Groups keyboard shortcuts have been updated
Dismiss
See shortcuts
Clarification on the caching mechanism - etld+1 does not seem to share cache
70 views
Skip to first unread message
Liv
Apr 28, 2025, 12:15:45 PMApr 28
to securi...@chromium.org
Hi Chromium Security Team,
I’ve been researching cache behavior in Chromium, specifically in the context of shared caches between subdomains of the same eTLD+1.
Based on previous understanding and documentation, it seems that unless explicitly disabled via `Cache-Control`, cacheable resources can be reused across subdomains under the eTLD+1. For instance, if `a.example.com` fetches a cacheable resource, that resource could in theory be reused by `b.example.com` if it's under the same eTLD+1.
However, in testing across multiple providers — such as `amazonaws.com`, `oraclecloud.com` (which is not in the Public Suffix List), and Google/Microsoft-owned domains — I noticed that cache entries are **not** reused across subdomains, even when the resource is publicly cacheable and no restrictive headers are present.
To illustrate this, I conducted a simple test using two storage buckets:
- https://cacher13111.storage.googleapis.com/cached.html
- https://cacher131112.storage.googleapis.com/cached.html
Both pages attempt to load the same resource (with an almost identical URL in terms of file name, the only difference is the subdomain), and I expected the second to load from cache if the first had already been visited. However, Chromium seems to fetch the resource again from the network.
I’ve also attached a screen recording of this behavior for reference.
Is this the result of Chromium’s cache partitioning mechanisms? If so, I would like to know more about it, or is there something else at play?
I’d appreciate any clarification or documentation you can share on how this is currently handled.
Thanks in advance!
Best regards,
-- I’ve been researching cache behavior in Chromium, specifically in the context of shared caches between subdomains of the same eTLD+1.
Based on previous understanding and documentation, it seems that unless explicitly disabled via `Cache-Control`, cacheable resources can be reused across subdomains under the eTLD+1. For instance, if `a.example.com` fetches a cacheable resource, that resource could in theory be reused by `b.example.com` if it's under the same eTLD+1.
However, in testing across multiple providers — such as `amazonaws.com`, `oraclecloud.com` (which is not in the Public Suffix List), and Google/Microsoft-owned domains — I noticed that cache entries are **not** reused across subdomains, even when the resource is publicly cacheable and no restrictive headers are present.
To illustrate this, I conducted a simple test using two storage buckets:
- https://cacher13111.storage.googleapis.com/cached.html
- https://cacher131112.storage.googleapis.com/cached.html
Both pages attempt to load the same resource (with an almost identical URL in terms of file name, the only difference is the subdomain), and I expected the second to load from cache if the first had already been visited. However, Chromium seems to fetch the resource again from the network.
I’ve also attached a screen recording of this behavior for reference.
Is this the result of Chromium’s cache partitioning mechanisms? If so, I would like to know more about it, or is there something else at play?
I’d appreciate any clarification or documentation you can share on how this is currently handled.
Thanks in advance!
Best regards,
Liv Matan @ Ermetic research team
thefrog
Apr 28, 2025, 6:01:06 PMApr 28
to Liv, Andrew Williams
awillia@: could you help answer this?
Moving security-dev@ to bcc.
Reply all
Reply to author
Forward
0 new messages