Open Bug 1744611 Opened 3 years ago Updated 4 months ago

HTTP Response Header: `Clear-Site-Data: "cache"` should flush in-page assets (JS/CSS) from the cache

Categories

(Toolkit :: Data Sanitization, enhancement, P3)

Product:
Toolkit
Component:
Data Sanitization
Version:
Firefox 91
Type:
enhancement

Tracking

()

Status:
REOPENED

People

(Reporter: stephen.cunliffe, Unassigned)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

PHP simplest test case firefox-cache-clear-bug-1744611.zip
2.28 KB, application/x-zip-compressed
Details

User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Firefox/91.0

Steps to reproduce:

In trying to overcome an unrelated aggressive caching bug in a competitor browser I created a test page to send an HTTP Response Header: Clear-Site-Data: "cache" to flush the cache in the end user's browser (while maintaining cookies to keep a session alive)

This works fine in Chromium based browsers, but doesn't flush in-page assets (JS/CSS) from the cache in Firefox. (Works as expected in Chrome/Chromium Edge)

Actual results:

Requests to clear the site data cache were not honored, sub-content on the page (JS/CSS) continued to pull from the cache vs. fetch new resources.

Expected results:

HTTP cache for the specified domain should have been cleared (cookies, localStorage, etc. to remain untouched)

Composing a minimal test case to exhibit this bug, will upload shortly.

The Bugbug bot thinks this bug should belong to the 'Toolkit::Data Sanitization' component, and is moving the bug to that component. Please revert this change in case you think the bot is wrong.

Component: Untriaged → Data Sanitization
Product: Firefox → Toolkit

Load the attached test case index.php file in the browser on localhost AND/OR an HTTPS server.

With the attached test case, you can reload the page several times via the link or "Reload Page" button. Note that the server time reported (in the yellow box) remains the same from when it was loaded vs. the "executed" time that update to whenever the page is loaded.

Now press the "Reload Page (and FORCE CACHE CLEAR)" button... the page will reload with an extra param that sets the Clear cache header... then does a 302 redirect to load the page clean (w/o the param)

The browser should reload the linked JavaScript file from the server (after wiping the cache) and thus the server time should update to "now".

Test in Chromium: Works
Test in Firefox: Fails

Bug 1671182 disabled cache clearing via the Clear-Site-Data header.

Status: UNCONFIRMED → RESOLVED
Closed: 3 years ago
Resolution: --- → WONTFIX
See Also: → 1671182
Blocks: 1838506

Restoring bug due to plan to restore Clear-Site-Data: cache header support.

Severity: -- → N/A
Status: RESOLVED → REOPENED
Type: defect → enhancement
Ever confirmed: true
Priority: -- → P3
Resolution: WONTFIX → ---
Summary: HTTP Response Header: `Clear-Site-Data: "cache"` doesn't flush in-page assets (JS/CSS) from the cache → HTTP Response Header: `Clear-Site-Data: "cache"` should flush in-page assets (JS/CSS) from the cache

This should take Bug 1730197 into consideration when implementing.

See Also: → 1730197
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: