DEV Community

Neil Madden
Neil Madden

Posted on

4

What Cache-Control headers do I need?

Understanding caching is an important part of web development. From a performance point of view, you don’t want a client to be downloading the same large file again and again. But from a security point of view, you don’t want sensitive data, such as users’ personal details, cached by shared web proxies and served to other users.

There are many aspects to HTTP caching, but the one that’s always confused me the most is the Cache-Control header. There are so many options! When should I use each one? Why does no-cache not mean “disable caching”??!

To help myself remember what all the options do I made this little flowchart. Hopefully you’ll find it useful too. If you spot an error, please contribute on GitHub. And if somebody wants to make a prettier version, please do! (Just credit me).

A flowchart of Cache-Control header options

PDF version

Top comments (1)

Collapse
 
mikaelgramont profile image
Mikael Gramont

Thank you for sharing this, it's always such a pain to read the RFC.

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more