← Lessons

quiz vs the machine

Gold1390

Networking

The Cache Control Directives Revisited

Fine grained rules for who may store a response and for how long.

5 min read · core · beat Gold to climb

One Header, Many Rules

The Cache Control header is the modern way to govern caching. It carries a comma separated list of directives that apply to requests, responses, or both.

Freshness Directives

  • max age gives the freshness lifetime in seconds.
  • s maxage overrides max age for shared caches only.
  • no cache allows storage but forces revalidation before reuse.
  • no store forbids storing the response at all.

Scope Directives

  • public lets any cache, including shared proxies, store the response.
  • private restricts storage to the end user's browser cache.

Revalidation Control

must revalidate forbids serving a stale copy once it expires; the cache must check with the origin. This protects against serving outdated sensitive data.

A Common Mistake

People often confuse no cache with no store. No cache permits storage but requires a freshness check first, while no store bans keeping any copy. Reaching for no store too often defeats useful caching.

Key idea

Cache Control directives set freshness with max age, scope with public or private, and reuse rules with no cache versus no store, where no cache revalidates and no store forbids storage entirely.

Check yourself

Answer to earn rating on the learn ladder.

1. What is the difference between no cache and no store?

2. Which directive limits storage to the end user's own browser?