Prevent caching when you download active documents over SSL
Retired KB Content Disclaimer
This article was written about products for which Microsoft no longer offers support. Therefore, this article is offered "as is" and will no longer be updated.
This article discusses how to download active documents over Secure Sockets Layer (SSL) without permanently caching them on the client computers.
When you try to open or to download an active document over SSL, you can use one the following methods to prevent permanent client-side caching. The solutions listed here only work when you try to open or to download the active document as a result of a POST request or by clicking a hyperlink on a Web page.
- Change security settings in Microsoft Internet Explorer. To do this, follow these steps:
- On the Tools menu, click Internet Options.
- On the Advanced tab, scroll to Security, and then click to select the Do not save encrypted pages to disk check box.
- Add a Cache-control: no-store HTTP header to the response message.
- You can also add the Cache-control: no-cache HTTP header to the response message. Currently, when you add the Cache-control: no-cache header, the download fails.
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
316431 Internet Explorer is unable to open Office documents from an SSL Web site
A fix is available to allow Internet Explorer to open or to download the active document directly by typing the URL of the document in the Internet Explorer Address bar and to prevent caching when the above methods are used. This fix also corrects the behavior with the Cache-Control: no-cache HTTP header.For more information, click the following article number to view the article in the Microsoft Knowledge Base:
812935 "Internet Explorer cannot download" error message when you use an HTTPS URL to open an Office document or PDF file
If this fix is installed, you can use the three solutions that are discussed in the article to prevent caching when you try to open or to download an active document as a result of a POST request, by clicking a hyperlink, and by directly browsing to the URL of the active document. This will be the default behavior from Internet Explorer 6.0 Service Pack 2 (SP2).
Another similar fix is available to allow Internet Explorer to open or to download the active document when Cache-Control headers are used to prevent caching. Please note that this fix only works with the Cache-Control: no-cache and the Cache-Control: no-store HTTP headers. However, the download fails with the client side setting "Do not save encrypted pages to disk" when browsing to the URL of the active document directly. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
323308 Internet Explorer file downloads over SSL do not work with the cache control headersThe only difference between the 812935 hotfix and the 323308 hotfix is that the 323308 fix sets the following registry key with a DWORD value of 1:
By default, this registry key is added when you install the 323308 hotfix. Also, by default, the
BypassSSLNoCacheCheckregistry value is not set if you install a security update (MS04-004) that upgrades Wininet to version 6.0.2800.1400 or later.
pdf cache SSL https doc xls
Article ID: 815313 - Last Review: 06/20/2014 07:45:00 - Revision: 9.0
- kbinfo KB815313