idnits 2.17.1
draft-ietf-httpbis-p6-cache-19.txt:
Checking boilerplate required by RFC 5378 and the IETF Trust (see
https://trustee.ietf.org/license-info):
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/checklist :
----------------------------------------------------------------------------
No issues found here.
Miscellaneous warnings:
----------------------------------------------------------------------------
== The copyright year in the IETF Trust and authors Copyright Line does not
match the current year
-- The document seems to contain a disclaimer for pre-RFC5378 work, and may
have content which was first submitted before 10 November 2008. The
disclaimer is necessary when there are original authors that you have
been unable to contact, or if some do not wish to grant the BCP78 rights
to the IETF Trust. If you are able to get all authors (current and
original) to grant those rights, you can and should remove the
disclaimer; otherwise, the disclaimer is needed and you can ignore this
comment. (See the Legal Provisions document at
https://trustee.ietf.org/license-info for more information.)
-- The document date (March 12, 2012) is 4428 days in the past. Is this
intentional?
Checking references for intended status: Proposed Standard
----------------------------------------------------------------------------
(See RFCs 3967 and 4897 for information about using normative references
to lower-maturity documents in RFCs)
== Outdated reference: A later version (-26) exists of
draft-ietf-httpbis-p1-messaging-19
== Outdated reference: A later version (-26) exists of
draft-ietf-httpbis-p2-semantics-19
== Outdated reference: A later version (-26) exists of
draft-ietf-httpbis-p4-conditional-19
== Outdated reference: A later version (-26) exists of
draft-ietf-httpbis-p5-range-19
== Outdated reference: A later version (-26) exists of
draft-ietf-httpbis-p7-auth-19
-- Obsolete informational reference (is this intentional?): RFC 1305
(Obsoleted by RFC 5905)
-- Obsolete informational reference (is this intentional?): RFC 2616
(Obsoleted by RFC 7230, RFC 7231, RFC 7232, RFC 7233, RFC 7234, RFC 7235)
-- Obsolete informational reference (is this intentional?): RFC 5226
(Obsoleted by RFC 8126)
Summary: 0 errors (**), 0 flaws (~~), 6 warnings (==), 5 comments (--).
Run idnits with the --verbose option for more detailed information about
the items above.
--------------------------------------------------------------------------------
2 HTTPbis Working Group R. Fielding, Ed.
3 Internet-Draft Adobe
4 Obsoletes: 2616 (if approved) Y. Lafon, Ed.
5 Intended status: Standards Track W3C
6 Expires: September 13, 2012 M. Nottingham, Ed.
7 Rackspace
8 J. Reschke, Ed.
9 greenbytes
10 March 12, 2012
12 HTTP/1.1, part 6: Caching
13 draft-ietf-httpbis-p6-cache-19
15 Abstract
17 The Hypertext Transfer Protocol (HTTP) is an application-level
18 protocol for distributed, collaborative, hypertext information
19 systems. HTTP has been in use by the World Wide Web global
20 information initiative since 1990. This document is Part 6 of the
21 seven-part specification that defines the protocol referred to as
22 "HTTP/1.1" and, taken together, obsoletes RFC 2616.
24 Part 6 defines requirements on HTTP caches and the associated header
25 fields that control cache behavior or indicate cacheable response
26 messages.
28 Editorial Note (To be removed by RFC Editor)
30 Discussion of this draft should take place on the HTTPBIS working
31 group mailing list (ietf-http-wg@w3.org), which is archived at
32 .
34 The current issues list is at
35 and related
36 documents (including fancy diffs) can be found at
37 .
39 The changes in this draft are summarized in Appendix C.20.
41 Status of This Memo
43 This Internet-Draft is submitted in full conformance with the
44 provisions of BCP 78 and BCP 79.
46 Internet-Drafts are working documents of the Internet Engineering
47 Task Force (IETF). Note that other groups may also distribute
48 working documents as Internet-Drafts. The list of current Internet-
49 Drafts is at http://datatracker.ietf.org/drafts/current/.
51 Internet-Drafts are draft documents valid for a maximum of six months
52 and may be updated, replaced, or obsoleted by other documents at any
53 time. It is inappropriate to use Internet-Drafts as reference
54 material or to cite them other than as "work in progress."
56 This Internet-Draft will expire on September 13, 2012.
58 Copyright Notice
60 Copyright (c) 2012 IETF Trust and the persons identified as the
61 document authors. All rights reserved.
63 This document is subject to BCP 78 and the IETF Trust's Legal
64 Provisions Relating to IETF Documents
65 (http://trustee.ietf.org/license-info) in effect on the date of
66 publication of this document. Please review these documents
67 carefully, as they describe your rights and restrictions with respect
68 to this document. Code Components extracted from this document must
69 include Simplified BSD License text as described in Section 4.e of
70 the Trust Legal Provisions and are provided without warranty as
71 described in the Simplified BSD License.
73 This document may contain material from IETF Documents or IETF
74 Contributions published or made publicly available before November
75 10, 2008. The person(s) controlling the copyright in some of this
76 material may not have granted the IETF Trust the right to allow
77 modifications of such material outside the IETF Standards Process.
78 Without obtaining an adequate license from the person(s) controlling
79 the copyright in such materials, this document may not be modified
80 outside the IETF Standards Process, and derivative works of it may
81 not be created outside the IETF Standards Process, except to format
82 it for publication as an RFC or to translate it into languages other
83 than English.
85 Table of Contents
87 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5
88 1.1. Purpose . . . . . . . . . . . . . . . . . . . . . . . . . 5
89 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 5
90 1.3. Conformance and Error Handling . . . . . . . . . . . . . . 7
91 1.4. Syntax Notation . . . . . . . . . . . . . . . . . . . . . 7
92 1.4.1. Core Rules . . . . . . . . . . . . . . . . . . . . . . 8
93 1.4.2. ABNF Rules defined in other Parts of the
94 Specification . . . . . . . . . . . . . . . . . . . . 8
95 1.5. Delta Seconds . . . . . . . . . . . . . . . . . . . . . . 8
96 2. Cache Operation . . . . . . . . . . . . . . . . . . . . . . . 8
97 2.1. Response Cacheability . . . . . . . . . . . . . . . . . . 9
98 2.2. Constructing Responses from Caches . . . . . . . . . . . . 10
99 2.3. Freshness Model . . . . . . . . . . . . . . . . . . . . . 12
100 2.3.1. Calculating Freshness Lifetime . . . . . . . . . . . . 13
101 2.3.2. Calculating Age . . . . . . . . . . . . . . . . . . . 14
102 2.3.3. Serving Stale Responses . . . . . . . . . . . . . . . 16
103 2.4. Validation Model . . . . . . . . . . . . . . . . . . . . . 16
104 2.4.1. Freshening Responses with 304 Not Modified . . . . . . 17
105 2.5. Updating Caches with HEAD Responses . . . . . . . . . . . 18
106 2.6. Request Methods that Invalidate . . . . . . . . . . . . . 18
107 2.7. Shared Caching of Authenticated Responses . . . . . . . . 19
108 2.8. Caching Negotiated Responses . . . . . . . . . . . . . . . 19
109 2.9. Combining Partial Content . . . . . . . . . . . . . . . . 20
110 3. Header Field Definitions . . . . . . . . . . . . . . . . . . . 21
111 3.1. Age . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
112 3.2. Cache-Control . . . . . . . . . . . . . . . . . . . . . . 21
113 3.2.1. Request Cache-Control Directives . . . . . . . . . . . 22
114 3.2.2. Response Cache-Control Directives . . . . . . . . . . 24
115 3.2.3. Cache Control Extensions . . . . . . . . . . . . . . . 26
116 3.3. Expires . . . . . . . . . . . . . . . . . . . . . . . . . 27
117 3.4. Pragma . . . . . . . . . . . . . . . . . . . . . . . . . . 28
118 3.5. Vary . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
119 3.6. Warning . . . . . . . . . . . . . . . . . . . . . . . . . 30
120 3.6.1. 110 Response is Stale . . . . . . . . . . . . . . . . 31
121 3.6.2. 111 Revalidation Failed . . . . . . . . . . . . . . . 31
122 3.6.3. 112 Disconnected Operation . . . . . . . . . . . . . . 31
123 3.6.4. 113 Heuristic Expiration . . . . . . . . . . . . . . . 32
