禁用servlet中的浏览器缓存

Question

I know this question has been asked and answered several times before but the solution doesn't seem to work in my WebApp.

This servlet handles a JSP page on which users can (fictively) buy credits. In the get-method, the servlet requests the current credits of the user from the database to show them on the JSP page. Then the user can choose the amount of credits he wants to buy.

The post method checks which value the user has chosen and updates the value in the database for that user.

After buying new credits, it looks for the user like his credits are not updated because the browser (Google Chrome) caches an old version of the page. Only after a while the user can see his updated credits.

This is my servlet:

<!-- language: lang-java -->

    package Controller.Servlets;

    import Controller.ListenerHelper;
    import Model.Listener;
    import java.io.IOException;
    import javax.servlet.ServletException;
    import javax.servlet.http.HttpServlet;
    import javax.servlet.http.HttpServletRequest;
    import javax.servlet.http.HttpServletResponse;
    import javax.servlet.http.HttpSession;

    /**
     *
     * @author Jens
    */
    public class CreditServlet extends HttpServlet {

    private Listener listener;
    private int credits;

    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        HttpSession session = request.getSession();

        ListenerHelper listenerHelper = new ListenerHelper();

        listener = (Listener) session.getAttribute("Listener");

        credits = listener.getCredits();

        request.setAttribute("credits", credits);

        request.getRequestDispatcher("/listener/credits.jsp").forward(request, response);
    }

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

        HttpSession session = request.getSession();

        listener = (Listener) session.getAttribute("Listener");

        String choice = request.getParameter("plan");

        ListenerHelper listenerHelper = new ListenerHelper();

        int creditsToAdd=0;

        switch (choice){
            case "plan_10":
                creditsToAdd=100;
                break;
            case "plan_15":
                creditsToAdd=150;
                break;
            case "plan_25":
                creditsToAdd=250;
                break;
            case "plan_50":
                creditsToAdd=500;
                break;
        }

        try{
            listenerHelper.updateCredits(listener.getUserID(), creditsToAdd, "add");
        } catch(Exception e){
            request.setAttribute("error", e.getMessage());
        }

        httpResponse.setHeader("Cache-Control", "no-cache, no-store, must-revalidate");
        httpResponse.setHeader("Pragma", "no-cache"); // HTTP 1.0
        httpResponse.setDateHeader("Expires", 0); // Proxies.

        response.sendRedirect("store.jsp?success=login");

    }
}

At the top of the JSP page I added these lines:

<%
response.setHeader("Cache-Control","no-store"); //HTTP 1.1
response.setHeader("Pragma","no-cache"); //HTTP 1.0
response.setDateHeader ("Expires", 0); //prevents caching at the proxy server
%>

UPDATE Since I can't answer my own question, I'll just update my question. I found out after some more debugging it's not the browser caching the old result but the database only updating the result after restarting the web app. I'm sorry to have wasted your time with this. I'm still new to programming. I'll try to find out why the database acts like this and post my answer. Thanks for your help.

Answer 1

Notice that in the servlet, before redirecting, you are setting this:

response.setHeader("Cache-Control", "no-cache, no-store, must-revalidate");

Then in the JSP after redirection just:

response.setHeader("Cache-Control","no-store"); //HTTP 1.1

Why did you back off of using the more powerful header? What happened to "no-cache, no-store, must-revalidate"?

What you set prior to redirection just disappears. Its as if you didn't even do it. Only what you are setting after the redirection is being sent to the client. So you need to put the more insistent header in the JSP like you did in the servlet.

Answer 2

Try with different URL always to make it a new call every time from browser.

This trick will force the browser to fetch the new copy of the JSP because the URL has been changed.

response.sendRedirect("store.jsp?success=login&random_uuid");

You can generate unique id using UUID

UUID.randomUUID().toString()