I have a webapplication. The bootstrap page shouldn't be cached but chrome always gets the page from cache, while it doesn't show that behaviour over https, where it works correctly.
My headers are as follows:
Request URL:https://localhost:7002/
Request Method:GET
Status Code:200 OK
Request Headersview source
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8,de-CH;q=0.6,de;q=0.4
Cache-Control:max-age=0
Connection:keep-alive
Host:localhost:7002
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.56 Safari/537.36
Response Headersview source
Cache-Control:no-cache
Content-Length:2215
Content-Type:text/html; charset=UTF-8
Date:Tue, 23 Apr 2013 10:19:03 GMT
Expires:Thu, 01 Jan 1970 00:00:00 GMT
Pragma:no-cache
Set-Cookie:JSESSIONID=WrSkR2gXB3Jkycwhtzmhwgkpzv4Nn1V6nshsMWZyHl924cNp6Y6L!-1407827785; path=/; HttpOnly
Vary:Accept-Encoding
X-Powered-By:Servlet/2.5 JSP/2.1
The headers over http are exactly the same.
I tried already max-age, no-store, must-revalidate, ETag, Last-Modified, Pragma in the HTTP Header and in the meta http-equiv, but nothing seems chrome to prevent caching.
Any ideas how to prevent chrome from caching?
PS: Safari on iOS shows the same behaviour.
Related
I would like to make a file download resumable using byte-range requests.
The problem is that my existing download action is responding on a POST method and I would like to keep it that way.
But it seems from my early tests that Chrome turns interrupted POST requests for file downloads into GET requests when the user tries to resume and thus the resuming of the download fails.
Am I missing something?
Is this something related to the HTTP specs that only allow GET requests to be resumed?
Or is it simply a design flaw in Chrome (and maybe other browsers as well) that makes it forget the original HTTP method used?
UPDATE:
Here are the request/response data:
Initial POST request:
POST http://localhost:35547/Download?Guid=396b4697-e275-4396-818c-548bf8c0a281 HTTP/1.1
Host: localhost:35547
Connection: keep-alive
Content-Length: 0
Cache-Control: max-age=0
Origin: http://localhost:35547
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer: http://localhost:35547/File/396b4697-e275-4396-818c-548bf8c0a281
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.8
Cookie: __RequestVerificationToken=LuPgM05MHrsuyskgfhsrHVUs; ASP.NET_SessionId=gfiulghfuygisghkf; .ASPXAUTH=FGDJHGDHSDFB15AFDE6371CGJHDFGFBHD; fileDownload=true
Initial response (to the request above):
HTTP/1.1 200 OK
Cache-Control: private, s-maxage=0
Content-Type: application/zip
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 5.2
Content-Disposition: attachment; filename="FILE-396b4697e2754396818c548bf8c0a281.zip"
X-AspNet-Version: 4.0.30319
Set-Cookie: fileDownload=true; path=/
X-Powered-By: ASP.NET
Date: Wed, 09 Nov 2016 11:13:50 GMT
Content-Length: 1885473
PK.......... ZIP file data .............................................
After the interruption, this is the request that the browser does on resume (notice the GET method used):
GET http://localhost:35547/Download?Guid=396b4697-e275-4396-818c-548bf8c0a281 HTTP/1.1
Host: localhost:35547
Connection: keep-alive
Referer: http://localhost:35547/File/396b4697-e275-4396-818c-548bf8c0a281
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36
Accept-Encoding: gzip, deflate, sdch, br
Accept-Language: en-US,en;q=0.8
Cookie: __RequestVerificationToken=.............
(Some data from security-related cookies have been shortened and altered)
Am I missing something ?
It depends, upon how have you analyzed the behavior of google chrome. Ideal way will be use any proxy or to use packet sniffer such as Wireshark to see what request method, is used by chrome in subsequent request.
Is this something related to the HTTP specs that only allow GET
requests to be resumed?
As of now, there's no mention in spec of HTTP protocol, that only GET requests can be resumed.
Or is it simply a design flaw in Chrome (and maybe other browsers as
well) that makes it forget the original HTTP method used?
Yes, It's the flaw of google chrome. Make sure that you check it on the latest version of Google chrome with all the update patches. Also check it on other browsers.
For more info about HTTP protocol, refer to https://www.ietf.org/rfc/rfc2616.txt.
Refer to following request, for serving partial response : https://en.wikipedia.org/wiki/Byte_serving
Edit
For more updated info regarding HTTP info, refer to :-
https://www.rfc-editor.org/rfc/rfc7230
I would like to view/understand the HTTP request & response body formats that get transmitted between browser and tomcat server.
When I ran this URL request
http://localhost:8080/manager/images/code.gif
From the browser, I see the request line & header as
GET /manager/images/code.gif HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.131 Safari/537.36
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Cookie: JSESSIONID=F0140CCF2977AFA053F79DB9A0C74DD0
And response status & header as:
http 1.1 200/OK
Accept-Ranges:bytes
Content-Length:394
Content-Type:image/gif
Date:Sun, 04 May 2014 02:20:57 GMT
ETag:W/"394-1382091566000"
Last-Modified:Fri, 18 Oct 2013 10:19:26 GMT
Server:Apache-Coyote/1.1
My question is:
What will be the Request Message body for the URL request submitted? (content)
What will be the Response Message body from the tomcat server? (content)
There will be no body. Only POST and PUT requests have a body.
The response body contains 394 bytes, which are the bytes of the gif image requested.
