Hinting to Clients that a Resource Should Not be Cached

Three main headers control caching whenever a client fetches a resource over HTTP:

  • Cache-Control - client cache control, defined for HTTP1.1
  • Pragma - client cache control, defined for HTTP1.0
  • Expires - proxy cache control, defined for both HTTP1.1 and HTTP1.0

For each of those protocols, the headers should reflect the values:

  • Cache-Control โ†’ no-cache, no-store, must-revalidate
  • Pragma โ†’ no-cache
  • Expires โ†’ 0

Note that other values can be set, such as private that, per definition, may implicitly make the browser not cache a resource - however the meaning of private refers to the fact that the resource is intended for a single user and must not be cached by a shared cache (RFC2616 section 14.9.1) which is different from the meaning of "not caching the resource under any circumstance".


fuss/http.txt ยท Last modified: 2017/02/22 18:30 (external edit)

Access website using Tor Access website using i2p


For the copyright, license, warranty and privacy terms for the usage of this website please see the license, privacy and plagiarism pages.