How to make HTTP Cache Headers Work

Question

Can someone please help me with a HTTP caching question?

I thought that if I set the "Expires" and "Cache-Control:max-age" request headers, then a browser wouldn't make a GET request until after the max-age had passed?

My server is seeing lots of conditional GET requests, and it replies with a 304. However, I'd like to eliminate these conditional GETs if possible and have the browser only ask for a resource once it thinks it has expired.

Here's the details I get from the developer tools in Chrome:

Request URL:http://localhost:8080/img/branding.gif
Request Method:GET
Status Code:304 Not Modified

Request Headers:

Cache-Control:max-age=0
If-Modified-Since:Thu, 22 Jul 2010 10:54:34 GMT
Referer:http://localhost:8080/
User-Agent:Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.99 Safari/533.4

Response Headers:

Cache-Control:max-age=2246400, s-maxage=0
Connection:Keep-Alive
Content-Location:/img/branding.gif
Content-Type:image/gif
Date:Fri, 23 Jul 2010 15:06:10 GMT
Expires:Fri, 07 Jan 2011 15:06:10 GMT
Keep-Alive:timeout=15, max=100
Last-Modified:Thu, 22 Jul 2010 10:54:34 GMT
Pragma:cache
Server:Oracle Application Server Containers for J2EE 10g (9.0.4.0.0)

I set the cache headers in a filter in my Java code. The code is running on Oracle's OC4J.

Also, I want to run this over HTTPS. Will using the same headers work for HTTPS too?

Thanks in advance.

Answer 1

if you remove the Last-Modified and ETag header, you will totally eliminate If-Modified-Since and If-None-Match requests and their 304 Not Modified Responses, so a file will stay cached without checking for updates until the Expires header indicates new content is available.

source: http://www.askapache.com/htaccess/apache-speed-last-modified.html

Answer 2

I thought that if I set the "Expires" and "Cache-Control:max-age" request headers, then a browser wouldn't make a GET request until after the max-age had passed?

The problem is what occurs after max-age has expired. Then you get into a nasty cycle where the browser requests the content every time it sees a reference to it - and every time the webserver responds with a 304 not modified. Some browsers will even ask each time a file appears on the same page! The majority of time taken for a request is for the round trips for the TCP handshake then the HTTP headers - so this will often result in a page being even slower because you (nearly) supplied the caching details. The effect is even worse over SSL because that results in at least one extra round trip to the server and back.

The get out clause in the spec is that the webserver can respond to a conditional request by supplying the original file with new caching instructions - but in practice this can be rather hard to do.

If its apache 2.0 or later, then you can solve the problem by stripping out the conditional parts of the request using mod_headers (remove the if-modified-since AND the if-none-match lines in the request header). For 1.3 or earlier you can work around it by having a cron job which touches the files every N-days (where N is slightly less than your default cache time).

Also, I want to run this over HTTPS. Will using the same headers work for HTTPS too?

I'm guessing the example you showed is non-SSL. Yes this method will work for non-ssl, but do pay attention to the browser keep-alive (non-Microsoft webserver will get tangled in knots trying to talk over an SSL connection with Keep-alive, but it does improve performance a lot).

C.