Server: Why are preview images not cached locally (by the browser)?
Preview images do not seem to be cached in the local browser cache. I would like to embed previews of shared files on a website using <img src="…">. For this purpose it would be great if the images would be cached (by the browser) and not fetched again every time the site (that embeds the image) loads.
Is there any particular reason to set the HTTP “cache-control” header to “no-cache, no-store, must-revalidate” for preview images?
Steps to reproduce
- Upload an image to your Nextcloud files
- Share the image via public link
- Open the shared link (without being logged in) which shows the preview in a Webbrowser
- Copy the URL of the preview image
- Open the preview image via its URL or use the URL as
srcattribute of an<img>tag
Expected behaviour
The preview image should be cached in the local browser cache. Sequential requests should read the preview image from the local browser cache instead of fetching the image from the server again.
Actual behaviour
The preview image is not cached locally. Each further request fetches it again from the server.
Server configuration
Operating system: CentOS 7
Web server: Apache 2.4.6
Database: MariaDB 10.3.11
PHP version: 7.2
Nextcloud version: 15.0.0
Updated from an older Nextcloud/ownCloud or fresh install: Updated from Nextcloud 14
Where did you install Nextcloud from: Manual download
Signing status:
Signing status
No errors have been found.
List of activated apps:
App list
Enabled:
- accessibility: 1.1.0
- activity: 2.8.2
- admin_audit: 1.5.0
- apporder: 0.6.0
- bookmarks: 0.15.1
- calendar: 1.6.4
- checksum: 0.4.2
- cloud_federation_api: 0.1.0
- comments: 1.5.0
- contacts: 3.0.1
- dav: 1.8.0
- deck: 0.5.2
- encryption: 2.3.0
- federatedfilesharing: 1.5.0
- federation: 1.5.0
- files: 1.10.0
- files_markdown: 2.0.5
- files_mindmap: 0.0.11
- files_pdfviewer: 1.4.0
- files_sharing: 1.7.0
- files_texteditor: 2.7.0
- files_trashbin: 1.5.0
- files_videoplayer: 1.4.0
- gallery: 18.2.0
- logreader: 2.0.0
- lookup_server_connector: 1.3.0
- metadata: 0.8.0
- news: 13.0.3
- nextcloud_announcements: 1.4.0
- notifications: 2.3.0
- oauth2: 1.3.0
- polls: 0.9.5
- provisioning_api: 1.5.0
- sharebymail: 1.5.0
- social: 0.1.1
- spreed: 5.0.0
- support: 1.0.0
- theming: 1.6.0
- twofactor_backupcodes: 1.4.1
- twofactor_totp: 2.1.0
- updatenotification: 1.5.0
- workflowengine: 1.5.0
Nextcloud configuration:
Config report
{
"system": {
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"***REMOVED SENSITIVE VALUE***"
],
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"version": "15.0.0.10",
"dbtype": "mysql",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"dbtableprefix": "oc_",
"installed": true,
"default_language": "de",
"overwriteprotocol": "https",
"overwrite.cli.url": "***REMOVED SENSITIVE VALUE***",
"log_type": "file",
"logfile": "***REMOVED SENSITIVE VALUE***\/logs\/nextcloud.log",
"loglevel": 2,
"apps_paths": [
{
"path": "***REMOVED SENSITIVE VALUE***\/apps",
"url": "\/apps",
"writable": true
}
],
"maintenance": false,
"tempdirectory": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"theme": "",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_smtpmode": "smtp",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"filelocking.enabled": "true",
"htaccess.RewriteBase": "\/",
"htaccess.IgnoreFrontController": true,
"mysql.utf8mb4": true,
"mail_smtpauthtype": "LOGIN",
"mail_smtpauth": 1,
"mail_smtpsecure": "tls",
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpport": "587",
"mail_smtpname": "***REMOVED SENSITIVE VALUE***",
"mail_smtppassword": "***REMOVED SENSITIVE VALUE***"
}
}
Are you using external storage, if yes which one: no
Are you using encryption: yes
Are you using an external user-backend, if yes which one: no
Client configuration
Browser: Firefox 64.0
Operating system: Arch Linux
Logs
Browser log
Browser log
GET /s/kx6oyfcXBaytmkD/preview HTTP/1.1
Host: ***REMOVED SENSITIVE VALUE***
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:64.0) Gecko/20100101 Firefox/64.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: de-DE,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ***REMOVED SENSITIVE VALUE***
Upgrade-Insecure-Requests: 1
HTTP/2.0 200 OK
date: Sat, 29 Dec 2018 19:58:54 GMT
content-type: image/png
content-length: 1296192
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, must-revalidate
content-security-policy: ***REMOVED SENSITIVE VALUE***
content-disposition: inline; filename="1920-1053-max.png"
set-cookie: ***REMOVED SENSITIVE VALUE*** path=/; secure; HttpOnly
last-modified: Sun, 18 Feb 2018 16:48:02 GMT
etag: ***REMOVED SENSITIVE VALUE***
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-robots-tag: none
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=172800
X-Firefox-Spdy: h2
coderkun
All 2 comments
cc @rullzer @juliushaertl Looks like a bug
MorrisJobke
on 2 Jan 2019
Nor really a bug but more something not considered. In the original use case caching on public pages was not that big of a deal for images since you would not check them 100 times anyway.
But see #13326 for the fix.
rullzer
on 3 Jan 2019
Related issues
georgehrke
·
3Comments
brylie
·
3Comments
williambargent
·
3Comments
blackcrack
·
3Comments
ghost
·
3Comments