Answer
You will need to set the appropriate HTTP header attributes to prevent the
dynamic content output by the JSP page from being cached by the browser.
Just execute the following scriptlet at the beginning of your JSP pages to
prevent them from being cached at the browser. You need both the statements to
take care of some of the older browser versions.
<%
response.setHeader("Cache-Control","no-cache"); //HTTP 1.1
response.setHeader("Pragma","no-cache"); //HTTP 1.0
response.setDateHeader ("Expires", 0); //prevents caching at the proxy server
%>
[Based on feedback (below), I have changed this scriptlet slightly. If the above fails, try changing the first line to
response.setHeader("Cache-Control","no-store"); //HTTP 1.1
The difference between no-cache and no-store is a bit dodgy, but apparently no-cache is the more polite keyword. -Alex]
However, please note that there are some problems with disabling page caching under IE 5.0 due to the unique buffering requirements of the browser. Please see the Microsoft knowledge base for details:
http://support.microsoft.com/support/kb/articles/Q222/0/64.ASP
http://support.microsoft.com/support/kb/articles/Q234/2/47.ASP
Is this item
helpful? yes no
Previous votes Yes: 24 No: 1
|
|
Comments and alternative answers
 |
|
|
|
|
|
 |
How do I prevent the output of my html or Servlet pages from being cached by the browser?
taruna lokhande, Apr 4, 2005
Hi
I am having an application which reads the bytes of media files and send it to browser. As the file which is opening in media server i dont want to be get downloaded to temporary folder. I want to prevent this catching for media files.
Is there any metod which will open the file directly in media server. I want to stream the bytes directly to media server from my application.
Please suggest me some solution
Tahnk you in advance
Regards
Taruna
Is this item
helpful? yes no
Previous votes Yes: 0 No: 0
|
|
  |
|
|
|
|
|
|
|
Re[6]: How do I prevent the output of my JSP or Servlet pages from being cached by the browser?
anant sapre, Jul 30, 2007
Hi,
i also have same problem,
I am using safari 1.3 on Mac
i tried
<%
response.setHeader("Cache-Control","no-cache"); //HTTP 1.1
response.setHeader("Pragma","no-cache"); //HTTP 1.0
response.setDateHeader ("Expires", -1);
%>
I am also doing this at the very bottom of the JSP file:
</body> <!-- end of the content body -->
<HEAD>
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">
</HEAD>
</html>
It work fine for some time but again its problematic
Is this item
helpful? yes no
Previous votes Yes: 0 No: 0
|
|
|
|
|
|
|
|
Re[4]: How do I prevent the output of my JSP or Servlet pages from being cached by the browser?
bell bell, Oct 9, 2009
If you try to check whether is checked or not using the back button that this is my understanding of what it is happening:
It is possible by setting response.setHeader ("Expires", "0"); which is the value checked first by the browser against other attributes like "Cache-Control", when you press the back button of the browser, because it finds the page already expired instead of doing a new request to the server it retrieves FROM CASH the last known page that successfully hit the server. In order to have a new request to the server when use back button, you should not have an expiration date set, but only response.setHeader("Cache-Control","no-cache"); //HTTP 1.1 and/or response.setHeader("Pragma","no-cache"); //HTTP 1.0
if you use specific application navigation then you should play around with that attributes or do an IE upgrade:))
Is this item
helpful? yes no
Previous votes Yes: 0 No: 0
|
|
|
|
|
Re: Expiration header is ignored by Internet Explorer behind a Proxy server when using BACK / FORWARD buttons
Adrian Caneva, Apr 4, 2003 [replies:5]
(Updated with some tech facts)
Expire header is not mandatory (see History Lists )
But (Cache-control, no-cache) is (see What is cacheable) and no intermediate cache in the chain should store de response.
The problem with these statement is that is an HTTP/1.1 header.
Internet Explorer would evaluate this header only if it comes in an HTTP/1.1 response.
If a Proxy server HTTP/1.0 like Squid is between the web application and the browser, MSIE would receive this header into an HTTP/1.0 response block and will ignore it. No matter if the original web server is HTTP/1.1.
Additionaly Internet Explorer by default needs, in order to place HTTP/1.1 requests, advanced setting "Use HTTP 1.1 through proxy connections".
The simplistic workaround is based on MSKB 234067 where Microsoft states that for HTTP 1.0 servers (pragma, no cache) header would prevent MSIE from storing local copies of the response if it comes from a secure site.
