我正在读取cache-control请求/响应标头here。
Cache-Control: No-Store的定义:
The no-store directive means browsers aren’t allowed to cache a response and must pull it from the server each time it’s requested. This setting is usually used for sensitive data, such as personal banking details.
Cloud Foundry UAA将其用于JWT签名验证的公共密钥存储在https://uaa.my-domain.com/token_keys中,并且其cache-control响应标头包含no-store。
这对我来说毫无意义-它们是不需要授权即可获取的公钥。此外,根据上面引用的链接,有一个ETag响应标头表示浏览器或客户端将在缓存响应。