Lecture 7: Internet Applications #3.3: HTTP/1.1

Cache Control Mechanisms in HTTP/1.1

HTTP/1.1 introduced a new Cache-Control: header which significantly improved the operation of both private (browser) and shared (proxy) caches. This response header is complex: it has many, many possible combinations of value. Some common examples include:

Cache-Control: public: This entity is always cacheable, even in circumstances where it may not be obvious (eg, in response to a request with an Authorization: header.
Cache-Control: private: The reponse is not to be cached in proxy caches, and is intended for the use of the end-user alone. The response may be cached at the end-user browser.
Cache-Control: no-cache: Obvious. Don't cache this reponse anywhere. The no-store directive is even more restrictive.
Cache-Control: max-age=3600: Specifies a time, in seconds, after which the entity becomes "stale". The s-maxage variant specifically refers to proxy (shared) caches. Both of these are commonly combined with re-validation options, to give (for example):
Cache-Control: max-age=3600, must-revalidate: After 3600 seconds, the freshness of the entity must be checked at the originating server.

previous | start | next