Welcome to WebmasterWorld Guest from 54.196.217.43

Forum Moderators: phranque

Message Too Old, No Replies

Can cache-control and basic authentication coexist?

     
9:20 pm on Jan 6, 2011 (gmt 0)

Senior Member from CA 

WebmasterWorld Senior Member encyclo is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 31, 2003
posts:9063
votes: 2


I'm looking to speed us the viewing of some large graphics on a small site which uses basic authentication (Apache) controlling access for a small number of users. As the files are static, I can easily use a simple rule like
ExpiresByType image/jpeg "access plus 1 year"
- but does anyone have experience regarding cache-control headers and preserving the authentication?

I want the files to be stored in the user cache but don't want intermediate public caches to serve the content without authentication.
2:24 am on Jan 27, 2011 (gmt 0)

Senior Member from KZ 

WebmasterWorld Senior Member lammert is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 10, 2005
posts: 2886
votes: 1


Using the cache control type "private" should do the trick, as this one is explicitly designed for signaling intermediate public caches to not store the content.

RFC about cache headers [w3.org] section 14.9.1