0

Working HTTP Cache Control Headers For Smartphones,Tablet and web browser. When I was working on a mobile version of my website I encountered a problem. My goal is to tell the browser to never cache my webpages. I'd like every browser to do this - Chrome, Firefox, Internet Explorer, Safari, iPhone's browser, Android phone's browser, etc.

I used the following HTTP cache control code jsp, I include below jsp file in othere jsps using <%@include file="myjsp.jsp"%>. It is working fine for web browsers but not for mobile browsers.

<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"
contentType="text/html;charset=UTF-8" isELIgnored = "false" %>
<%@ taglib uri='http://java.sun.com/jsp/jstl/core' prefix='c'%>
<%@taglib prefix="c2" uri="http://java.sun.com/jstl/core_rt"%>
<%@taglib uri="http://java.sun.com/jstl/fmt" prefix="fmt"%>
<%@ taglib prefix="sec"
uri="http://www.springframework.org/security/tags"%>
<%@taglib uri="http://www.springframework.org/tags/form" prefix="form"%>
<%@taglib uri="http://www.springframework.org/tags" prefix="spring"%>

 <%
response.setHeader("Cache-Control",
        "no-cache, no-store, must-revalidate"); // HTTP 1.1.
response.setHeader("Cache-Control",
        "post-check=0, pre-check=0', false");

response.setHeader("Pragma", "no-cache"); // HTTP 1.0.
response.setDateHeader("Expires", 0); // Proxies.

 %>

What's wrong with these headers?

Do you have the same problem where your HTTP cache control headers work on some browsers and not the others?

And is there any specific diffirence between mobile and desktop browser.

Luiggi Mendoza
  • 85,076
  • 16
  • 154
  • 332
Harshil
  • 243
  • 2
  • 7
  • 19
  • It will be **way better** if you move the scriptlet code into a servlet filter, then try again. I don't post this as answer since I'm not 100% sure if will solve your problem (but IMO it should). – Luiggi Mendoza Sep 19 '13 at 04:54
  • I moved scriptlet code to Servlet Filter but still facing same issue. – Harshil Sep 23 '13 at 11:59

3 Answers3

0

try by setting these headers as html meta tags.

<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate" />
<meta http-equiv="Pragma" content="no-cache" />
<meta http-equiv="Expires" content="0" />
Ahsan Shah
  • 3,931
  • 1
  • 34
  • 48
0

First of all keeping scriptlets in JSP is never-ever recommended. Remove all the scriptlets from your JSP and try to use JSTL or struts tags whatever you could(Give preference to JSTL tags over any other framework like struts tags).

Second thing keep tags on top of your JSPs to set no caching using the below meta tags:

<meta http-equiv="cache-control" content="max-age=0" />
<meta http-equiv="cache-control" content="no-cache" />
<meta http-equiv="expires" content="0" />
<meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT" />
<meta http-equiv="pragma" content="no-cache" />

For more info have a look here and here also

If still it don't solves your problem let me know.

Community
  • 1
  • 1
Shailesh Saxena
  • 3,472
  • 2
  • 18
  • 28
  • Hi Shailesh this solution didn't work I also try with Servlet Filter it works with web browser but not in mobile browser – Harshil Sep 23 '13 at 11:57
0

Create a session attribute let's say "valid" and initialize it with any value other then null in the jsp, just after the login credentials were matched. Now create a verify.jsp with the following code:

<%
response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate"); // HTTP 1.1.
response.setHeader("Pragma", "no-cache"); // HTTP 1.0.
if(session.getAttribute("valid")==null)
{
    out.println("<script>parent.location.href='login.jsp'</script>");
}
%>

Now simply include this jsp file on each jsp page and its done. Do not forget to write "session.invalidate();" in logout.jsp

Hope it will work..!!!

Radhika Sharma
  • 1
  • 1