124 3.6.5. 199 Miscellaneous Warning . . . . . . . . . . . . . . 32
125 3.6.6. 214 Transformation Applied . . . . . . . . . . . . . . 32
126 3.6.7. 299 Miscellaneous Persistent Warning . . . . . . . . . 32
127 3.6.8. Warn Code Extensions . . . . . . . . . . . . . . . . . 32
128 4. History Lists . . . . . . . . . . . . . . . . . . . . . . . . 32
129 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 33
130 5.1. Cache Directive Registry . . . . . . . . . . . . . . . . . 33
131 5.2. Warn Code Registry . . . . . . . . . . . . . . . . . . . . 33
132 5.3. Header Field Registration . . . . . . . . . . . . . . . . 34
133 6. Security Considerations . . . . . . . . . . . . . . . . . . . 34
134 7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 34
135 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 35
136 8.1. Normative References . . . . . . . . . . . . . . . . . . . 35
137 8.2. Informative References . . . . . . . . . . . . . . . . . . 35
138 Appendix A. Changes from RFC 2616 . . . . . . . . . . . . . . . . 36
139 Appendix B. Collected ABNF . . . . . . . . . . . . . . . . . . . 36
140 Appendix C. Change Log (to be removed by RFC Editor before
141 publication) . . . . . . . . . . . . . . . . . . . . 37
142 C.1. Since RFC 2616 . . . . . . . . . . . . . . . . . . . . . . 38
143 C.2. Since draft-ietf-httpbis-p6-cache-00 . . . . . . . . . . . 38
144 C.3. Since draft-ietf-httpbis-p6-cache-01 . . . . . . . . . . . 38
145 C.4. Since draft-ietf-httpbis-p6-cache-02 . . . . . . . . . . . 39
146 C.5. Since draft-ietf-httpbis-p6-cache-03 . . . . . . . . . . . 39
147 C.6. Since draft-ietf-httpbis-p6-cache-04 . . . . . . . . . . . 39
148 C.7. Since draft-ietf-httpbis-p6-cache-05 . . . . . . . . . . . 39
149 C.8. Since draft-ietf-httpbis-p6-cache-06 . . . . . . . . . . . 40
150 C.9. Since draft-ietf-httpbis-p6-cache-07 . . . . . . . . . . . 40
151 C.10. Since draft-ietf-httpbis-p6-cache-08 . . . . . . . . . . . 40
152 C.11. Since draft-ietf-httpbis-p6-cache-09 . . . . . . . . . . . 41
153 C.12. Since draft-ietf-httpbis-p6-cache-10 . . . . . . . . . . . 41
154 C.13. Since draft-ietf-httpbis-p6-cache-11 . . . . . . . . . . . 42
155 C.14. Since draft-ietf-httpbis-p6-cache-12 . . . . . . . . . . . 42
156 C.15. Since draft-ietf-httpbis-p6-cache-13 . . . . . . . . . . . 42
157 C.16. Since draft-ietf-httpbis-p6-cache-14 . . . . . . . . . . . 42
158 C.17. Since draft-ietf-httpbis-p6-cache-15 . . . . . . . . . . . 43
159 C.18. Since draft-ietf-httpbis-p6-cache-16 . . . . . . . . . . . 43
160 C.19. Since draft-ietf-httpbis-p6-cache-17 . . . . . . . . . . . 43
161 C.20. Since draft-ietf-httpbis-p6-cache-18 . . . . . . . . . . . 43
162 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
164 1. Introduction
166 HTTP is typically used for distributed information systems, where
167 performance can be improved by the use of response caches. This
168 document defines aspects of HTTP/1.1 related to caching and reusing
169 response messages.
171 1.1. Purpose
173 An HTTP cache is a local store of response messages and the subsystem
174 that controls its message storage, retrieval, and deletion. A cache
175 stores cacheable responses in order to reduce the response time and
176 network bandwidth consumption on future, equivalent requests. Any
177 client or server MAY employ a cache, though a cache cannot be used by
178 a server that is acting as a tunnel.
180 The goal of caching in HTTP/1.1 is to significantly improve
181 performance by reusing a prior response message to satisfy a current
182 request. A stored response is considered "fresh", as defined in
183 Section 2.3, if the response can be reused without "validation"
184 (checking with the origin server to see if the cached response
185 remains valid for this request). A fresh cache response can
186 therefore reduce both latency and network transfers each time it is
187 reused. When a cached response is not fresh, it might still be
188 reusable if it can be freshened by validation (Section 2.4) or if the
189 origin is unavailable.
191 1.2. Terminology
193 This specification uses a number of terms to refer to the roles
194 played by participants in, and objects of, HTTP caching.
196 cache
198 A conformant implementation of a HTTP cache. Note that this
199 implies an HTTP/1.1 cache; this specification does not define
200 conformance for HTTP/1.0 caches.
202 shared cache
204 A cache that stores responses to be reused by more than one user;
205 usually (but not always) deployed as part of an intermediary.
207 private cache
209 A cache that is dedicated to a single user.
211 cacheable
213 A response is cacheable if a cache is allowed to store a copy of
214 the response message for use in answering subsequent requests.
215 Even when a response is cacheable, there might be additional
216 constraints on whether a cache can use the stored copy to satisfy
217 a particular request.
219 explicit expiration time
221 The time at which the origin server intends that a representation
222 no longer be returned by a cache without further validation.
224 heuristic expiration time
226 An expiration time assigned by a cache when no explicit expiration
227 time is available.
229 age
231 The age of a response is the time since it was sent by, or
232 successfully validated with, the origin server.
234 first-hand
236 A response is first-hand if the freshness model is not in use;
237 i.e., its age is 0.
239 freshness lifetime
241 The length of time between the generation of a response and its
242 expiration time.
244 fresh
246 A response is fresh if its age has not yet exceeded its freshness
247 lifetime.
249 stale
251 A response is stale if its age has passed its freshness lifetime
252 (either explicit or heuristic).
254 validator
256 A protocol element (e.g., an entity-tag or a Last-Modified time)
257 that is used to find out whether a stored response is an
258 equivalent copy of a representation. See Section 2.1 of [Part4].
260 strong validator
262 A validator that is defined by the origin server such that its
263 current value will change if the representation body changes;
264 i.e., an entity-tag that is not marked as weak (Section 2.3 of
265 [Part4]) or, if no entity-tag is provided, a Last-Modified value
266 that is strong in the sense defined by Section 2.2.2 of [Part4].
268 1.3. Conformance and Error Handling
270 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
271 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
272 document are to be interpreted as described in [RFC2119].
274 This document defines conformance criteria for several roles in HTTP
275 communication, including Senders, Recipients, Clients, Servers, User-
276 Agents, Origin Servers, Intermediaries, Proxies and Gateways. See
277 Section 2 of [Part1] for definitions of these terms.
279 An implementation is considered conformant if it complies with all of
280 the requirements associated with its role(s). Note that SHOULD-level
281 requirements are relevant here, unless one of the documented
282 exceptions is applicable.
284 This document also uses ABNF to define valid protocol elements
285 (Section 1.4). In addition to the prose requirements placed upon
286 them, Senders MUST NOT generate protocol elements that are invalid.
288 Unless noted otherwise, Recipients MAY take steps to recover a usable
289 protocol element from an invalid construct. However, HTTP does not
290 define specific error handling mechanisms, except in cases where it
291 has direct impact on security. This is because different uses of the
292 protocol require different error handling strategies; for example, a
293 Web browser may wish to transparently recover from a response where
294 the Location header field doesn't parse according to the ABNF,
295 whereby in a systems control protocol using HTTP, this type of error
296 recovery could lead to dangerous consequences.
298 1.4. Syntax Notation
300 This specification uses the Augmented Backus-Naur Form (ABNF)
301 notation of [RFC5234] with the list rule extension defined in Section
302 1.2 of [Part1]. Appendix B shows the collected ABNF with the list
303 rule expanded.
305 The following core rules are included by reference, as defined in
306 [RFC5234], Appendix B.1: ALPHA (letters), CR (carriage return), CRLF
307 (CR LF), CTL (controls), DIGIT (decimal 0-9), DQUOTE (double quote),
308 HEXDIG (hexadecimal 0-9/A-F/a-f), LF (line feed), OCTET (any 8-bit
309 sequence of data), SP (space), and VCHAR (any visible US-ASCII
310 character).
