Skip to main content


Showing posts from 2016

How Security may Impact a Web App Performance: A trek into HTTP Caching

In this post I will go over some interesting HTTP topics: HTTP Caching Headers, SSL, Fiddler, and how each of them can have impact over your web application performance (yes, just running Fiddler on your machine can effect your application's caching behavior!).  The main purposes of this post are both, helping out other developers who encountered issues covered in the post, and to stimulate awareness about security and HTTP caching relationship. For .NET Stack developers, don't be disappointed when I will mention Spring MVC, it is just my current REST provider (long live IIS!), the essence of the post should be interesting regardless. NOTE: When mentioning 'browser' I am referring by default to Chrome version 51.0.2704.84. Basic HTTP Caching Headers Rules I won't fully cover basic HTTP Caching protocol subjects like Etag/Last-Modified, no-store, no-cache etc. But before staring let's have a very quick reminder about basics HTTP Caching concepts: no-cache - must revali…