在 CDN 中缓存但不在浏览器中缓存
我目前使用 Akamai 作为 CDN,但我注意到浏览器也在缓存内容。浏览器缓存 images/css/js 真是太好了,但我想知道是否有办法不缓存在浏览器上,而是缓存在 Akamai 中。
现在,我从我的来源发送如下标头:
Cache-Control: public, must-revalidate, max-age=300
Expires: Sun, 19 Feb 2012 19:04:30 GMT
Date: Sun, 19 Feb 2012 18:59:30 GMT
Akamai 尊重这些标头,但也将它们直接传递回用户。这使得浏览器实际上也缓存了内容。
这在大多数情况下都非常有效,但我们还有一些 CDN 逻辑,如果用户有登录的 cookie,则绕过 CDN 缓存并直接访问原点。
因此,如果假设未经身份验证的用户单击“登录”,那么他们将通过登录过程发送并返回同一页面。尽管 CDN 会从源请求此页面,但浏览器实际上会再次请求同一页面,并且看起来好像登录不起作用。
现在,我可以强制登录过程添加像 ?l=1 之类的查询参数,但必须有更好的方法。
我很想看看 Akamai 是否可以将 Cache-Control 标头覆盖为硬编码的无缓存值,但我想知道是否有办法在原始版本中执行此操作?
谢谢!
I currently use Akamai as a CDN, but I noticed that the browser is also caching content. It's great that the browser caches images/css/js, but I would like to know if there is a way to not cache on the browser, but to cache in Akamai.
Now, right now from my origin I send headers like this:
Cache-Control: public, must-revalidate, max-age=300
Expires: Sun, 19 Feb 2012 19:04:30 GMT
Date: Sun, 19 Feb 2012 18:59:30 GMT
Akamai honors these headers, but also passes them right back to the user. This makes it so the browser actually caches the content also.
This works great most of the time, but we also have some CDN logic that if a user has a logged in cookie, to bypass the CDN cache and go right to origin.
So, if let's say an un-authed user is on a clicks "login", they are then sent through the login process and brought back to the same page. Even though the CDN would request from origin for this page, the browser actually requests the same page again and it looks as if the login hasn't worked.
Now, I can force that a login process adds a query param like ?l=1 or something, but there has to be a better way.
I'm tempted to see if Akamai can overwrite the the Cache-Control header to a hard coded no-cache value, but I'm wondering if there is a way to do this in origin?
Thanks!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
Akamai 有一个名为“Edge-control”的标头,其格式与 Cache-Control 相同。您可以指定 Edge-control 为正 max-age,然后将 Cache-Control 设置为“no-cache,no-store”。这应该得到你想要的。
当发送我想要缓存的页面的 Edge-control 标头时,我总是在该值前面加上“!no-store”以确保 Akamai 缓存它。例如,格式为“!no-store,max-age=1234”。
Akamai has a header called "Edge-control" of the same format as Cache-Control. You can specify the Edge-control with a positive max-age and then set Cache-Control to "no-cache, no-store". This should get what you want.
When sending the Edge-control header for a page I want cached, I always precede the value with "!no-store" to make sure Akamai caches it. So the format would be "!no-store,max-age=1234" for instance.
Akamai 确实提供了一种在 Akamai 服务器内设置不同缓存行为的方法,而不是通常的 Cache-Control: 和 Expires: 标头。您可以从源服务器传递自定义标头,Akamai 边缘服务器在将内容传递到浏览器时会理解、遵守并剥离这些标头。此信息可在 Akamai 门户文档中找到。
在您的情况下,您希望行为根据用户是否登录而改变。您可以要求在将对象传送到登录用户的浏览器时将对象绕过缓存,或者您可以使用 cookie 值来修改缓存键(Akamai 服务器如何引用该对象),但您可能需要在此联系 Akamai 寻求帮助。
您需要非常小心,以确保 Akamai 缓存的其他用户无法查看个性化内容。如果有疑问,请谨慎行事,不要允许 Akamai 缓存该对象。
Akamai does provide a means to set different caching behaviour within the Akamai servers vs the usual Cache-Control: and Expires: headers. There are custom headers you can pass from your origin servers that the Akamai edge servers understand, obey and strip when they pass the content on to the browser. This information is available within the Akamai portal documentation.
In your case you want the behaviour to change depending on whether a user is logged in or not. You can ask that that the object bypasses the cache when the object is being delivered to the browser for logged in users or you could use cookie values to modify the cache key (how the object is referenced by the Akamai server), but you may need to speak with Akamai for help here.
You will need to be very careful here to ensure that something personalised cannot be viewed by other users of the Akamai cache. If in doubt, err on the side of caution and don't allow Akamai to cache the object.