As I continue trying to develop my robotics project, I have run into something that - though I am sure it is by design - borders on being a bug and a potential security risk - sticky cache.
Issue: It is virtually impossible, short of an Act of God, to absolutely and positively clear cache on either Firefox or Chrome.
Issue: While developing the browser-side scripting for my project, I frequently make changes to the underlying JavaScript, save, and relaunch both the server and the browser - only to find the problem still exists. When I examine the running script in "Developer Mode" - I discover that the script being run has absolutely no resemblance to the script on the server.
Sometimes, (in Chrome), I can right-click on refresh and select "drop cache and hard reset" to refresh things. Other times dropping cache or even restarting the browser is not sufficient. I end up having to rename the file to force a hard-cache-miss to invalidate the cache and reload the correct file.
Yes, I know, there are a thousand "duplicates" of this question all over Stack Exchange and the rest of the Internet, and I've tried it all - from passing --nocache to pointing the cache to /dev/null, (which doesn't work on a Windows system!), and everything I've tried either doesn't work or results in an unusable browser.
I can't prove this, nor have I seen it documented, but I'm beginning to believe that browsers implement some kind of "hidden" cache that is used when all else fails - like the Windows "Virtual Store" - if you don't clear it after an update, the system never sees the updated files.
This is causing me untold grief and angst and is severely limiting my ability to develop code sanely.
Note that Chrome seems to be, (at least to some degree), the most amenable to clearing cache whereas Firefox holds on to cached data like a miser with his last copper coin.
Short of a nuclear explosion, how do I tell these browsers to absolutely, positively, totally and completely, drop their cache of scripts and such like? There used to be a settings feature for this, but it's gone in later browsers.
Frustration reigns supreme and any help would be appreciated.
====================
Update:
Following one of the suggested answers, I discovered something interesting:
Caching appears to be controlled by the server, not the browser and to absolutely prevent caching, the server must send special headers to the browser to make sure caching doesn't take place.
Ref: How do we control web page caching, across all browsers?
Since the person who posted the question sounded like IT for a bank or accounting firm, it appeared to involve sensitive data from banking or such like, (and I am assuming access to money or important resources), and he accepted the answer, (which had gathered a consensus of support), that sounds good enough for me.
His suggested headers for Python/Flask:
response = make_response(render_template(...))
response.headers["Cache-Control"] = "no-cache, no-store, must-revalidate" # HTTP 1.1.
response.headers["Pragma"] = "no-cache" # HTTP 1.0.
response.headers["Expires"] = "0" # Proxies.
However, two questions remain:
Is the answer still valid as it is from 13 years ago?
Where do I put it? Along with the generic response to a POST request? Or in the specific response when a resource, (like the JavaScript), is requested?
With regard to question #2, this is the server response code in my project - which I inherited from the earlier version of this written by someone else. (I added the CORS stuff.)
# Allow CORS (Cros Origin Resource Sharing) by the robot
# in response to browser "pre-flight" ("OPTION") requests.
@app.route("/robot", methods = ["OPTIONS"])
def create_CORS_response():
resp = Response()
resp.headers.add("Access-Control-Allow-Origin", "*")
resp.headers.add('Access-Control-Allow-Headers', "*")
resp.headers.add('Access-Control-Allow-Methods', "*")
resp.mimetype = "application/json"
resp.status = "OK"
resp.status_code = 200
return(resp)
@app.route("/robot", methods = ["POST"])
def get_args():
# get the query
args = request.args
# print(args)
process_robot_commands(args)
# After doing all that work, send a response.
resp = Response()
# Allow CORS (Cross Origin Resource Sharing) during POST
resp.headers.add("Access-Control-Allow-Origin", "*")
# ==> place the header data here?
resp.mimetype = "application/json"
resp.status = "OK"
resp.status_code = 200
return(resp)
# ==> or somewhere in one or more of these responses?
# ==> If so, how do I create the response and add the document data to it?
@app.route("/")
def index():
return page("index.html")
@app.route("/<string:page_name>")
def page(page_name):
return render_template("{}".format(page_name))
@app.route("/static/<path:path>")
def send_static(path):
return send_from_directory(directory_path, path)
I feel like I'm making progress, but I would appreciate any help I can get.
Thanks!