Is this item
helpful? yes no
Previous votes Yes: 0 No: 0
|
|
|
|
|
|
Re[2]: Expiration header is ignored by Internet Explorer behind a Proxy server when using BACK / FORWARD buttons
Sayeed Anjum, Jul 23, 2003 [replies:3]
I don't recall where I picked this tip but this might help:
After spending hours attempting to disable caching, programmers can feel like magicians searching in vain for the right magic spell. Well, Harry Potter, Example 3-8 provides that magic spell, gathered from personal experience and the recommendations of the Net Wizards.
Example 3-8: The magic spell to disable caching
// Set to expire far in the past.
res.setHeader("Expires", "Sat, 6 May 1995 12:00:00 GMT");
// Set standard HTTP/1.1 no-cache headers.
res.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
// Set IE extended HTTP/1.1 no-cache headers (use addHeader).
res.addHeader("Cache-Control", "post-check=0, pre-check=0");
// Set standard HTTP/1.0 no-cache header.
res.setHeader("Pragma", "no-cache");
The Expires header indicates that the page expired long ago, thus making the page a poor cache candidate. The first Cache-Control header sets three directives that each disable caching. One tells caches not to store this content, another not to use the content to satisfy another request, and the last to always revalidate the content on a later request if it's expired (which, conveniently, it always is). One directive might be fine, but in magic spells and on the Web, it's always good to play things safe.
The second Cache-Control header sets two caching "extensions" supported by Microsoft Internet Explorer. Without getting into the details on nonstandard directives, suffice to say that setting pre-check and post-check to 0 indicates that the content should always be refetched. Because it's adding another value to the Cache-Control header, we use addHeader( ), introduced in Servlet API 2.2. For servlet containers supporting earlier versions, you can combine the two calls onto one line.
The last header, Pragma, is defined in HTTP/1.0 and supported by some caches that don't understand Cache-Control. Put these headers together, and you have a potent mix of directives to disable caching. Some programmers also add a getLastModified( ) method that returns a time in the past.
Is this item
helpful? yes no
Previous votes Yes: 3 No: 0
|
|
|
|
|
|
|
Re[3]: Expiration header is ignored by Internet Explorer behind a Proxy server when using BACK / FORWARD buttons
Abhishek Mishra, Feb 23, 2005
I have put all the code lines :
response.setHeader("Expires", "Sat, 6 May 1990 12:00:00 GMT");
// Set standard HTTP/1.1 no-cache headers.
response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
// Set IE extended HTTP/1.1 no-cache headers (use addHeader).
response.addHeader("Cache-Control", "post-check=0, pre-check=0");
// Set standard HTTP/1.0 no-cache header.
response.setHeader("Pragma", "no-cache");
But still my JSP page link is viewable in the history. could any one suggest the solutions.
Abhishek
Is this item
helpful? yes no
Previous votes Yes: 0 No: 0
|
|
|
|
|
|
|
Re[3]: Expiration header is ignored by Internet Explorer behind a Proxy server when using BACK / FORWARD buttons
John Pile, Jun 1, 2005 [replies:1]
I've got this working well in IE, however in Firefox I get the following message...
"The page you are trying to view contains POSTDATA that has expired from cache. If you resend the data, any action the form carried out (such as a search or online purchase) will be repeated. To resend the data, click OK. Otherwise, click Cancel."
This will not be an acceptable solution. Any ideas on how to prevent Firefox from allowing the data to be reposted?
Is this item
helpful? yes no
Previous votes Yes: 2 No: 0
|
|
|
|
|
Re: Prevent Caching in IE
Rachel Clark, Apr 18, 2003
Help.... I've tried the codes listed and the suggestions all made here, but the page is still caching..... :(
Does this code work on .asf files? That maybe the problem. If so, does anyone no away to prevent the caching of these types of files?
Any help is appreciated. :)
Thanks.
Is this item
helpful? yes no
Previous votes Yes: 0 No: 1
|
|
|
|
This answer is incomplete - no wonder there is so much confusion!
Phil Haigh, Jan 11, 2006 [replies:6]
The answer here is incomplete. First of all you have to remember that these directives are used by all downstream caches (proxy servers and the browser) and therefore what might work in one situation (say, a direct connection between web server and client) may not work if there is a caching proxy server in between if the cache control headers are not thought through carefully.
