Cache-Control Headers

Question

I'm writing a small wrapper in PHP for the Cache-Control headers. I wanted to get a few details straight before I commit to a particular implementation.

I'm aware of all the directives and what they do, but it seems like a few of them could conflict. I'm assuming that if no-cache is present, than no other Cache-Control directive should be present (and also not set Pragma: no-cache, as it's actually a request header).

Does the presence of s-maxage imply public? And a private directive should remove public as well as s-maxage. Are there any caveats with setting no-store, no-transform, must-revalidate or proxy-revalidate in this manner? Are there other directives that conflict with each other?

And would no-cache and the gang conflict with any non-cache-control directive, such as Expires, etc?

Answer 1

I would recommend looking at

http://greenbytes.de/tech/webdav/draft-ietf-httpbis-p6-cache-17.html

and, if that doesn't answer it, to send feedback to the HTTPbis Working Group.

Answer 2

From my experience, even if you get all cache headers and directives theoretically right, whether or not the browsers and proxies do as they are told is another matter. I don't think there is a way around testing (which is painful). Especially with so many tablet and mobile devices around. http://www.procata.com/cachetest/ may help a bit. I am not aware of a reliable cache testing framework.

Then there is a certain confusion between HTTP 1.0 and HTTP 1.1 directives. Generally, backwards compatibility exists (but that should be tested as well). I would consider ignoring HTTP 1.0 directives entirely (which are: Pragma: No-cache and Expires) and focus on HTTP 1.1.

The hierarchy of the cache directives is explained in http://palisade.plynt.com/issues/2008Jul/cache-control-attributes/. Some of your questions are answered there.