AppCache doesn't work on IE over SSL

Question

We have a website hosted over SSL in IIS, and we are facing issues while trying to make it work offline in IE.

We have the landing page bookmarked in IE 11, and we have the following IE Delete Browsing History settings so that IE doesn't delete Temporary Internet Files, Local Storage, and IndexedDB on browser exit (Notice Preserve Fav.. checkbox is checked).

When we visit the page in IE over HTTP/HTTPs, IE is caching the website properly, and IndexedDB data stores are getting created.

We are facing the following problems:

When we exit the browser

1. The IndexedDB for that domain is getting cleared (For both HTTP/HTTPs)
2. The Cached files (HTML, CSS, JS etc.) are present are present in Temporary Internet Files folder. But IE is unable to load the website in offline mode when accessed over HTTPs. When I monitor the network calls I can see that the call to the landing page gets aborted.

The website loads fine in offline mode when accessed over HTTP (no offline data of-course because IndexedDB is being wiped)

Temporary Solution

Currently we have both Temporary Internet Files ... and Cookies and website data unchecked to make our website work properly while offline.

Question

1. Is it normal for IE to wipe out the IndexedDB even though we have Preserve Favorites website data checked and the domain/landing page is bookmarked?
2. Why is that I can access the website in offline mode when over HTTP, and not over HTTPs, even though the temp files, manifest etc are still present.

Has anyone ever gotten an offline website to work over HTTPs with these browser settings?

Update:

We finally had to uncheck both the Temporary Internet Files.." &Cookies and website data` to make offline work properly. But it's still far from perfect. We are facing an intermittent issue where the cached page won't load when windows is shutdown overnight.

Answer 1

According to A Beginner's Guide to Using the Application Cache under Updating the Cache:

Once an application is offline it remains cached until one of the following happens:

1. The user clears their browser's data storage for your site.
2. The manifest file is modified. Note: updating a file listed in the manifest doesn't mean the browser will re-cache that resource. The manifest file itself must be altered.

If its an InPrivate browsing session, then I would expect the behavior you described. If IE is set to write SSL pages to disk (and its not InPrivate), then I would suspect these to be bugs in IE, or missing functionality with respect to AppCache.

See Avoid “Do not save encrypted pages to disk” on MSDN for a discussion. There's also an interesting footnote in the discussion:

Update: In IE10, the Do not save encrypted pages to disk option now behaves differently. Instead of trying to prevent HTTPS resources from being saved to disk, the option will delete cached-from-HTTPS resources from the cache when the browser is closed. This helps ensure that the browser works correctly even when this setting is enabled. The checkbox was slated to be retitled "Clear HTTPS cache when browser is closed" but we unfortunately ran out of time.

There's also Building Offline Experiences with HTML5 AppCache and IndexedDB on MSDN. It might offer some insight for you. Finally, there's the actual standard at 5.7 Offline Web applications and 5.7.2 AppCaches. But I don't see where the standard specifies behaviors for SSL/TLS loaded pages.

Because of Item (1) above, its going to make AppCache a problem child. Imagine a user deletes his word processing doc created in an offline web app. Or imagine a bank's provisioning secret created through WebCrypto gets whacked when the user clears his cache.

The problems seem endless, and it even breaks use cases from other working groups like WebCrypto.