I am trying to learn some basics about HTTP. I've inspected a some HTTP response headers and noticed 2 things that confused me:
There was no cache-control header and
ETag header was present.
The way I understood ETag is that, client sends ETag in a requests to a cache, and cache revalidates resources Etag with the server. But if there is no Cache-Control header in response, than all subsequent requests do the revalidation directly with the server and completely omit cache. Is this the case or am I missing something? Does something else happen when there is no cache-control header present in response? Why is ETag even present if all request will go to the server directly anyway?
Without the cache control header the browser requests the resource every time it loads a new(?) page.
The no-cache directive means that a browser may cache a response, but must first submit a validation request to an origin server.
An ETag (entity tag) is an HTTP header that is used to validate that the client (such as a mobile device) has the most recent version of a record. When a GET request is made, the ETag is returned as a response header. The ETag also allows the client to make conditional requests.
To use cache-control in HTML, you use the meta tag, e.g. The value in the content field is defined as one of the four values below. HTTP 1.1. Allowed values = PUBLIC | PRIVATE | NO-CACHE | NO-STORE.
The absence of a cache-control header does not mean a resource cannot be cached - it's up to the client (i.e. the web browser) to decide how to handle this undefined state.
Caching it (whether in memory or in disk) and only using that cached version if ETag validates seems a perfectly reasonable implementation to me.
If you don't want a resource cached then you should explicitly say this with a cache-control header of "max-age=0, no-store, no-cache, must-revalidate".
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With