Created
March 21, 2013 15:24
-
-
Save raphaelchaib/5213892 to your computer and use it in GitHub Desktop.
Code to disable web site's cache across all browsers. Works on: HTML, PHP, Ruby on Rails, Java Servlet and ASP.NET.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| The correct minimum set of headers that works across all mentioned browsers: | |
| Cache-Control: no-cache, no-store, must-revalidate | |
| Pragma: no-cache | |
| Expires: 0 | |
| Using PHP: | |
| header('Cache-Control: no-cache, no-store, must-revalidate'); // HTTP 1.1. | |
| header('Pragma: no-cache'); // HTTP 1.0. | |
| header('Expires: 0'); // Proxies. | |
| Using Java Servlet: | |
| response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // HTTP 1.1. | |
| response.setHeader("Pragma", "no-cache"); // HTTP 1.0. | |
| response.setDateHeader("Expires", 0); // Proxies. | |
| Using ASP.NET: | |
| Response.AppendHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // HTTP 1.1. | |
| Response.AppendHeader("Pragma", "no-cache"); // HTTP 1.0. | |
| Response.AppendHeader("Expires", "0"); // Proxies. | |
| Using Ruby on Rails: | |
| response.headers["Cache-Control"] = "no-cache, no-store, must-revalidate" // HTTP 1.1. | |
| response.headers["Pragma"] = "no-cache" // HTTP 1.0. | |
| response.headers["Expires"] = "0" // Proxies. | |
| Using HTML: | |
| <meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate" /> | |
| <meta http-equiv="Pragma" content="no-cache" /> | |
| <meta http-equiv="Expires" content="0" /> | |
| The Cache-Control is per the HTTP 1.1 spec for clients (and implicitly required by some browsers next to Expires), the Pragma is per the HTTP 1.0 spec for clients and proxies and Expires is per the HTTP 1.1 spec for clients and proxies. Other Cache-Control parameters are irrelevant if the abovementioned three are specified. The Last-Modified header as included in most other answers here is only intersting if you actually want to cache the request, so you don't need to specify it at all. | |
| Note that when the page is served over HTTP and a header is present in both the HTTP response headers and the HTML meta tags, then the one specified in the response header will get precedence over the HTML meta tag. The HTML meta tag will only be used when the page is viewed from local disk file system. See also W3 HTML spec chapter 5.2.2. Take care with this when you don't specify them programmatically, because the webserver can namely include some default values. To verify the one and other, you can see/debug them using Firebug Net panel. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment