caching - How to control cache in JSP page?

Question

I created a Servlet filter with the following code in doFilter:

HttpServletResponse httpResponse = (HttpServletResponse)response;

httpResponse.setHeader("Cache-Control","no-cache");
httpResponse.setHeader("Pragma","no-cache");
httpResponse.setDateHeader("Expires", 0); 

chain.doFilter(request, response);

I want to make sure that nothing gets cached at the Client and every request (even the one's from the Browser's back button) are directed to the Server.

But, even after implementing the above filter, some pages are cached (accessible using browser's back button).

And other pages that are not cached, show Web Page Expired error in Internet Explorer.

Answer 1

To start, the complete set is:

httpResponse.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // HTTP 1.1.
httpResponse.setHeader("Pragma", "no-cache"); // HTTP 1.0.
httpResponse.setDateHeader("Expires", 0); // Proxies.

The no-store and must-revalidate are required to get it to work in under each Firefox.

But, even after implementing the above filter, some pages are cached (accessible using browser's back button).

How did you test it? Those headers will actually prevent the browser from requesting the page from the browser cache instead of directly from the server. Best test is to have a Filter to listen on /* and add a debug statement in flavor of:

HttpServletRequest httpRequest = (HttpServletRequest) request;
String method = httpRequest.getMethod();
String URI = httpRequest.getRequestURI();
System.out.println(method + " request invoked on " + URI);

This should print the actual requests.

Also ensure that you don't override the headers in the JSP page itself using the HTML <meta> tags.

And other pages that are not cached, show Web Page Expired error in Internet Explorer.

You can only get this if the non-cached request was POST request, not a GET request. The GET requests will simply be requested from server again instead of from the browser cache.