Taking the directives in turn:
response.setHeader("Pragma", "no-cache");
This is the only cache control directive for HTTP 1.0, so should feature in addition to any HTTP 1.1 cache control headers you include.
response.setHeader("Cache-Control", "no-cache"); // HTTP 1.1
This directive does NOT prevent caching despite its name. It allows caching of the page, but specifies that the cache must ask the originating web server if the page is up-to-date before serving the cached version. So the cached page can still be served up i- f the originating web server says so. Applies to all caches.
response.setDateHeader ("Expires", 0); // HTTP 1.1
This tells the browser that the page has expired and must be treated as stale. Should be good news as long as the caches obey.
So, what is missing? In my book you should also add:
response.setHeader("Cache-Control", "private"); // HTTP 1.1
This specifies that the page contains information intended for a single user only and must not be cached by a shared cache (e.g. a proxy server).
response.setHeader("Cache-Control", "no-store"); // HTTP 1.1
This specifies that a cache must NOT store any part of the response or the request that elicited it.
Adding these two headers should prevent the caching of pages anywhere between the web server and browser, as well as in the browser itself. The meaning of each directive is very specific and so a given combination of directives has a different effect in any one environment.
You can also consider adding:
response.setHeader("Cache-Control", "max-stale=0"); // HTTP 1.1
This tells the cache that the maximum acceptable staleness of a page is 0 seconds.
Things to avoid doing:
The use of <meta http-equiv="expires" content=<%= new java.util.Date() %>> basically says 'this page is valid until "now" (date generated at server)'. It is fraught with peril! If the client time is,say, a minute behind the server time, then the page will be cached in the client for a minute. Much safer to use <meta http-equiv="expires" content="0"> which must always be treated as stale content.
If you specify all of the following:
response.setDateHeader ("Expires", 0);
response.setHeader("Cache-Control","private");
response.setHeader("Cache-Control","max-age=0");
Then the third directive OVERRIDES both the first AND second!
Incidentally response.setHeader(<attr>, <value>) is 100% euqivalent to <meta http-equiv="<attr>" content="<value>"> and the order of the headers is not significant.
Check out the official (theoretical) line at http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html - sections 14.9 and 14.21
Phil.
Is this item
helpful? yes no
Previous votes Yes: 1 No: 0
|
|
|
|
|
Re: This answer is incomplete - no wonder there is so much confusion!
Shailesh Gupta, May 23, 2006 [replies:4]
Thanks a lot man. After incorporating suggestions made by you I added this code at top of my every JSP and now the appication is working fine.
<%
response.setHeader("Pragma","no-cache"); //HTTP 1.0
response.setHeader("Cache-Control","no-cache"); //HTTP 1.1
response.setDateHeader("Expires", 0); //prevents caching at the proxy server
response.setHeader("Cache-Control", "private"); // HTTP 1.1
response.setHeader("Cache-Control", "no-store"); // HTTP 1.1
response.setHeader("Cache-Control", "max-stale=0"); // HTTP 1.1
%>
Though now its running a bit slow as for every request an interaction takes place between client and server. but that i guess is the leeway which 1 has to give.
Thanks & Regards,
Shailesh Gupta
Is this item
helpful? yes no
Previous votes Yes: 0 No: 0
|
|
|
|
|
|
hi..
Thiyagarajan Nagan, Dec 28, 2006
Consider in a jsp page, im returning the current time. But if i refresh, the older(first) time is getting refreshed by the second time. and so further. I dont want that dynamic time in getting changed. what to do?
Is this item
helpful? yes no
Previous votes Yes: 0 No: 0
|
|
|
|
|
|
Re[2]: This answer is incomplete - no wonder there is so much confusion!
Ahmed Moharram, May 7, 2007 [replies:2]
Thx all for your help here, but i think some code snippet is not necessary ,what i've tried at the start of the jsp:
<%
response.setDateHeader("Expires", 0); //prevents caching at the proxy server
response.setHeader("Cache-Control", "max-stale=0"); // HTTP 1.1
%>
and it's working alright with only these lines.
i've tried (response.setDateHeader("Expires", 0);) before alone and it was not working. but after adding the (response.setHeader("Cache-Control", "max-stale=0");)
it now works!
and really thx for your time :)
Is this item
helpful? yes no
Previous votes Yes: 0 No: 0
|
|
|
|
|
|
|
