HTTP headers | cache-control

The Cache-Control header is a general header, that specifies the caching policies of server responses as well as client requests. Basically, it gives information about the manner in which a particular resource is cached, location of the cached resource, and its maximum age attained before getting expired i.e. time to live. Syntax:

Cache-Control: <directive> [, <directive>]*

Directives: This header accept 15 directive all of the described below:

• Public: This directive indicates that the response can be stored by any cache without any restriction. In case the response is non-cacheable, it can still be cached.
• Private:It indicates that only browser cache is eligible to store the response.
• no-cache: It indicates that the response can be stored by any cache without any restriction even if it is non-cacheable. The condition that needs to be satisfied here is that the stored response must be validated by the origin server before being used.
• no-store: It indicates that the response cannot be stored by any cache.
• max-age=<seconds>: It indicates the maximum amount of time a resource remains fresh and can be requested to be accessed.
• s-maxage=<seconds>: This directive is mainly used for shared cache by content delivery networks(CDNs). It overrides the max-age directive and expires header when present.
• max-stale[=<seconds>]: It indicates that only a stale response is accepted by the client. The optional time in seconds indicate the maximum limit of staleness which will be accepted by the client.
• min-fresh=<seconds>: It indicates that only the response which is fresh is accepted by the client for the specified duration of time specified in seconds.
• stale-while-revalidate=<seconds>: It indicates that the stale response will be accepted by the client along with asynchronously looking for fresh responses. The time in seconds represents the duration for which the client will accept stale response
• stale-if-error=<seconds>: It indicates that the stale response will be accepted by the client if the check for fresh one fails. The time in seconds represents the duration for which the client will accept a stale response after initial expiration.
• must-revalidate: It indicates caches cannot use their stale resources after they have become stale without getting it validated from the origin server.
• proxy-revalidate: This directive is similar to must-revalidate. However, it only works for shared caches and is ignored by the private caches.
• Immutable: It indicates that the response body remains unchanged over the period of time.
• no-transform: It indicates that the resources cannot be transformed or modified into another form.
• only-if-cached: It indicates that the network cannot be used for the response by the client. It means that the cache can use either stored response or 504 status code.

Examples:

• For Preventing cache, following response header can be used:

  Cache-Control: no-store

• For the purpose of caching static assets, the following response header can be used:

  Cache-Control: public, max-age=604800, immutable

• For Requiring revalidation, the following can be used:

  Cache-Control: no-cache
  Cache-Control: no-cache, max-age=0
  Cache-Control: no-cache, max-age=0, stale-while-revalidate=300

Supported Browsers: The browsers are compatible with HTTP Cache-Control header are listed below:

• Google Chrome
• Edge
• Firefox
• Internet Explorer
• Opera
• Safari