Java HTTP响应中的Spring启动缓存控制头未出现在Internet Explorer中
当使用Internet Explorer时,我在刷新页面时遇到问题,导致一些图标消失,一些字体无法正确加载。经过一些研究,我发现这很可能与Java HTTP响应中的Spring启动缓存控制头未出现在Internet Explorer中,java,spring,spring-boot,spring-mvc,spring-security,Java,Spring,Spring Boot,Spring Mvc,Spring Security,当使用Internet Explorer时,我在刷新页面时遇到问题,导致一些图标消失,一些字体无法正确加载。经过一些研究,我发现这很可能与Cache-Control头的no-store指令有关,我不久前添加了该指令,将其包含在默认HTTP响应中。为了解决此问题,我正在尝试重新配置默认响应,使静态资源具有以下缓存控制标头: Cache-Control: no-cache, max-age=0, must-revalidate Cache-Control: no-cache, no-store,
Cache-Control
头的no-store
指令有关,我不久前添加了该指令,将其包含在默认HTTP响应中。为了解决此问题,我正在尝试重新配置默认响应,使静态资源具有以下缓存控制标头:
Cache-Control: no-cache, max-age=0, must-revalidate
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
@Configuration
public class MvcAngularRouteConfig implements WebMvcConfigurer {
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/**/*.js", "/**/*.css", "/**/*.ttf", "/**/*.woff", "/**/*.woff2", "/**/*.eot",
"/**/*.svg", "/**/*.png")
.addResourceLocations("classpath:/public/", "classpath:/public/assets", "classpath:/assets/")
.setCacheControl(CacheControl.noCache().mustRevalidate()).setCachePeriod(0)
.resourceChain(true)
.addResolver(new PathResourceResolver());
registry.addResourceHandler("/**/*")
.addResourceLocations("classpath:/public/")
.resourceChain(true)
.addResolver(new PathResourceResolver() {
@Override
protected Resource getResource(String resourcePath,
Resource location) throws IOException {
Resource requestedResource = location.createRelative(resourcePath);
return requestedResource.exists() && requestedResource.isReadable() ? requestedResource
: new ClassPathResource("/public/index.html");
}
});
}
}
而不是非静态资源的默认值:
Cache-Control: no-cache, max-age=0, must-revalidate
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
@Configuration
public class MvcAngularRouteConfig implements WebMvcConfigurer {
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/**/*.js", "/**/*.css", "/**/*.ttf", "/**/*.woff", "/**/*.woff2", "/**/*.eot",
"/**/*.svg", "/**/*.png")
.addResourceLocations("classpath:/public/", "classpath:/public/assets", "classpath:/assets/")
.setCacheControl(CacheControl.noCache().mustRevalidate()).setCachePeriod(0)
.resourceChain(true)
.addResolver(new PathResourceResolver());
registry.addResourceHandler("/**/*")
.addResourceLocations("classpath:/public/")
.resourceChain(true)
.addResolver(new PathResourceResolver() {
@Override
protected Resource getResource(String resourcePath,
Resource location) throws IOException {
Resource requestedResource = location.createRelative(resourcePath);
return requestedResource.exists() && requestedResource.isReadable() ? requestedResource
: new ClassPathResource("/public/index.html");
}
});
}
}
我有一个spring引导应用程序,它的缓存控制头配置与静态资源类似:
Cache-Control: no-cache, max-age=0, must-revalidate
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
@Configuration
public class MvcAngularRouteConfig implements WebMvcConfigurer {
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
registry.addResourceHandler("/**/*.js", "/**/*.css", "/**/*.ttf", "/**/*.woff", "/**/*.woff2", "/**/*.eot",
"/**/*.svg", "/**/*.png")
.addResourceLocations("classpath:/public/", "classpath:/public/assets", "classpath:/assets/")
.setCacheControl(CacheControl.noCache().mustRevalidate()).setCachePeriod(0)
.resourceChain(true)
.addResolver(new PathResourceResolver());
registry.addResourceHandler("/**/*")
.addResourceLocations("classpath:/public/")
.resourceChain(true)
.addResolver(new PathResourceResolver() {
@Override
protected Resource getResource(String resourcePath,
Resource location) throws IOException {
Resource requestedResource = location.createRelative(resourcePath);
return requestedResource.exists() && requestedResource.isReadable() ? requestedResource
: new ClassPathResource("/public/index.html");
}
});
}
}
当我使用Google Chrome收到响应时,我会在响应中获得以下安全标题:
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
使用Internet Explorer 11和Mozilla Firefox,我可以获得以下信息:
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
我想了解的是:
缓存控制
标题,而在Google Chrome中没有标题Cache Control
头中缺少max age=0
指令缓存控制
头配置为缓存控制:无缓存,最大年龄=0,必须重新验证所有静态资源的
缓存控制:无缓存,无存储,最大年龄=0,必须在所有请求的响应中重新验证