Caching and HTTPS

问题

I've noticed something interesting while monitoring the network communications between my browser and server. It has something to do with caching.

Say I have a CSS file http://domain.com/main.css (used in unsecured pages), which can also be accessed via https://domain.com/main.css (used in secured pages).

1. When I first load an unsecured page, the CSS file gets a 200 OK. When I reload the page (or go to another unsecured page), I get a 304 Not Modified.
2. When I go to a secured page for the first time, the CSS file from the https source gets a 200 OK. And when I reload the page (or go to another secured page, I get a 304 Not Modifie.
3. When I return to the unsecured page, the CSS file still gets a 304 Not Modified.
4. When I return to the secured page, the CSS file gets a 200 OK. What happened to the cached copy? How can I make it cached?

回答1:

This might answer your question. It might be the case that your website defines this resource as non cacheble by defining this :

Cache-Control   private, must-revalidate, max-age=0

for example ( when accessing https://www.google.com/ncr) causing your browser not to cache it. Do you have Fire-bug\Fiddler or anything similar to view the response headers?

来源：https://stackoverflow.com/questions/12566852/caching-and-https