Closed
Bug 1385980
Opened 7 years ago
Closed 4 years ago
Access-Control-Max-Age value to disable caching
Categories
(Developer Documentation Graveyard :: Protocols, defect, P5)
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: paul.spangler, Unassigned)
References
()
Details
:: Developer Documentation Request Request Type: Correction Gecko Version: unspecified Technical Contact: :: Details The current doc for the Access-Control-Max-Age header states that "A value of -1 will disable caching, requiring a preflight OPTIONS check for all calls." However, the header's value is documented to be of type delta-seconds, which is an unsigned integer (1*DIGIT, see [1]). Additionally, the fetch spec doesn't mention -1 anywhere, but does refer to treating the value as 0 on error [2]. Looking through the Chrome code since that's what I had at hand, it treats -1 as a parse failure and falls back to its own default value (5 seconds) rather than disabling caching. On the other hand, setting Access-Control-Max-Age to 0 appears to actually disable caching. I think the documentation should say that "A value of 0 will disable caching" instead. [1] https://tools.ietf.org/html/rfc7234#section-1.2.1 [2] https://fetch.spec.whatwg.org/#cors-preflight-fetch
Comment 1•4 years ago
|
||
FWIW there is a WPT test to ensure that max-age=-1
disables caching. It is true that according to the spec the -1
value isn't allowed but still that is something that servers can send browsers, so it's good to agree among browsers how it should be handled.
Comment 2•4 years ago
|
||
MDN Web Docs' bug reporting has now moved to GitHub. From now on, please file content bugs at https://github.com/mdn/sprints/issues/ and platform bugs at https://github.com/mdn/kuma/issues/.
Status: UNCONFIRMED → RESOLVED
Closed: 4 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•