Being Cache-Unfriendly
What if you need (or want) to send cache-unfriendly, uncachable responses? To accomplish this, it’s only a matter of adding a few specific headers.
If you just want to count the requests, you don’t need to make
the response uncachable. Instead, you can make caches
revalidate the response for each client request. To do this,
use the no-cache
,
max-age=0
or
must-revalidate
directives. Of these,
no-cache
is the strongest,
max-age=0
is the weakest, and
must-revalidate
is somewhere in the middle.
To insert the no-cache
directive with
Apache’s headers module, use this
configuration line:
Header: append Cache-control no-cache
If you just want to prevent users from sharing a cached
response, you can use the private
directive. That still allows the response to be stored
in single-user caches.
If your goal is truly to defeat caching, you should use the
no-store
directive.
Cache-control
is an HTTP/1.1 feature; how can you ensure that
HTTP/1.0 agents do not store the response? Unfortunately,
this is a little bit confusing, and both of the following
techniques should probably be used.
According to the HTTP/1.0 specification RFC1945, “If the [Expires] date given is equal to or earlier than the value of the Date header, the recipient must not cache the enclosed entity.” This rule is unfortunate because expiration and cachability are really separate characteristics. Nonetheless, an HTTP/1.0-compliant cache should not cache a response if the date and expires values are identical ...
Get Web Caching now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.