"no-cache" ​vs "max-age=0, must-revalidate, proxy-revalidate"

Question

What's the​ difference between a HTTP response with Cache-Control: no-cache vs Cache-Control: max-age=0, must-revalidate, proxy-revalidate?

Do browsers treat that as identical?

Answer 1

In general different Browsers do not behave exactly the same wrt. HTTP cache headers.

One small difference I remember (can't find the source, so I'm not 100% this is the exact behavior description) is that Chrome (afair) treat max-age=0 as if you specified max-age=10 (assuming the behavior difference is small enough, but performance impact is still meaningful).

In any case, here are some other examples of HTTP cache behavior difference between browsers:

• Some will give preference to HTTP 1.0 Cache header (Pragma), others will give preference to HTTP 1.1 Cache headers
• Some Browsers (FF + ?) don't honor no-store directive and store data in encrypted cache
• Some browsers ignore no-cache directive is specified after public, others don't.
• IE ignores max-age when vary is present.
• etc.

My overall recommendation would be to use both Cache-Control: no-cache, must-revalidate, proxy-revalidate, pragma: no-cache (HTTP 1.0) and Expires: 0 in order to ensure all browsers do not cache the content with these headers.