Right, so private/public I understand, although I’m not sure why the 304 response switched my cache headers to private only, rather than including no-cache.
Here’s my exact code
private readonly CacheControl DefaultCacheControl = CacheControl.NoCache | CacheControl.Private;
[RequiredApiPermission("Read Orders")]
public IHttpResult Get(OrderListRequest request)
{
var userInfo = GetUserInfo().ThrowOnBadUser();
OrderList orderList = orderManager.GetOrderListByCompany(userInfo.CompanyId, userInfo.TimeZoneId, request.Status, true);
if (request.ModifiedAfter.HasValue && orderList.Orders != null)
{
DateTime modifiedAfterDate = DateTimeOffset.FromUnixTimeSeconds(request.ModifiedAfter.Value).UtcDateTime;
orderList.Orders = orderList.Orders.ToList().Where(o => o.ModifiedDate >= modifiedAfterDate);
}
var converstion = ConvertOrderListResponse(orderList, userInfo);
return new HttpResult(converstion, converstion == null ? HttpStatusCode.NoContent : HttpStatusCode.OK)
{
LastModified = converstion?.Max(x => x.ModifiedDate),
CacheControl = DefaultCacheControl
};
}