Cache-Control general-header field is used to specify directives for caching mechanisms in both requests and responses. Caching directives are unidirectional, meaning that a given directive in a request is not implying that the same directive is to be given in the response.
|Header type||General header|
|Forbidden header name||no|
The directives are case-insensitive and have an optional argument, that can use both token and quoted-string syntax. Multiple directives are comma-separated.
Cache request directives
Cache-Control directives that can be used by the client in an HTTP request.
Cache-Control: max-age=<seconds> Cache-Control: max-stale[=<seconds>] Cache-Control: min-fresh=<seconds> Cache-Control: no-cache Cache-Control: no-store Cache-Control: no-transform Cache-Control: only-if-cached
Cache response directives
Cache-Control directives that can be used by the server in an HTTP response.
Cache-Control: must-revalidate Cache-Control: no-cache Cache-Control: no-store Cache-Control: no-transform Cache-Control: public Cache-Control: private Cache-Control: proxy-revalidate Cache-Control: max-age=<seconds> Cache-Control: s-maxage=<seconds>
Cache-Control directives are not part of the core HTTP caching standards document. Be sure to check the compatibility table for their support.
Cache-Control: immutable Cache-Control: stale-while-revalidate=<seconds> Cache-Control: stale-if-error=<seconds>
- Indicates that the response may be cached by any cache.
- Indicates that the response is intended for a single user and must not be stored by a shared cache. A private cache may store the response.
- Forces caches to submit the request to the origin server for validation before releasing a cached copy.
- Indicates to not retrieve new data. This being the case, the server wishes the client to obtain a response only once and then cache. From this moment the client should keep releasing a cached copy and avoid contacting the origin-server to see if a newer copy exists.
- Specifies the maximum amount of time a resource will be considered fresh. Contrary to
Expires, this directive is relative to the time of the request.
Expiresheader, but it only applies to shared caches (e.g., proxies) and is ignored by a private cache.
- Indicates that the client is willing to accept a response that has exceeded its expiration time. Optionally, you can assign a value in seconds, indicating the time the response must not be expired by.
- Indicates that the client wants a response that will still be fresh for at least the specified number of seconds.
- Indicates that the client is willing to accept a stale response while asynchronously checking in the background for a fresh one. The seconds value indicates for how long the client is willing to accept a stale response.
- Indicates that the client is willing to accept a stale response if the check for a fresh one fails. The seconds value indicates for how long the client is willing to accept the stale response after the initial expiration.
Revalidation and reloading
- The cache must verify the status of the stale resources before using it and expired ones should not be used.
- Same as
must-revalidate, but it only applies to shared caches (e.g., proxies) and is ignored by a private cache.
- Indicates that the response body will not change over time. The resource, if unexpired, is unchanged on the server and therefore the client should not send a conditional revalidation for it (e.g.
If-Modified-Since) to check for updates, even when the user explicitly refreshes the page. Clients that aren't aware of this extension must ignore them as per the HTTP specification. In Firefox,
immutableis only honored on
https://transactions. For more information, see also this blog post.
- The cache should not store anything about the client request or server response.
- No transformations or conversions should be made to the resource. The Content-Encoding, Content-Range, Content-Type headers must not be modified by a proxy. A non- transparent proxy might, for example, convert between image formats in order to save cache space or to reduce the amount of traffic on a slow link. The
no-transformdirective disallows this.
To turn off caching, you can send the following response header. In addition, see also the
Cache-Control: no-cache, no-store, must-revalidate
Caching static assets
Cache-Control: public, max-age=31536000
|RFC 7234||Hypertext Transfer Protocol (HTTP/1.1): Caching|
|RFC 5861||HTTP Cache-Control Extensions for Stale Content|
|RFC 8246||HTTP Immutable Responses|
The compatibility table in this page is generated from structured data. If you'd like to contribute to the data, please check out https://github.com/mdn/browser-compat-data and send us a pull request.
|Feature||Android webview||Chrome for Android||Edge mobile||Firefox for Android||Opera Android||iOS Safari||Samsung Internet|
1. See Chromium bug 348877.
2. See Bugzilla bug 995651.