BHSM-Servlet does not let browser cache username

Question

i have a requirement where a value should not be cached in the server nor the browser as an cookie over domains and sessions.

So i choosed to permanent-redirect to the value

Servlet:

@Override
protected void service(HttpServletRequest request,
        HttpServletResponse response) throws ServletException, IOException {
    String key = request.getParameter("key");
    String val = request.getContentType();
    if (val != null && val.length() == 0) {
        val = null;
    }
    String repeatText = request.getParameter("repeatText");
    if (val != null && repeatText == null) {
        response.setStatus(301); // moved permanent
        response.addHeader("Location", "?repeatText=" + val);
        System.out.println("Write");
    } else {
        if (repeatText != null) {
            response.setContentLength(repeatText.length());
            response.addHeader("pragma", "no-cache");
            response.addIntHeader("expires", BROWSER_CACHE_DAYS);
            response.getWriter().write(repeatText);
            System.out.println("Read and cache!");
        } else {
            response.sendError(304); // use from cache!
            System.out.println("Send use from cache.");
        }
    }
}

Script:

<input class="username" />
<button>Login</button>

<script>
jQuery.ajax('theservlet?key=username').done(function(v){jQuery('.username').val(v);});
jQuery('button').click(function(){
  jQuery.ajax('theservlet?key=username',{contentType:jQuery('.username').val()})
});
</script>

Console-output:

Send use from cache.
--- i enter username and press the button ---
Write
Read and cache!
--- now i make a reload ---
Send use from cache.

After the reaload from the browsercache does not return the username i inserted.

Why does the browser not cache?

Answer 1

Your request is an ajax call which is an async request to your servlet in this case your redirection in serverside does not affect to clientside. This request works like seperate thread in your browser.

So you should specify response data (url in this case with query string). After servlet response in your ajax success callback you should specify location to redirect event.

For redirection after ajax success window.location.href = reponseUrl; , instead of redirect you can set the value of your input.

Otherwise just submit form and redirect via your servlet.

Answer 2

Redirecting the ajax request won't redirect the browser to the new location, and if it did you wouldn't have your page any more, you'd just have the response from the servlet.

So then when you refresh the page, you're requesting the original URL from scratch again and the username is lost.

You could add the username into the URL directly in javascript:

jQuery('button').click(function(){
  var username=jQuery('.username').val();
  jQuery.ajax('theservlet?key=username',{contentType:username});
  window.location.hash=username;
});

This will append "#username" to the URL in the address bar. And then on page load you can populate the input from the request parameter if present:

jQuery('.username').val( window.location.hash );

Answer 3

Even if you do get the 301 mechanism working, you won't have any guarantees on how long the browser will cache the redirect. I don't have an answer immediately for why the 301s are not being cached for you, however if you're ok with the browser storing the username somewhere (after all, that's what you're trying to do with the 301s), and it's just that you specifically don't want it to be stored in a cookie, then sessionStorage or localStorage would be the right choice:

sessionStorage.setItem("username", username);

and

var username = sessionStorage.getItem("username");

or use localStorage to store it persistently across sessions.

Docs here