I just checked the cache-control header returned by webmasters.stackexchange.com. The only directive present in the response is cache-control: private. In this case, what are the default values for other directives including max-age? Should a client re-validate (checking if the content is modified on the server) for every request?
Asked
Active
Viewed 229 times
1
Kannan
- 2,343
- 11
- 24
1 Answers
1
Mozilla has a HTTP Caching FAQ that says:
[In this case] then the expiration calculation is essentially the algorithm described in RFC 2616 section 13.2.
...
The expiration time is computed as follows:
expirationTime = responseTime + freshnessLifetime - currentAgewhere
responseTimeis the time at which the response was received according to the browser....
The freshness lifetime is calculated based on several headers. ... If [neither
max-agenorExpiresheader are] present, then we look for aLast-Modifiedheader. If this header is present, then the cache's freshness lifetime is equal to the value of theDateheader minus the value of theLast-modifiedheader divided by 10.
When I investigated this heuristic of Last-modified / 10 for Why is this response being cached?, I found that all major browsers appear to use this same heuristic.
According to Cache-Control - HTTP | MDN, clients must only revalidate if one of the following headers is present:
no-cachemax-age=0, must-revalidate
Since neither of those headers are present in this case, no revalidation needs to occur.
Stephen Ostermiller
- 98,758
- 18
- 137
- 361
Last-modified:curl --head https://webmasters.stackexchange.com/questions/134583/default-cache-control-directives-and-behaviour-when-header-returns-only-privat/134589showslast-modified: Tue, 01 Jun 2021 11:11:17 GMT. It appears that the home page does not and I'm not sure what browsers assume in that case. I'd assume they have to use "modified just now" as the default because there is no other sane assumption. – Stephen Ostermiller Jun 01 '21 at 11:31