HTML and CSS Reference
In-Depth Information
The right solution is to send HTTP cache control headers with the pages that should not be cached. For example,
if you simply wanted to prevent all caching of a page, you'd tell the HTTP server to set Cache-Control to no-
cache . Then it would send an HTTP header such as this one before the page:
HTTP/1.0 200 OK
Cache-Control: no-cache
Date: Sat, 05 Apr 2008 15:52:40 GMT
Server: Apache/2
Last-Modified: Thu, 05 Apr 2008 09:41:05 GMT
ETag: "8aeb10-b6e7-5ea4ae40"
Content-Length: 46823
Content-Type: text/html; charset=iso-8859-1
Connection: close
Or perhaps the data is tied to a single user. It's OK for that user's browser to store the data in its local cache,
but you don't want shared proxy servers to send the same page to a different user. Then you'd set Cache-
Control to private :
Cache-Control: private
You can set an explicit amount of time for which the cache is valid using max-age . For instance, if you want
caches to hold on to a page for no more than an hour, set max-age to 3600 (seconds):
Cache-Control: max-age=3600
You can specify multiple values for Cache-Control separated by commas. For example, this header requests only
private caching for no more than an hour:
Cache-Control: private, max-age=3600
Table 7.1 lists the values you can use to control caching for GET requests.
Table 7.1. Cache-Control Header Values
Value
Meaning
public
Completely cacheable
private
Can be cached only by single-user caches, such as in a
browser; must not be cached by multiuser caches in
proxy servers
no-cache
Do not cache under any circumstances.
no-store
Like no-cache but stronger. Do not even write the data to
disk, not even temporarily. In practice, this is not very
reliable.
no-transform
Cache only as served—do not convert image formats, for
example.
must-revalidate
Do not allow the client to use a stale response, even if
the user has asked it to.
 
Search WWH ::




Custom Search