HTTP Cache - Cache-Control Header


Cache-Control is a cache control header that specifies cache properties of the response such as:

  • enable / disable cache
  • the scope of the response (public / private)
  • the type (immutable, …)
  • and the age (ttl)


Cache in the browser only for the user

Cache-Control: private, no-transform, max-age=xxxxx'

No cache at all

Cache-Control: no-store

Cache but validate every time the freshness

Cache but validate every time the freshness.

Cache-Control: no-cache

Cache in the browser and proxy with a max-age

Cache-Control: public, maxage=[seconds]

No Cache for Proxy

Resources are not cached by proxy 1) if the Cache-Control header has one of the following value:

  • max-age=0 ors-max-age=0,
  • private,
  • no-cache, no-store
  • or an Expires header with an already expired date.

Value Description

The value description is:

Value Description Applies to
No, no
no-store Don't ever store this content
no-cache Re-validate before serving this content
no-transform Don't modify the content in transit (such as minify,…) intermediate caches
immutable Indicate that the resource if unexpired, is unchanged on the server and therefore should not send a conditional revalidation for it
Scope: Public vs Private (User)
private May be cached by the user's Browser / not by any intermediate caches (Default, Mutually exclusive with public). This content is for a single user All cache store
public Content can be cached anywhere (browser / intermediate caches) All cache store
For public cache (the Time to Live)
max-age=[seconds] Caches can store this content for n seconds All cache store
s-maxage=[seconds] Proxy Caches can store this content for n seconds Proxy cache
must-revalidate Indicates that once a resource becomes stale, caches must not use their stale copy without successful validation on the origin server. Browser
proxy-revalidate Same as must-revalidate, but only for shared caches (e.g., proxies). Ignored by private caches. Proxy cache
Stale rfc5861 - HTTP Cache-Control Extensions for Stale Content
stale-if-error allows a cache to return a stale response when an error – e.g., a 500 Internal Server Error, a network segment, or DNS failure – is encountered, rather than returning a “hard” error.
stale-while-revalidate allows a cache to immediately return a stale response while it revalidates it in the background, thereby hiding latency (both in the network and on the server) from clients.


How to set the Cache-Control header with Apache

If the mod_header is present, Apache can send the caching header.

Example in the root htaccess, max age is in second for files name that match a regular expression.

# Cache File
<IfModule mod_headers.c>
    # WEEK
    <FilesMatch "\.(jpg|jpeg|png|gif|swf)$">
        Header set Cache-Control "max-age=604800, public"

    # WEEK
    <FilesMatch "\.(js|css|swf)$">
        Header set Cache-Control "max-age=604800"

Powered by ComboStrap