I've set up cache for my rails application. I use conditional cache with ETag and Last-Modified headers for few pages and browser cache with Cache-Control header for few other pages. It is working ok.
But, after we set up ssl for our server, browser dont want to get pages from cache. I see the same headers for http and https protocols, but for http protocol in Chrome Developer tools in network panel I see status code 200 (from cache) for cached pages, but 200 OK for these pages with https protocol. Here is list of request headers:
Accept:text/html, */*; q=0.01
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8,ru;q=0.6
Connection:keep-alive
Content-Type:application/x-www-form-urlencoded; charset=UTF-8
Cookie: ...
Referer: ...
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1712.3 Safari/537.36
X-PJAX:true
X-PJAX-Container:#pjax-container
X-Requested-With:XMLHttpRequest
Query String Parametersview sourceview URL encoded
And response headers:
Cache-Control:max-age=600, public
Connection:keep-alive
Content-Encoding:gzip
Content-Type:text/html; charset=utf-8
Date:Wed, 20 Nov 2013 10:38:07 GMT
Last-Modified:Wed, 20 Nov 2013 08:41:45 GMT
Server:nginx/1.1.19
Set-Cookie: ...
Status:200 OK
Transfer-Encoding:chunked
X-Content-Type-Options:nosniff
X-Frame-Options:SAMEORIGIN
X-Request-Id:71c60772-bc9f-4080-98ad-0c75c589043a
X-Runtime:0.047251
X-UA-Compatible:chrome=1
X-XSS-Protection:1; mode=block
For conditional cache I have similar problem. Server set Last-Modified header, but for next request browser doesn't send 'If-Modified-Since' header, because of it conditional cache doesn't work. And it is working ok for http protocol. Here is list of request headers:
Accept:application/json, text/plain, */*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8,ru;q=0.6
Connection:keep-alive
Cookie: ...
Referer: ...
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1712.3 Safari/537.36
X-CSRF-Token: ...
And response headers:
Cache-Control:max-age=0, private, must-revalidate
Connection:keep-alive
Content-Encoding:gzip
Content-Type:application/json; charset=utf-8
Date:Wed, 20 Nov 2013 10:41:33 GMT
Last-Modified:Wed, 20 Nov 2013 10:20:44 GMT
Server:nginx/1.1.19
Set-Cookie: ...
Status:200 OK
Transfer-Encoding:chunked
X-Content-Type-Options:nosniff
X-Frame-Options:SAMEORIGIN
X-Request-Id:35054727-1b1a-497d-a830-6499ed9cad7a
X-Runtime:0.012432
X-UA-Compatible:chrome=1
X-XSS-Protection:1; mode=block
Browser caches css and js files from this server, but not rendered pages. Why browser dont cache pages for https protocol? How I can make browser cache these pages?
I've read all the caching documentation for HTTP, and this are the headers for my file:
Edit: I am now using amazon S3 to see if it helps and still the same problem! Here go the request and the response> What am I missing? Even thought the response asks for the browser to cache the file, it doesn't! I've checked the Google Chrome cache and the file is not there.
Request URL:https://s3-sa-east-1.amazonaws.com/combo-combat-release/WebPlayer.unity3d
Request Method:GET
Status Code:200 OK
**Request Headers**
GET /combo-combat-release/WebPlayer.unity3d HTTP/1.1
Host: s3-sa-east-1.amazonaws.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.52 Safari/537.17
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: es,en-US;q=0.8,en;q=0.6
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
**Response Headers**
HTTP/1.1 200 OK
x-amz-id-2: xu/RKgR4Xt6G3jQ1qkdO5rzd4TlngDYYERZ+bbGlalitJFMDjAgiLAoP4GXhmkeo
x-amz-request-id: 6A9389D16407D28D
Date: Wed, 16 Jan 2013 22:42:26 GMT
Cache-Control: max-age=2592000, public, must-revalidate
Last-Modified: Wed, 16 Jan 2013 22:29:55 GMT
ETag: "0f8d22257da9fcae61f21fd30b7a1fd4"
Accept-Ranges: bytes
Content-Type: application/octet-stream
Content-Length: 39222189
Server: AmazonS3
But the browser doesn't cache the file. Each time, the request is sent and all the data transferred from scratch (200 OK instead of 304). :(
File size is 37.4 MB
Any tip on what could be wrong?
Thanks,
Manuel
Try HTTP 1.1 instead of 1.0.
http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html states:
Note that HTTP/1.0 caches might not implement Cache-Control and
might only implement Pragma: no-cache
When pages on our website are updated and we load them in the browser they are never reloaded (until I explicitly refresh).
The first time I load Chrome Developer Tools just says "(from cache)" and doesn't show any headers but I reckon they should always send a request to validate the ETag. Or maybe the server sends a 304 Not Modified response status in error but this doesn't show up in the Network tab.
When I refresh, these are the headers. Anyone sees what is wrong?
Request
GET /home/index.html HTTP/1.1
Host: *******.be
Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: http://*****.be/home/index.html
Accept-Encoding: gzip,deflate,sdch
Accept-Language: nl-NL,nl;q=0.8,en-US;q=0.6,en;q=0.4
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
If-None-Match: "c38f300d-114d-4c2565b57b420"
If-Modified-Since: Wed, 13 Jun 2012 08:27:42 GMT
Response
HTTP/1.1 304 Not Modified
Date: Wed, 13 Jun 2012 11:24:52 GMT
Server: Apache
Connection: close
ETag: "c38f300d-114d-4c2565b57b420"
I have tested this with Chrome 19 and IE9.