How to disable proxy caching with .htaccess

2019-03-21 02:31发布

站内问答 / 前端开发
611 2 4

I have a problem where corporate proxy servers serves up the page for different logged in users. I reckon I can solve this issue by disabling proxy caching. This page suggests including the following snippet in htaccess:

ExpiresDefault A0
Header set Cache-Control "no-store, no-cache, must-revalidate, max-age=0"
Header set Pragma "no-cache"

As I've understood it (by Googling), the Expires header is only read by proxies, so I might also just use "Header set Expires 0"?

I suppose this would also prevent caching of stylesheets, images and other assets (although only by proxies, not browsers)?

What is the best way to deal with this? I'm running PHP, and can easily modify headers through PHP, too, if that's recommended.

I don't have access to a proxy server for testing.

2条回答
Rolldiameter
2楼-- · 2019-03-21 02:51

Use:

ExpiresActive On

ExpiresDefault now

Header set Cache-Control "no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform"

Header set Pragma "no-cache"

查看更多
0人赞 添加讨论(0) 举报
兄弟一词,经得起流年.
3楼-- · 2019-03-21 03:04

From http 1.1 spec (RFC 2616) chapter 14.9.1

private
    Indicates that all or part of the response message is intended for
    a single user and MUST NOT be cached by a shared cache. This
    allows an origin server to state that the specified parts of the

Header set Cache-Control "private, ..." does the trick.

There is no need for the Expires header. Cache-Control: max-age overrides the Expires field. See RFC Section: 14.21

You should send different caching headers depending on the content you deliver.

The following example is for a website delivering static contents in /static and vary content for logged in users. Logged in users are identified by presence of the session cookie: MYSESSID.

  • Allow 5min public caching by default
  • Allow 365 days public caching on static files
  • Allow 5min private caching for logged in users
  • Deny caching at /dynamic/*
RewriteEngine On
# Flag files in /static as STATIC
RewriteRule ^static - [E=STATIC:1]

# Flag requests by logged in users as PRIVATE
# Users are identified by presence of MYSESSID cookie
# Ignores files in: /static 
RewriteCond %{HTTP_COOKIE} MYSESSID
RewriteCond %{REQUEST_URI} !^/static
RewriteRule ^ - [E=PRIVATE:1]

# Tell proxy servers that contents not in /static vary based on the given cookies
RewriteCond %{REQUEST_URI} !^/static
RewriteRule ^ - [E=VARY:1]

# Flag requests to /dynamic as NO_CACHE
RewriteRule ^dynamic - [E=NO_CACHE:1]


## Default Cache-Control
# Per default, any content is public and 5min cacheable
Header set Cache-Control "public, max-age=300"

## Static Files
# Static files are public and 365d cacheable.
Header set Cache-Control "public, max-age=31536000" env=STATIC
# Reset age, indicates objects as fresh
Header set Age 0 env=STATIC

## Private responses
# private. Allow 5min caching
Header set Cache-Control "private, max-age=300" env=PRIVATE

## Deny caching
Header set Cache-Control "private, max-age=0, no-cache, no-store, must-revalidate" env=NO_CACHE

## Vary rules
Header append Vary: Cookie env=VARY
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)