You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Jetstream serves every static asset with cache-control: no-cache (src/jetstream/middleware.go) and gzips per request with no skipper. Measured impact on a CF deployment (#5550 discussion has the full tables):
Engine behavior diverges: Firefox re-downloads everything on warm loads (~2.2 MB/visit pre-perf(core): lazy-load monaco, right-size assets; add load diagnostics #5560), WebKit ignores the policy entirely and serves from cache, Chromium revalidates per asset. Notably the login background jpg re-transfers in full (200, not 304) on Chromium warm reloads.
The safe subset is well-defined: Angular emits content-hashed bundles (main-<hash>.js etc.) that are immutable by construction and could be served with cache-control: public, max-age=31536000, immutable with zero staleness risk. API responses and non-hashed assets keep the conservative policy.
Constraints to respect:
The current blanket policy exists for a reason — cached-data bleed was observed historically when caching was broader. Any change must be scoped to build-hashed static files only, never API responses.
index.html must remain no-cache (it is the pointer to the hashed bundles).
Proposal: an allowlist in the static middleware — filename matches the Angular content-hash pattern → immutable; everything else unchanged. The diagnostics page from #5560 (About → Diagnostics → Load Performance) makes before/after verification straightforward on any deployment.
Follow-up from #5550 / #5560.
Jetstream serves every static asset with
cache-control: no-cache(src/jetstream/middleware.go) and gzips per request with no skipper. Measured impact on a CF deployment (#5550 discussion has the full tables):The safe subset is well-defined: Angular emits content-hashed bundles (
main-<hash>.jsetc.) that are immutable by construction and could be served withcache-control: public, max-age=31536000, immutablewith zero staleness risk. API responses and non-hashed assets keep the conservative policy.Constraints to respect:
index.htmlmust remain no-cache (it is the pointer to the hashed bundles).Proposal: an allowlist in the static middleware — filename matches the Angular content-hash pattern → immutable; everything else unchanged. The diagnostics page from #5560 (About → Diagnostics → Load Performance) makes before/after verification straightforward on any deployment.