SSL + IE + HttpServices = Cache Prevention Annoyances

Turns out that ActiveX plugins (re: flash) have a 4 year old bug that prevents the proper parsing of the "Pragma" and "Expires" flag, if the response is coming through SSL. I learned this the hard way, the other day, and spent a great bit of time trying to figure out a way around the issue, as disabling cache prevention on the server-side was not an option. I stumbled upon a blog post by Gary Matthew Rogers who summed up the solution as following ...

• remove "Pragma" headers
• remove "Expires" headers
• set "Cache-Control" as: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0"

The original blog post is dead, but you should be able to access a google cache version here