Laravel response Cache-Control headers always containing 'no-cache'

十年热恋 提交于 2019-12-04 00:37:07

I believe your phantom cache-control headers are coming from PHP.

http://php.net/manual/en/function.session-cache-limiter.php

when php.ini has session.cache_limiter set to nocache (default), PHP sets the following headers:

Expires: Thu, 19 Nov 1981 08:52:00 GMT 
Cache-Control: no-store,no-cache, must-revalidate, post-check=0, pre-check=0 
Pragma: no-cache

I have been struggling with cache-control in laravel on apache for a few days now: I found that setting the headers within laravel simply appended them on to the headers set by php.ini. I tried setting up some rules in apache.conf in order to allow caching of .js and .css files that were being accessed via laravel while preventing the caching of requests to .php files, but these rules failed as apache will see any file being served via laravel as a .php file (because it is being accessed via index.php).

In the end I settled for setting session.cache_limiter to '' in php.ini (thereby skipping PHPs handling of cache headers), and adding the following to filters.php in app:after()

     /*
     * Custom cache headers for js and css files
     */
    if ($request->is('*.js') || $request->is('*.css')){
        $response->header("pragma", "private");
        $response->header("Cache-Control", " private, max-age=86400");
    } else {
        $response->header("pragma", "no-cache");
        $response->header("Cache-Control", "no-store,no-cache, must-revalidate, post-check=0, pre-check=0");
    }

Although I do not know your exact configuration, I would assume that this is due to your Apache configuration, as header values can be overwritten there.

Have a look through all Apache configuration files and look out for lines starting with Header Set Cache-Control, e.g. Header Set Cache-Control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0"

Probably such a directive is set to affect only your PHP files, which would be the reason why other files are delivered with other headers.

However: Watch out when changing this. Maybe you would want this to be set for security reasons. Consider the problems with caching dynamic, authenticated content by proxies (link for detail)

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!