The latest articles on DEV Community by Gavin Clive (@gavin_clive). https://dev.to/gavin_clive https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3906582%2Fd8b4753a-0394-4caf-ac5a-bdc4545db758.jpg https://dev.to/gavin_clive en Gavin Clive Thu, 30 Apr 2026 18:47:23 +0000 https://dev.to/gavin_clive/frontend-engineers-should-care-more-about-infrastructure-id7 https://dev.to/gavin_clive/frontend-engineers-should-care-more-about-infrastructure-id7 <p>One <code>304 Not Modified</code> is easy to ignore. A page full of them is latency.</p> <p>We migrated CDN providers that quarter.</p> <p>The new provider was meaningfully cheaper, and its edge coverage in Southeast Asia looked comparable. The migration itself went smoothly. Traffic moved over, error rates stayed normal, and the infra team signed it off.</p> <p>One thing had changed underneath us: the <code>Cache-Control</code> headers our old provider had been injecting at the edge did not carry over.</p> <p>Before that migration, I did not think about those headers much. Not because they were unimportant, but because they had already been decided below the application layer. The asset pipeline emitted files, the CDN served them, the browser cached them, and the page worked.</p> <p>The new provider was still serving our static images correctly. <code>ETag</code> was present. Repeat loads returned <code>304 Not Modified</code>. Nothing obvious was being re-downloaded. At a glance, the network tab looked fine.</p> <p>Nothing was broken.</p> <p>That was what made it hard to spot.</p> <p>The browser was doing the responsible thing. The server was doing the responsible thing. DevTools showed small transfer sizes, and the status code looked like evidence that caching worked. If you were scanning for wasted bytes, you would move on.</p> <p>The LCP regression showed up two weeks later in RUM data.</p> <p>The moment it clicked was a Sentry trace from an icon-heavy page. It was not one suspicious request. It was a page full of tiny validations, all individually harmless-looking, sitting in the same trace. Together, they made the page feel like it was checking its pockets before every step.</p> <p>Without <code>Cache-Control</code> or <code>Expires</code>, the browser falls back to heuristic caching. Usually that means a short, unpredictable freshness window based on the gap between <code>Last-Modified</code> and the current date.</p> <p>So repeat visits kept sending conditional <code>GET</code> requests with <code>If-None-Match</code> to ask whether the image had changed. The server replied <code>304</code>. The image body was not downloaded again, but the browser still paid for a round trip before rendering the largest contentful element.</p> <p>In a Jakarta office on a fast connection, this was invisible.</p> <p>On a mid-range Android device on 4G, it compounded.</p> <p>LCP does not care that the requests ended in <code>304</code>. It cares that rendering waited.</p> <p>I already knew a <code>304</code> was not free. What I had not internalized was how invisible the aggregate could be. A validated cache hit saves bandwidth, but if a page is full of them, the latency still shows up in the trace.</p> <p>The distinction worth remembering is simple: <code>ETag</code> asks, has this changed? <code>Cache-Control</code> asks, do I need to ask right now?</p> <p>Without an explicit freshness policy, the browser can keep asking that question much sooner than you expect.</p> <p>For static product and UI images served at stable URLs, we should have been sending something like:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight http"><code><span class="err">Cache-Control: max-age=604800, stale-while-revalidate=86400 </span></code></pre> </div> <p>Seven days of freshness, with background revalidation after that. Repeat visits skip the validation request entirely, so the browser does not need to ask the edge before it can render.</p> <p>The important constraint is stable URLs. If the same URL can point to a different image tomorrow, a long <code>max-age</code> is a footgun. But for versioned assets, product images with controlled invalidation, and UI images that do not change under the same path, freshness is the point.</p> <p>This is now one of the checks I wish I had treated as frontend work. Not just whether the image loads. Not just whether the status is <code>200</code> or <code>304</code>. Check the trace for repeated validation spans. Check the response headers on the actual LCP resource. Check whether those spans sit before the LCP mark.</p> <p>The infra team did nothing wrong. The migration was correct.</p> <p>The old provider had simply been doing us a quiet favor, and we did not know enough to notice when it stopped.</p> <p>That was the real bug.</p> <p>If I had paired that icon-heavy Sentry trace with the missing <code>Cache-Control</code> header sooner, I would have found this in an afternoon instead of two weeks into a KPI cycle.</p> <p>After restoring explicit freshness on those media responses, repeat visits no longer had to validate the same image URLs before rendering.</p> <p>Sentry will tell you LCP is <code>4.2s</code>. Chrome DevTools will show you the waterfall. But if the response headers read like a foreign language, you can spend weeks looking for a frontend bug that is not in the codebase.</p> <p>The browser is the last mile.</p> <p>Infrastructure is the road under it.</p> <p>Frontend engineers should know what it is made of.</p> devops frontend performance webdev