I keep on seeing this get thrown around, that POST is not cacheable:
> unless the response includes appropriate Cache-Control
Forgive me if I'm dense, but doesn't this "unless" clause mean exactly that if you include a Cache-Control header, the POST will be cacheable unless the Cache-Control header says otherwise? The discussion is then really about whether max-age 0 means "for 1 second" or "never". I don't see why it would be necessary for it to mean "never" when there are two other ways you can get that behavior: by specifying "no-cache" or by simply omitting the header.
The entire discussion is about a developer who uses the following header:
What's broken is this: when you make a POST request to a server that omits the Cache-Control header, iOS 6 caches that response by default. That behavior violates the HTTP spec.
> The discussion is then really about whether max-age 0 means "for 1 second" or "never".
max-age 0 means "cacheable resource fresh for 0 seconds". It means neither "don't cache" nor "cache for n seconds". The resource is cacheable and always stale, and must be revalidated before returning it to a client.
> I don't see why it would be necessary for it to mean "never"
It doesn't, but returning the resource without checking its validity against the source is forbidden by the spec. So Safari is buggy on that, and buggy when there's no Cache-Control as well.
> unless the response includes appropriate Cache-Control
Forgive me if I'm dense, but doesn't this "unless" clause mean exactly that if you include a Cache-Control header, the POST will be cacheable unless the Cache-Control header says otherwise? The discussion is then really about whether max-age 0 means "for 1 second" or "never". I don't see why it would be necessary for it to mean "never" when there are two other ways you can get that behavior: by specifying "no-cache" or by simply omitting the header.
The entire discussion is about a developer who uses the following header: