Reputation: 6046
ETag with no Cache-Control header in http response
I am trying to learn some basics about HTTP. I've inspected a some HTTP response headers and noticed 2 things that confused me:
There was no cache-control header and
ETag header was present.
The way I understood ETag is that, client sends ETag in a requests to a cache, and cache revalidates resources Etag with the server. But if there is no Cache-Control header in response, than all subsequent requests do the revalidation directly with the server and completely omit cache. Is this the case or am I missing something? Does something else happen when there is no cache-control header present in response? Why is ETag even present if all request will go to the server directly anyway?
Upvotes: 7
Views: 4359
Answers (1)
Reputation: 46080
The absence of a cache-control header does not mean a resource cannot be cached - it's up to the client (i.e. the web browser) to decide how to handle this undefined state.
Caching it (whether in memory or in disk) and only using that cached version if ETag validates seems a perfectly reasonable implementation to me.
If you don't want a resource cached then you should explicitly say this with a cache-control header of "max-age=0, no-store, no-cache, must-revalidate".
Upvotes: 8
Related Questions
- HTTP GET with request body
- HTTP response code for POST when resource already exists
- Getting only response header from HTTP POST using cURL
- Difference between Pragma and Cache-Control headers?
- How to send a header using a HTTP request through a cURL call?
- Difference between no-cache and must-revalidate for Cache-Control?
- Response to preflight request doesn't pass access control check - No 'Access-Control-Allow-Origin' header
- ETag vs Header Expires
- What's the difference between Cache-Control: max-age=0 and no-cache?
- What is the "Upgrade-Insecure-Requests" HTTP header?