Useful directives and what they mean:
max-age=[seconds]: specifies the maximum amount of time that a resource will be considered fresh.
s-maxage=[seconds]: similar to
max-age, but only applies to shared caches.
public: marks authenticated responses as cacheable. Often redundant as other directives (e.g.,
max-age) imply that caches may store a copy.
private: allows only the end recipient of the response (e.g., the browser) to store a copy of it.
no-store: instructs caches not to keep a copy of the resource under any conditions.
no-cache: does not mean ‘no cache’. Will always revalidate with the server, and if there is no new content (
304), the cached resource can be retrieved; otherwise, a fresh copy will be downloaded.
no-cache, but with a grace period. Needs an associated
Cache-Control: must-revalidate, max-age=600.
proxy-revalidate: similiar to
must-revalidate, but only applies to shared caches.
stale-while-revalidate: provides a grace period for which the recipient can use an out-of-date resource while checking for a new version. E.g.,
Cache-Control: max-age=31536000, stale-while-revalidate=86400.
immutable: a way of telling the recipient that a file will never change and to never bother revalidating it. It completely cuts out the overhead of a roundtrip of latency. To be used with care.