This leaves caching entirely up to the browser, and in some cases it will serve stale content quite a long time. Eg:
$resp = iwr https://www.powershellgallery.com/packages/PowerShellGet
C:\WINDOWS\system32>$resp.Headers
Key Value
--- -----
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options deny
X-XSS-Protection 1; mode=block
X-Content-Type-Options nosniff
Strict-Transport-Security max-age=31536000
Content-Length 51565
Cache-Control private
Content-Type text/html; charset=utf-8
Date Mon, 29 Oct 2018 16:48:47 GMT
Server Microsoft-IIS/10.0
Cache-Control:private prevents a proxy from storing the page, but we don't set max-age or etags so browser has to guess. When a new version of a package is published, users may be confused that this version-independent URL doesn't update (because their local browser is caching it).
This leaves caching entirely up to the browser, and in some cases it will serve stale content quite a long time. Eg:
Cache-Control:private prevents a proxy from storing the page, but we don't set max-age or etags so browser has to guess. When a new version of a package is published, users may be confused that this version-independent URL doesn't update (because their local browser is caching it).