015 14:03:13 GMT
Expires:Mon, 02 Feb 2015 14:03:43 GMT
Pragma:no-cache
Server:Apache-Coyote/1.1
Strict-Transport-Security:max-age=31536000 ; includeSubDomains
Transfer-Encoding:chunked
X-Content-Type-Options:nosniff
X-Frame-Options:DENY
X-XSS-Protection:1; mode=block
What I'm wondering is:
a) Why is the browser re-requesting the same request within the 30 second window? I am hoping to cache it for 30seconds.
Actually you tell the browser not to cache anything: Pragma:no-cache.
Related
I loaded an Youtube video, and was checking the Network tab in the Chrome inspector. The weird part is the response header expires show a wrong date, see:
expires:Tue, 27 Apr 1971 19:44:06 EST
Does some one understand if this is correctly implemented (some solution as "the response already arrives expired for security reasons") or is just a bug?
The entire request-response pair:
General
Request URL:https://www.youtube.com/watch?v=Y2bcZpjbimc
Request Method:GET
Status Code:200
Remote Address:216.58.222.14:443
Response Headers
alt-svc:quic=":443"; ma=2592000; v="35,34"
cache-control:no-cache
content-encoding:gzip
content-type:text/html; charset=utf-8
date:Mon, 16 Jan 2017 02:12:59 GMT
expires:Tue, 27 Apr 1971 19:44:06 EST
server:YouTubeFrontEnd
status:200
strict-transport-security:max-age=31536000
x-content-type-options:nosniff
x-frame-options:SAMEORIGIN
x-xss-protection:1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
Request Headers
:authority:www.youtube.com
:method:GET
:path:/watch?v=Y2bcZpjbimc
:scheme:https
accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
accept-encoding:gzip, deflate, sdch, br
accept-language:en-US,en;q=0.8
cache-control:max-age=0
cookie:YSC=tkkR7-gquIo; LOGIN_INFO=09a68a7966aeeb4c54ea2812d67ef17bcz4AAAB7IjMiOiA5ODI4NjMwLCAiMSI6IDEsICI4IjogMTUxMjAxNzQ2Mjg1LCAiNyI6IDAsICI0IjogIkdBSUEifQ==; llbcs=0; SID=KgRtjV-NqZqWb_Vtlx1ZVI4BGeOq6TO0kOwRjM63Y9zRlD8NZ14Ain0S7OHEdAude6Ql5w.; HSID=Ae2Oerx0Cx8cLGNN2; SSID=AAxm-sCogA2PcrWj-; APISID=l63qqbTbXYbA1SWI/ATu8oD872iyWdvAgn; SAPISID=jEgCzttgmiin9s_R/A0u9gLEfrGesFDkOu; _ga=GA1.2.1081395761.1467350952; wide=1; VISITOR_INFO1_LIVE=9ZvTZmoHPqs; C_YNe.resume=nPTuJcnwLro:132,CG1HnKT8khI:1282,0SARbwvhupQ:527; PREF=f1=50000000&f5=20030&al=en+pt&cvdm=grid
dnt:1
upgrade-insecure-requests:1
user-agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
x-client-data:CJG2yQEIprbJAQipncoB
Query String Parameters
v:Y2bcZpjbimc
It is an easter egg left by the original author.
I am using express to write a response.
My code is:
res.set('Cache-Control', 'public, max-age=300');
res.send(data);
The headers I see are:
Remote Address:127.0.0.1:9000
Request URL:http://localhost:9000/some/path
Request Method:GET
Status Code:304 Not Modified
Request Headersview source
Accept:application/json, text/plain, */*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8,he;q=0.6
Cache-Control:max-age=0
Connection:keep-alive
Cookie:express:sess=eyJ1c2VySWQiOiI1MzgxYTdjMDA0ZmIwMmIxMGI1NTdlZTMifQ==; express:sess.sig=lm-kq5ludtkWdRcFcVxNBL0BdT0
Host:localhost:9000
If-None-Match:W/"v9r1H7w4HiaXvycJ9FJ7lg=="
Referer:http://localhost:9000/
User-Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
Response Headersview source
access-control-allow-headers:Content-Type, X-API-KEY
access-control-allow-methods:GET, POST, DELETE, PUT
access-control-allow-origin:*
cache-control:public, max-age=300
connection:close
date:Sat, 03 Jan 2015 08:47:29 GMT
expires:Sat, 03 Jan 2015 08:52:29 GMT
etag:W/"v9r1H7w4HiaXvycJ9FJ7lg=="
x-powered-by:Express
However, I see my backend gets the request each and every time.
I have tried it with developers area open and closed and with "cache" on and off.
Nothing seems to actually cache the request
What am I doing wrong?
