Caching happens based on the caching headers not the protocol you use. The use of SSL really depends on the data you exchange back and forth between the client and the server and the importance you give to limiting the "hackability" of your site. SSL is far to be really secure but it does add an extra level of security. Rails provides a bunch of security tools to avoid common security breach and I would personally start by only use SSL when transferring sensitive data such as credentials, payment details etc.. I would also not force SSL for any public pages for SEO reasons.
- Matt Sent from my iPad On Oct 11, 2011, at 6:21 PM, Ylan <[email protected]> wrote: It seems that there are lots of information out there that categorically says that there is no caching while using HTTPS. However, I also found this: http://blog.httpwatch.com/2011/01/28/top-7-myths-about-https/ This seems to go more in line with what I can observe in the chrome network resource tab: When navigating to previously visited pages under https, the resources I would expect to be cached, are loaded from cache, even extending rails-rendered pages that are set in the controller using: expires_in 60.minutes, :public => true So, at least there is some caching being done in the browser. Does anybody know if Varnish will also cache those rails-render pages? (Matt: I am hoping you chime in here specifically. I really want to apply most of what you describe in http://merbist.com/2011/07/11/first-step-in-scaling-a-web-site-http-caching/ ). Thanks for the input, -- Ylan -- SD Ruby mailing list [email protected] http://groups.google.com/group/sdruby -- SD Ruby mailing list [email protected] http://groups.google.com/group/sdruby
