Bug in My Little Forum (Bugs)

by Auge ⌂ @, Wednesday, April 19, 2017, 20:26 (1647 days ago) @ danielb987


The header Cache-Control: private, no-cache="set-cookie" allows cache, except of the set-cookie header. I'm not entirely sure, but I think that the use of no-cache="set-cookie" forces IE to do a request to the web server in order to get the new set-cookie header, and when doing that it also sees if the page has been changed.

The header Cache Control: No-cache tells the web browser to not use the cache at all. It means that it always have to load the entire page from the server.

No, that's not correct. The header tells the browser that he CAN use the cache. But he should request the server for changes. At that point it's the same behaviour like must-revalidate.

The header Cache-Control: private, must-revalidate is for special cases. You can read the HTTP 1.1 standard about must-revalidate for more information.

There is no "special case" at all. The header "must-revalidate" means, that the browser MUST request the source server for changes every time, he requests the page.

In the case of MLF the main page might be changed often. The mandatory additional request might be answered with status 304 (no change, load the page from the cache), but more often with status 200, what leads to loading the page from the server. That's what we want.

The pages of the entries itself are changing more or less seldom. The threaded and the linear view of a thread may change often in a very active forum, the pages of entries in the single-entry-view will only change when an entry was edited or if the thread got new entries (the thread tree below the entry changes in that case). When nothing changed, we want the users browser to load the page from the cache.

In my forum, with 2000 users, everything works fine since I changed to the code:
header('Cache-Control: private, no-cache="set-cookie"');

My users uses different web browsers, like IE, Firefox, Chrome, Android and iPhone/iPad. If something doesn't work, they tell me. And I haven't heard anything that would indicate that the forum would have problems with cache.

Because of the different behaviour of the browsers on one hand and my inability to test them all on the other hand I have to believe what you say. Additionally I don't believe, that the team of phpBB, which has much more resources, would use a header a long time, when it's misbehaving is noticed. But my gut instinct tells me to enforce the revalidation of a page at request. The correct way to do it is the directive "must-revalidate" as – away from the browsers behaviour – the standard points out.

If the phpBB-solution solves this issue in practice too, there would be no need to ignore this probably well proven solution. To check, wich solution would fit at best, I was calling for tests. Because I can't execute them alone (I've no access to all relevant browsers) and obviously no one else is willing to support my request, I will put the phpBB-solution into the code without further checks.

Tschö, Auge

Trenne niemals Müll, denn er hat nur eine Silbe!

Complete thread:

 RSS Feed of thread

powered by my little forum