[Feature Proposal] method to set `Cache-Control: no-store` header

Summary

Currently there is no good way to set Cache-Control: no-store in Rails applications. One of the top StackOverflow answers currently suggests putting it directly into header set.

Unfortunately, it cannot later be overridden in specific/individual actions by calling e.g. expires_in 5.minutes. Resulting header in that case is Cache-Control: max-age=300, private, no-store (which doesn’t make much sense).

What’s the use of it

Couple examples:

Naming it

Random suggestions:

  • no_store
  • http_cache_no_store

Implementing it

Gave it a quick go and currently have this: Comparing master...cache-control-no-store · tadas-s/rails · GitHub

Not exactly elegant, mostly because I want to be able to override no_store with expires_now/in/etc and vice versa. E.g. when there’s a controller/app wide default set in before_action, but some specific controller actions need to override it.

Any thoughts? Is this something worth considering for Rails core?

Other Information

  • Mozilla developer docs for Cache-Control header.
  • Somewhat similar conversation mentioning no-store in PR 19556 which didn’t go anywhere. Couldn’t find any more examples / discussion about this.

Many Thanks, Tadas

3 Likes

There’s now a PR for this.