google-chrome - 为什么 Chrome 还在缓存这个请求？

Question

我有一个设置了所有缓存控制功能的页面，但 Google Chrome 一直从缓存中提取它。我们清空了所有导航历史记录，但在重新加载一次后，Chrome 再次缓存它:

Request URL:http://stuf.com/path/to/foo
Request Method:GET
Status Code:200 OK (from cache)
Response Headers
Accept-Ranges:bytes
Age:0
Cache-Control:no-cache, no-store, max-age=0, must-revalidate
Content-Encoding:gzip
Content-Language:fr
Content-Length:7289
Content-Type:text/html; charset=utf-8
Date:Fri, 17 Jul 2015 23:19:54 GMT
Expires:Fri, 01 Jan 2010 00:00:00 GMT
Server:nginx
Vary:Accept-Language, Cookie, Accept-Encoding
Via:1.1 varnish
X-Varnish:1867509088
X-Varnish-Cache:MISS
Request Headers
Provisional headers are shown
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36

我们确实有清漆设置，但正如您从 X-Varnish-Cache 中看到的那样，这是一个失误。另外，状态代码部分确实说明 Chrome 正在使用缓存。

Answer 1

在您的响应 header 中，Chrome 声明年龄为 0，即响应已被缓存一秒或更短时间。
如果您等待超过一秒钟或包含 ，它应该可以工作。缓存验证器 :an ETag or a Last-Modified header它允许浏览器触发重新验证(条件请求)而不是普通的 GET 请求。
问题很可能是must-revalidate (您不需要 max-age=0 ):

When the must-revalidate directive is present in a response received by a cache, that cache MUST NOT use the entry after it becomes stale to respond to a subsequent request without first revalidating it with the origin server

没有和 ETag或 Last-Modified头重新验证是不可能的。
此外，您可以跳过 Expires标题:

If a response includes both an Expires header and a max-age directive, the max-age directive overrides the Expires header, even if the Expires header is more restrictive. This rule allows an origin server to provide, for a given response, a longer expiration time to an HTTP/1.1 (or later) cache than to an HTTP/1.0 cache.

来自 RFC .