[Zope] disable page cacheing

Sam Gendler sgendler@teknolojix.com
Thu, 02 Dec 1999 15:05:18 -0800 

Adam Gotheridge wrote:

> How do stop a page from being cached in either the browser or with Zope? I
> have added a meta tag like
> <META http-equiv="EXPIRES" CONTENT="31 Dec 99">, but it doesn't do anything
> so I think the page is being cached from zope somehow.
>
> Thanks
>
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
>           No cross posts or HTML encoding!
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )

PLEASEdon't use META tags to provide HTTP functionality.  All web caches, and
most web servers ignore meta tags, since they deal exculsively with the http
protocol, and your meta tags are contained in the html.  Instead, set a
Cache-Control: no-cache tag in the Response.  See the dtml guide for syntax.
For future reference, here are useful caching headers in http

Cache-Control: no-cache makes an object uncachable
Cache-Control: max-age=30 causes a client to cache the object for, at most, 30
seconds.
Cache-Control: s-maxage: only applies to public cache, not private (browser)
caches.
Cache-Control: private means a private cache (such as your browser cache) can
cache it, but public caches like the ones on your ISP's network, cannot cache
it.
Cache-Control: no-store means don't store the object, same as Cache-Control:
no-cache
Cache-Control: no-cache=Connection means don't store the connection header
Cache-Control: must-revalidate means that all caches must validate their stored
object with the origin server, usually with an If-Modified-Since request
Cache-Control: proxy-revalidate is the same as must-revalidate, but it doesn't
apply to private caches (browser caches)
Cache-Control: public makes an object cacheable, regardless of other headers
that might imply that it is not cacheable.

Any of these headers can be combined into a comma delimited list, such as
Cache-Control: max-age=100, s-maxage=30, proxy-revalidate

If you want to be backwards compatible with really old browsers, you should
throw a Pragma: no-cache header in there, as well.  Any new browsers will give
Cache-Control headers preference over Pragma headers, and old browsers will not
cache the object.

The only other header that is object expiration secific is the Expires header,
which requires a date in a legal HTTP format.  This means rfc822 or rfc1123, and
rfc1123 is preferred.  It has the format 'Wed, 01 Dec 1999 13:42:23 GMT', so
Expires: Wed, 01 Dec 1999 13:42:23 GMT is the full form.  Alternatively,
Expires: 0 can be used to specify an uncacheable object, according to the spec,
but I have no idea whether browsers support that in a Meta tag or not.

--sam