sajad torkamani


The Cache-control header can have one of three values:

  • public: public proxy servers can cache the response. Suitable for resources that can be shared between multiple users (e.g., home page logo or website icons).
  • private: only the browser can cache the response. Suitable for user-specific content (e.g., HTML page showing user’s images).
  • no-store: nobody should cache the response because it contains sensitive information that shouldn’t be persisted in memory.

A server can also specify a max-age value in the Cache-control header. This tells clients the number of seconds to cache the response.

HTTP/1.1 200 OK
Last-Modified: Wed, 25 Jan 2012 17:55:15 GMT
Expires: Sat, 22 Jan 2022 17:55:15 GMT
Cache-Control: max-age=315360000,public


If-Modified-Since can be used by clients to check if a cache is still valid.

GET http://… HTTP/1.1
If-Modified-Since: Wed, 25 Jan 2012 17:55:15 GMT

This tells a server that the client only needs the full response if the cache is stale. If the cache is still stale, the server responds with:

HTTP/1.1 304 Not Modified
Expires: Sat, 22 Jan 2022 17:16:19 GMT
Cache-Control: max-age=315360000,public

This tells the client it can still use its cache.


The ETag is usually computed (using a hash function) from the resource’s contents. If the resource changes, the server generates a new ETag. Clients can check if the ETag of a response matches an existing cache entry. If so, the cache is still valid, otherwise it’s time to invalidate the cache.

HTTP/1.1 200 OK 
Server: Apache 
Last-Modified: Fri, 06 Jan 2012 18:08:20 GMT 
ETag: "8e5bcd-59f-4b5dfef104d00" 
Content-Type: text/xml 
Vary: Accept-Encoding 
Content-Encoding: gzip 
Content-Length: 437


Tagged: HTTP