Let me make two real-life assumptions:
- you cannot easily customize the code that generates
ETag
or Last-Modified
for you
- you are serving some static files
with this in mind, the most obvious difference is that for files, it's easy for you to either accidentally or purposely change the modification date, thus changing Last-Modified
header. (You could even, gasp, return to an earlier date.) In general case, you cannot impact ETag
so easily. Good or bad? Depends on your use case. If the code that generates ETag
is decent, I'd say it is better suited to a general use case aka just-works-out-of-the-box-dont-touch-the-knobs. But to know whether it's decent requires testing, especially testing upgrades and downgrades.
ETag is good for content that changes more than once per second (example: a heavily used chat), because Last-Modified only supports 1-second granularity.
ETag for compressed response should be re-generated by your server, it cannot be copied from uncompressed one. But it's much less CPU usage than compressing anyway.
With CORS, youu have Last-Modified
for free, but to have eTag
your server needs to support an extra header Access-Control-Expose-Headers: ETag
(MDN).