When connecting to an SSL site that is sending “Pragma: no-cache” headers it looks like all versions of IE fail to download files such as .doc, .pdf and .xls due to it refusing to let them pass through disk cache to be passed on the relevant application.
Some sites seem to suggest this is trivial to fix by adjusting the “Do not save encrypted pages to disk” setting in IE. In IE 8 this setting made no difference for me and in most cases the users I deal with that are using IE are unable to change such settings as they are locked down in Mandatory profiles or other forms of AD config.
My hack to solve this problem is to strip out the Pragma header when the user agent matches MSIE at the Apache level:
1 2 3
In this case it’s ok because we are also sending sensible Cache-Control headers which all HTTP/1.1 compliant software should be using anyway. As I know about everything between Apache and where SSL is terminated and I can ensure that Cache-Control is being sent by the program up stream from Apache, disabling Pragma shouldn’t really affect anything, but just in case we only disable it for IE. See: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9
It would probably be a good idea to also run a test to ensure SSL is actually on, but I’m lazy and in this case it’s not possible as SSL is handled at a different layer that doesn’t let Apache know what’s going on.