When connecting to an SSL site that is sending “Pragma: no-cache” headers it looks like all versions of IE fail to download files such as .doc, .pdf and .xls due to it refusing to let them pass through disk cache to be passed on the relevant application.

Some sites seem to suggest this is trivial to fix by adjusting the “Do not save encrypted pages to disk” setting in IE. In IE 8 this setting made no difference for me and in most cases the users I deal with that are using IE are unable to change such settings as they are locked down in Mandatory profiles or other forms of AD config.

See: http://answers.google.com/answers/threadview/id/142007.html

My hack to solve this problem is to strip out the Pragma header when the user agent matches MSIE at the Apache level:

1
2
3

# file downloads do not function in IE if "Pragma: no-cache" is set in the headers
BrowserMatch MSIE disable_pragma
Header unset Pragma env=disable_pragma

In this case it’s ok because we are also sending sensible Cache-Control headers which all HTTP/1.1 compliant software should be using anyway. As I know about everything between Apache and where SSL is terminated and I can ensure that Cache-Control is being sent by the program up stream from Apache, disabling Pragma shouldn’t really affect anything, but just in case we only disable it for IE. See: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9

It would probably be a good idea to also run a test to ensure SSL is actually on, but I’m lazy and in this case it’s not possible as SSL is handled at a different layer that doesn’t let Apache know what’s going on.