only-if-cached Set by the client to indicate "do not use the network" for the response. It therefore forbids a proxy or browser feature, such as Google’s Web Light, from converting images to minimize data for a cache store or slow connection. Other no-transform An intermediate cache or proxy cannot edit the response body, Content-Encoding, Content-Range, or Content-Type. For more information, see also this blog post. In Firefox, immutable is only honored on transactions. Clients that aren't aware of this extension must ignore them as per the HTTP specification. If-None-Match or If-Modified-Since) to check for updates, even when the user explicitly refreshes the page. The resource, if unexpired, is unchanged on the server and therefore the client should not send a conditional revalidation for it (e.g. immutable Indicates that the response body will not change over time. proxy-revalidate Like must-revalidate, but only for shared caches (e.g., proxies). Revalidation and reloading must-revalidate Indicates that once a resource becomes stale, caches must not use their stale copy without successful validation on the origin server. The seconds value indicates how long the client will accept the stale response after the initial expiration. stale-if-error= Indicates the client will accept a stale response if the check for a fresh one fails. See " Keeping things fresh with stale-while-revalidate" for more information. The seconds value indicates how long the client will accept a stale response. stale-while-revalidate= Indicates the client will accept a stale response, while asynchronously checking in the background for a fresh one. min-fresh= Indicates the client wants a response that will still be fresh for at least the specified number of seconds. An optional value in seconds indicates the upper limit of staleness the client will accept. max-stale Indicates the client will accept a stale response. s-maxage= Overrides max-age or the Expires header, but only for shared caches (e.g., proxies). Unlike Expires, this directive is relative to the time of the request. Expiration max-age= The maximum amount of time a resource is considered fresh. Setting must-revalidate does not make sense because in order to go through revalidation you need the response to be stored in a cache, which no-store prevents.
Although other directives may be set, this alone is the only directive you need in preventing cached responses on modern browsers. no-store The response may not be stored in any cache. This directive is not effective in preventing caches from storing your response. If you mean to not store the response in any cache, use no-store instead. However, the stored response MUST always go through validation with the origin server first before using it, therefore, you cannot use no-cache in-conjunction with immutable. no-cache The response may be stored by any cache, even if the response is normally non-cacheable. private The response may be stored only by a browser's cache, even if the response is normally non-cacheable. Public The response may be stored by any cache, even if the response is normally non-cacheable.
Cache-Control does not have no-store, or if proxy, does not have private and.Cache-Control: immutableĪ response is normally cached by the browser if: Check the compatibility table for their support user-agents that don't recognize them should ignore them. Cache-Control: must-revalidateĮxtension Cache-Control directives are not part of the core HTTP caching standards document. Standard Cache-Control directives that can be used by the server in an HTTP response. Standard Cache-Control directives that can be used by the client in an HTTP request. Some directives have an optional argument, which can be either a token or a quoted-string.Multiple directives are comma-separated.Case-insensitive, but lowercase is recommended.Header typeĬaching directives have the following rules to be valid: A given directive in a request does not mean the same directive should be in the response. The Cache-Control HTTP header holds directives (instructions) for caching in both requests and responses.