Already cached responses should not initiate another inactive-retry-active flow

privacycg / storage-access-headers

Proposal for HTTP headers related to the Storage Access API

https://cfredric.github.io/storage-access-headers/

Creative Commons Attribution 4.0 International

26 stars 2 forks source link

Already cached responses should not initiate another inactive-retry-active flow #9

Closed dominikschreiber closed 4 months ago

dominikschreiber commented 7 months ago

Especially embedded non-<iframe> resources could be sent with "cache forever" headers (e.g. Cache-Control: max-age=9999999). For those cached responses, the server decided that the browser would never have to authenticate again (because the result is already in the browser cache).

Therefore it only makes sense that already cached responses should not initiate another inactive-retry-active flow.

If that consideration is not already part of the proposal/PoC, it should be taken into account.

cfredric commented 4 months ago

Therefore it only makes sense that already cached responses should not initiate another inactive-retry-active flow.

IIUC, this is part of how the cache works; if the response is already cached, it will be served from the browser's HTTP cache, without hitting the network again. Since the browser won't go to network for that request, it won't initiate another inactive-retry-active flow for any cached resources.

Closing since I don't think this proposal needs to do anything special here, the cache will continue to work as usual.