What is the Cache-Control Header
Cache-control is an HTTP header used to specify browser caching policies in both client requests and server responses. Policies include how a resource is cached, where it’s cached and its maximum age before expiring (i.e., time to live).
The cache-control header is broken up into directives, the most common of which are detailed below:
Cache-Control: Max-Age
The max-age request directive defines, in seconds, the amount of time it takes for a cached copy of a resource to expire. After expiring, a browser must refresh its version of the resource by sending another request to a server.
For example, cache-control: max-age=120
means that the returned resource is valid for 120 seconds, after which the browser has to request a newer version.
Cache-Control: No-Cache
The no-cache directive means that a browser may cache a response, but must first submit a validation request to an origin server.
Cache-Control: No-Store
The no-store directive means browsers aren’t allowed to cache a response and must pull it from the server each time it’s requested. This setting is usually used for sensitive data, such as personal banking details.
Cache-Control: Public
The public response directive indicates that a resource can be cached by any cache.
Cache-Control: Private
The private response directive indicates that a resource is user specific—it can still be cached, but only on a client device. For example, a web page response marked as private can be cached by a desktop browser, but not a content delivery network (CDN).
Additional HTTP Cache Headers
In addition to cache-control, notable HTTP cache headers include:
- Expires – This header specifies a fixed date/time for the expiration of a cached resource. For example,
Expires: Sat, 13 May 2017 07:00:00 GMT
signals that the cached resource expires on May 13, 2017 at 7:00 am GMT. The expires header is respected even if a cache-control header with a max-age directive is present. - ETag – A response header that identifies the version of served content according to a token – a string of characters in quotes, e.g.,
"675af34563dc-tr34"
– that changes after a resource is modified. If a token is unchanged before a request is made, the browser continues to use its local version. - Vary – A header that determines the responses that must match a cached resource for it to be considered valid. For example, the header
Vary: Accept-Language, User-Agent
specifies that a cached version must exist for each combination of user agent and language.
CDNs and Cache-Control
The variety of caching headers can make manual cache management overwhelming. CDNs allow for granular cache policy management through a user-friendly dashboard, relieving you of the need to manually tweak individual headers.
In addition to simplifying cache management, CDNs augment the browser caching process using proxies. Proxy caching brings content closer to site visitors, accelerating the delivery of locally stored resources. This is especially beneficial for first-time visitors whose browsers have yet to cache site content.
Finally, more advanced CDNs use advanced automation techniques, including machine learning, to cache dynamically generated content and resources. This optimizes your caching policies and further speeds up content delivery.