Browser Cache Resources

best-practices

#1

Hi all,

I’ve been wanting to learn more about browser caches and sessions. Because there are many types of browsers out there, I haven’t found many resources that discuss these topics generally.

I’ve heard that sessions that are structured by max-age can last anywhere between a few minutes to 24 hours. Does the user have control over how long sessions last?

Here’s one resource I’ve looked at:

Also, for projects like Tor (which claim to be more secure), is the way they store data different from popular browsers like Chrome and Firefox?

Are there any guides you recommend to learn more about this?


#2

@sunahsuh Can you think of any resources re: Firefox?


#3

I’m no expert, but I know a bit about sessions. Usually this is managed with cookies using the max age property. This is set by the application and could be deleted by the user but not modified. afaik. This is directly related to what we see as a session, logged in to a website. It can be any length of time. I’ve seen as much as two weeks used. This requires the user to only log in again every two weeks unless they explicitly log out.

The session limit is usually used by the server to know how long they should keep a given network connection open with the client. As most client applications will not be continually communicating back and forth.

Someone correct me if I’m wrong.


#4

Mozilla Developer Network has an overview article that you might find useful:


There are some resources linked at the bottom of that article for further reading. The MDN article for Cache-Control is also pretty good, especially the browser compatibility matrix:

In the past I’ve found the HTTP RFCs to be actually fairly readable, if you want to dig in to the actual spec (which I recommend!) https://tools.ietf.org/html/rfc7234