Anytime PHP uses a session, it applies the setting in session_cache_limiter
in the PHP configuration. This setting sends HTTP headers which directly affect the browser's caching.
Caching is disabled by default when sessions are used. The preferred approach would be to set it globally to public
, and have pages that need real-time data disable it using session_cache_limiter
.
The length that the browser is told to cache its contents is set by the session.cache_expire
setting in the PHP config. The default value is 180 minutes (3 hours). Use session_cache_expire
to override the value.
Here are the headers each setting sends:
nocache (default)
Disables caching in the browser completely.
Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache
public (preferred)
Lets the browser cache the contents of the webpage.
Expires: (sometime in the future, according session.cache_expire) Cache-Control: public, max-age=(sometime in the future, according to session.cache_expire) Last-Modified: (the timestamp of when the session was last saved)
private
Prefers that a proxy handle caching.
Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: private, max-age=(session.cache_expire in the future), pre-check=(session.cache_expire in the future) Last-Modified: (the timestamp of when the session was last saved)