As Tom mentioned, these headers are designed to help control cache by various clients that your web pages may go through.
The http spec: http://www.w3.org/Protocols/rfc2616/rfc2616.html defines the headers. Here is the first line for each of the headers in question: Expires - The Expires entity-header field gives the date/time after which the response is considered stale. Pragma - The Pragma general-header field is used to include implementation- specific directives that might apply to any recipient along the request/response chain. Cache-Control - The Cache-Control general-header field is used to specify directives that MUST be obeyed by all caching mechanisms along the request/response chain. I'd not heard of Pragma: public, I've only used Pragma: no-cache, but apparently someone has a use for it: http://stackoverflow.com/questions/1920781/what-does-the-http-header-pragma-public-mean In a web app I work on with others (perl based), when we want to prevent cache we do: $r->header_out('Expires' => "Mon, 26 Jul 1997 05:00:00 GMT"); $r->header_out('Last-Modified' => time2str(time)); $r->header_out('Cache-Control' => " no-store, no-cache, must-revalidate, post-check=0, pre-check=0"); $r->header_out('Pragma' => "no-cache"); And, if its an http document, we add in: push @metaData, "<META HTTP-EQUIV=\"cache-control\" CONTENT=\"no-cache\">\n"; push @metaData, "<META HTTP-EQUIV=\"pragma\" CONTENT=\"no-cache\">\n"; push @metaData, "<META HTTP-EQUIV=\"expires\" CONTENT=\"0\">\n"; Which is really redundant. When we send a file we use the following headers (again in perl) in addition to the cache headers: $r->content_type($contentType); $r->header_out("Accept-Ranges", "bytes"); $r->header_out("Content-Length", $fileSize); $r->header_out("Content-disposition","$attachmentType; filename=" . $file_title . "." . $ext); Where: $contentType is either "application/unknown" or an appropriate type for an inline download (like application/msword for a .doc file) $fileSize is the size of the attachment $attachementType is either: attachment or inline (I do inline for doc,dock,ppt,xls and pdf files). $file_title is the name of the file $ext is the extension As Nuno mentioned wireshark is a really good tool to know how to use. As a web developer you may also want to consider use something Live HTTP Headers for firefox as it will give you the headers going to the server and coming back to the client without having to set up a full trace. If you install that you can go download some files from web sources and see what headers they are giving you back. -John On Feb 29, 2012, at 2:37 AM, Tom Metro wrote: Stephen Adler wrote: I'm writing a web application which downloads files using PHP. That's a vague statement, but I gather from the context that you are generating an HTTP response document, and you want it to trigger the requesting browser to prompt the user to save a file. The most comprehensive set of header commands I've seen to initiate a file download is the following... header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment;filename="'.$Filename.'"'); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header('Content-Length: '.$FileSize); header('X-SendFile: '.$StorageDirectory.'/'.$UUID); exit(); Why are you exiting? Per your headers, the content of the file should follow. (Those generally look like the correct headers, but I couldn't say if you missed something without looking it up.) I'm wondering about the 'Expires:', 'Cache-Control:', and 'Pragma:' headers. What are they needed for and how do they make the transfer work better. These are all attempts to get the browser or a proxy in the middle to not cache the returned content. (Not everyone adhered to the same standard, so this sort of multiple header kitchen sink approach is common.) If the content is actually unchanged (i.e. not dynamically generated), then you don't need and shouldn't include those headers. -Tom -- Tom Metro Venture Logic, Newton, MA, USA "Enterprise solutions through open source." Professional Profile: http://tmetro.venturelogic.com/ _______________________________________________ Discuss mailing list Discuss@blu.org<mailto:Discuss@blu.org> http://lists.blu.org/mailman/listinfo/discuss _______________________________________________ Discuss mailing list Discuss@blu.org http://lists.blu.org/mailman/listinfo/discuss
