Force Cache-Control: no-cache in Chrome via XMLHttpRequest on F5 reload

javascript ajax google-chrome caching

44,031

Solution 1

An alternative would be to append a unique number to the url.

<script>
    var xhr = new XMLHttpRequest;
    xhr.open('GET', 'test.html?_=' + new Date().getTime());
    //xhr.setRequestHeader('Cache-Control', 'no-cache');
    xhr.send();
</script>

timestamp isn't quite unique, but it should be unique enough for your usecase.

Solution 2

Using a query string for cache control isn't your best option nowadays for multiple reasons, and (only) a few are mentioned in this answer. He even explains the new standard method of version control. Though if you just want to be able to set your request headers, the right way to do it is:

    // via Cache-Control header:
    xhr.setRequestHeader("Cache-Control", "no-cache, no-store, max-age=0");
    
    // fallbacks for IE and older browsers:
    xhr.setRequestHeader("Expires", "Tue, 01 Jan 1980 1:00:00 GMT");
    xhr.setRequestHeader("Pragma", "no-cache"); //Edit: I noticed this is required for Chrome some time ago... forgot to mention here

Hope this helps anyone in the future.

44,031

Author by

sod

Updated on October 06, 2021

Comments

sod over 2 years
I want to ensure that data I request via an AJAX call is fresh and not cached. Therefor I send the header Cache-Control: no-cache

But my Chrome Version 33 overrides this header with Cache-Control: max-age=0 if the user presses F5.

Example. Put a test.html on your webserver with the contents
```
<script>
    var xhr = new XMLHttpRequest;
    xhr.open('GET', 'test.html');
    xhr.setRequestHeader('Cache-Control', 'no-cache');
    xhr.send();
</script>
```
In the chrome debugger on the network tab I see the test.html AJAX call. Status code 200. Now press F5 to reload the page. There is the max-age: 0, and status code 304 Not Modified.

Firefox shows a similar behavior. Intead of just overwriting the request header it modifies it to Cache-Control: no-cache, max-age=0 on F5.

Can I suppress this?
wadim over 9 years

That it not true. Cache-Control is both a response header and a request header.
Franklin Yu about 7 years

@wadim So Chrome and Firefox do not respect RFC 2616 (now 7234)?
Kevin B about 7 years

just a note, this answer is a community wiki, so if you feel it doesn't adequately answer the question feel free to update it. I don't have time atm to revisit it.
chanp almost 7 years

In some situation it is preferable to have the same url for the request to the same API end point. I think this answer still not cover that case???
Kevin B almost 7 years

@chanp correct, it doesn't cover that case. that case would only be solvable with headers, but chrome v33 overrides some of them... so... yea, goodluck :)
chanp almost 7 years

@KevinB I happen not to read the whole introduction. Pardon me.
M. Gara about 6 years

Please don't use this method as it defeats the purpose of the Proxying and CDN caching. A better configuration of your server and your client will be your best choice.
thdoan almost 6 years

Notes: expires is not required if max-age is set (source); post-check=0 and pre-check=0 are not required (source); must-revalidate cannot be used client-side (source).
hewiefreeman almost 6 years

They might not be required, but there are older browsers that will ignore some of the other headers in which case they will kick in to do the job (I've done testing on this myself with crossbrowsertesting.com). Though I can't vouch for must-revalidate as I didn't know much about it and just threw it in for overkill.
Bruno de Oliveira over 3 years

This doesn't cover the whole situation because if you access the url without the unique number that page will remain outdated (cached).