Here's an example JavaScript file request/response:
Request URL:http://local/index.js?time=1367958844038
Request Method:GET
Status Code:200 OK
Request Headers
Accept:*/*
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
DNT:1
User-Agent:Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31
Response Headers
cache-control:max-age=31536000
content-encoding:gzip
content-type:application/javascript
expires:Wed, 07 May 2014 20:34:04 GMT
last-modified:Tue, 07 May 2013 20:34:04 GMT
transfer-encoding:chunked
As you can see, the server responds with cache control, expires and even last modified, but everytime I reload with either F5 or clicking enter in location bar the request looks the same (I'd expect browser to send if-modified-since, etc.)
This happens in Chrome and Firefox at least.
Probably because the URL's time parameter changes with every request.
Since the URL is different, the browser can't use the previously cached response.
I have inherited a large application and whenever an exception occurs I get a screen of gibberish in Chrome:
However in IE it shows the yellow screen of death as expected:
I can't figure out why this would even happen. Could it be an encoding problem?
Edit - Here are the request and response headers:
Request:
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Cache-Control:max-age=0
Connection:keep-alive
Cookie:.ASPXAUTH=5D3E8316B9AF0... [cut for brevity]
Host:localhost:81
Referer: **************** [intentionally hidden]
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.96 Safari/537.4
Response:
Cache-Control:private
Content-Length:6193
Content-Type:text/html; charset=utf-8
Date:Wed, 07 Nov 2012 16:42:15 GMT
Server:Microsoft-IIS/7.5
X-AspNet-Version:4.0.30319
X-Powered-By:ASP.NET
Try debugging this case with the Chrome Developer Tools (menu Tools -> Developer Tools). Switch to the Network tab and reload the page. Now click on the file name in the left column and check Headers -> Response Headers -> content-type for the value text/html as well as content-encoding for gzip. Maybe the response is compressed but this is not correctly declared in the http headers.
Also look into the Response tab. Is the content there a readable html document?
In Chrome and Safari a remote image included on my site never seems to get requested with caching-friendly headers (If-Modified-Since, etc) despite the server returning the appropriate information. Local resources, on the other hand, are requested with these headers. In contrast Firefox requests the remote resources with caching-friendly headers.
This is for images on S3 though I don't think it's unique to S3...
Update: Here's the actual request I'm seeing via Chrome Resources panel.
Request URL:http://mobtest.s3.amazonaws.com/4MKHZL-114.png
Request Method:GET
Status Code:200 OK
Request Headers
Accept:application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Cache-Control:max-age=0
Referer:http://mobtest.s3.amazonaws.com/4MKHZL-114.png
User-Agent:Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_4; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.86 Safari/533.4
Response Headers
Cache-Control:public, max-age=86400
Content-Length:4074
Content-Type:image/png
Date:Wed, 30 Jun 2010 12:15:42 GMT
ETag:"7e4739d5527ada6bb327f1e27ee656ef"
Last-Modified:Tue, 29 Jun 2010 13:40:08 GMT
Server:AmazonS3
x-amz-id-2:MKTS28Zu4zTsWFjXUTzvmRY214TO9LTKTxtgW1psWKa/JY2pnwmO9rxs8fyHd/O/
x-amz-request-id:F6047ADD0FD6D885
x-amz-version-id:O2OTsDbU4uKOwze7rbK_Do39U_Xhpnyp
Repeating the request doesn't lead to any additional headers being sent by Chrome (and as mentioned before, Safari). In contrast, quickly refreshing in Firefox gives me the following:
Status: 304 Not Modified
Response Headers
x-amz-id-2 IbhwfAP7FhIN7jtn2FrsjOkVZ8sIKJjv5llevKgw04y2xM+29GSFdGyQNXjiBaMY
x-amz-request-id 258F30A4CC2AC870
Date Wed, 30 Jun 2010 12:19:55 GMT
Cache-Control public, max-age=86400
Last-Modified Tue, 29 Jun 2010 13:40:08 GMT
x-amz-version-id O2OTsDbU4uKOwze7rbK_Do39U_Xhpnyp
Etag "7e4739d5527ada6bb327f1e27ee656ef"
Content-Type image/png
Content-Length 4074
Server AmazonS3
Request Headers
Host mobtest.s3.amazonaws.com
User-Agent Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.1.7) Gecko/20091221 Firefox/3.5.7
Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language en-us,en;q=0.5
Accept-Encoding gzip,deflate
Accept-Charset ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive 300
Connection keep-alive
If-Modified-Since Tue, 29 Jun 2010 13:40:08 GMT
If-None-Match "7e4739d5527ada6bb327f1e27ee656ef"
Cache-Control max-age=0
Update 2: And now I see Chrome caching the content. Strange... I'm going to close this question and give Marc the answer.
If the server is sending back an "Expires" header that is somewhat far in the future, then the browser may be deciding that the content is still fresh enough in it's cache and that they don't even need to make a request to the server at all. You may want to review the headers being sent back from the server and ensure they are set to reasonable values. See ETag vs Header Expires for more information. Feel free to update your question with the actual URL or headers that are sent back from the server.