This is a short post, put here as a “reminder to self” on browser caching.
A colleague recently set up an HTTP sinkhole with Apache. The setup redirected all the user requests to one specific resource.
When deploying the sinkhole, the web server logs showed that the first requests where logged with HTTP status code 200 (“OK”). The next requests however were logged with HTTP status code 304 (“Not Modified”).
The HTTP 304 code basically means that a there is no need for the server to re-transfer the requested resource because the HTTP request indicates that the client, which made the request, already has a valid version of the resource. The request is done conditional, for example via the “If-Unmodified-Since” header.
In our setup we wanted to return the HTTP 200 code, regardless if the browser requesting the resource already had a valid version of the resource.
A bit of reading on how to modify HTTP headers within Apache resulted in adding these configuration settings
Header unset ETag FileETag None Header set Cache-Control "max-age=0" RequestHeader unset If-Modified-Since
The settings above alter the client request to remove the conditional check (If-Modified-Since) and add an extra header limiting the resource lifetime. The ETag two configuration settings remove the cache validation token.
Note: when first testing the Apache configuration in a VM (with the requests only coming from local, RFC1918, addresses) there was never a HTTP 304 code returned. I couldn’t find anything related to browsers not sending the conditional check for ‘local’ addresses.
Useful resource : Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests