Ticket #1060 (open enhancement)
- Created: 2015-11-27 15:53:30
- Reported by: Visman
- Assigned to: None
- Milestone: 1.6
- Component: code
- Priority: normal
HTTP only defines Pragma: no-cache; other uses of this header are deprecated.
2. functions.php, common.php, header.php, extern.php
header('Cache-Control: post-check=0, pre-check=0', false);
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
Microsoft Internet Explorer implements two Cache-Control extensions, pre-check and post-check, to give more control over how its cache stores responses.
This response gives a value of "0" for both; as a result, Internet Explorer will ignore the directive, since it requires both to be present.
In other words, setting these to zero has no effect (besides wasting bandwidth), and may trigger bugs in some beta versions of IE.
See this blog entry for more information http://blogs.msdn.com/b/ieinternals/arc … tives.aspx
It should be replaced by
header('Cache-Control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0', false);
Visman 2015-11-28 12:05:29
Possibly, it is enough only 'no-store' value:
header('Cache-Control: no-store', false);
Visman 2015-11-30 04:07:42
RED is a robot that checks HTTP resources to see how they'll behave, pointing out common problems and suggesting improvements. Although it is not a HTTP conformance tester, it can find a number of HTTP-related issues.
Franz 2015-12-02 01:27:16
- Milestone set to 1.5.10.
Per this article, both values are required as IE uses no-cache, and Firefox uses no-store.
Visman 2016-01-28 03:16:53
It is possible not to use titles Cache-Control and Pragma.
header('Expires: '.gmdate('D, d M Y H:i:s').' GMT'); header('Last-Modified: '.gmdate('D, d M Y H:i:s').' GMT');
Works for HTTP/1.1 and HTTP/1.0.
Based on the flowchart under Defining optimal Cache-Control policy from the link Visman provided, I assume the following would be enough:
header('Cache-Control: no-cache, no-store'); header('Pragma: no-cache'); // For HTTP/1.0 compatibility
This article under `Preventing Caching` supports this too.
Visman 2016-02-02 11:38:40
Many people believe that assigning a Pragma: no-cache HTTP header to a representation will make it uncacheable. This is not necessarily true; the HTTP specification does not set any guidelines for Pragma response headers; instead, Pragma request headers (the headers that a browser sends to a server) are discussed. Although a few caches may honor this header, the majority won’t, and it won’t have any effect. Use the headers below instead.
Franz 2016-04-06 10:29:31
Do we really need no-store?
http://blogs.atlassian.com/2007/12/cach … d_harmful/
Franz 2016-06-16 06:22:15
- Milestone changed from 1.5.10 to 1.5.11.
Franz 2018-07-18 09:21:52
- Milestone changed from 1.5.11 to 1.6.