312 1.4.1. Core Rules
314 The core rules below are defined in [Part1]:
316 OWS =
317 quoted-string =
318 token =
320 1.4.2. ABNF Rules defined in other Parts of the Specification
322 The ABNF rules below are defined in other parts:
324 field-name =
325 HTTP-date =
326 port =
327 pseudonym =
328 uri-host =
330 1.5. Delta Seconds
332 The delta-seconds rule specifies a non-negative integer, representing
333 time in seconds.
335 delta-seconds = 1*DIGIT
337 If an implementation receives a delta-seconds value larger than the
338 largest positive integer it can represent, or if any of its
339 subsequent calculations overflows, it MUST consider the value to be
340 2147483648 (2^31). Recipients parsing a delta-seconds value MUST use
341 an arithmetic type of at least 31 bits of range, and senders MUST NOT
342 send delta-seconds with a value greater than 2147483648.
344 2. Cache Operation
346 Proper cache operation preserves the semantics of HTTP transfers
347 ([Part2]) while eliminating the transfer of information already held
348 in the cache. Although caching is an entirely OPTIONAL feature of
349 HTTP, we assume that reusing the cached response is desirable and
350 that such reuse is the default behavior when no requirement or
351 locally-desired configuration prevents it. Therefore, HTTP cache
352 requirements are focused on preventing a cache from either storing a
353 non-reusable response or reusing a stored response inappropriately.
355 Each cache entry consists of a cache key and one or more HTTP
356 responses corresponding to prior requests that used the same key.
357 The most common form of cache entry is a successful result of a
358 retrieval request: i.e., a 200 (OK) response containing a
359 representation of the resource identified by the request target.
360 However, it is also possible to cache negative results (e.g., 404 not
361 found), incomplete results (e.g., 206 partial content), and responses
362 to safe methods other than GET if the method's definition allows such
363 caching and defines something suitable for use as a cache key.
365 The default cache key consists of the request method and target URI.
366 However, since HTTP caches in common use today are typically limited
367 to caching responses to GET, most implementations simply decline
368 other methods and use only the URI as the key.
370 If a request target is subject to content negotiation, its cache
371 entry might consist of multiple stored responses, each differentiated
372 by a secondary key for the values of the original request's selecting
373 header fields (Section 2.8).
375 2.1. Response Cacheability
377 A cache MUST NOT store a response to any request, unless:
379 o The request method is understood by the cache and defined as being
380 cacheable, and
382 o the response status code is understood by the cache, and
384 o the "no-store" cache directive (see Section 3.2) does not appear
385 in request or response header fields, and
387 o the "private" cache response directive (see Section 3.2.2) does
388 not appear in the response, if the cache is shared, and
390 o the "Authorization" header field (see Section 4.1 of [Part7]) does
391 not appear in the request, if the cache is shared, unless the
392 response explicitly allows it (see Section 2.7), and
394 o the response either:
396 * contains an Expires header field (see Section 3.3), or
398 * contains a max-age response cache directive (see
399 Section 3.2.2), or
401 * contains a s-maxage response cache directive and the cache is
402 shared, or
404 * contains a Cache Control Extension (see Section 3.2.3) that
405 allows it to be cached, or
407 * has a status code that can be served with heuristic freshness
408 (see Section 2.3.1.1).
410 Note that any of the requirements listed above can be overridden by a
411 cache-control extension; see Section 3.2.3.
413 In this context, a cache has "understood" a request method or a
414 response status code if it recognizes it and implements any cache-
415 specific behavior.
417 Note that, in normal operation, most caches will not store a response
418 that has neither a cache validator nor an explicit expiration time,
419 as such responses are not usually useful to store. However, caches
420 are not prohibited from storing such responses.
422 A response message is considered complete when all of the octets
423 indicated by the message framing ([Part1]) are received prior to the
424 connection being closed. If the request is GET, the response status
425 is 200 (OK), and the entire response header block has been received,
426 a cache MAY store an incomplete response message body if the cache
427 entry is recorded as incomplete. Likewise, a 206 (Partial Content)
428 response MAY be stored as if it were an incomplete 200 (OK) cache
429 entry. However, a cache MUST NOT store incomplete or partial content
430 responses if it does not support the Range and Content-Range header
431 fields or if it does not understand the range units used in those
432 fields.
434 A cache MAY complete a stored incomplete response by making a
435 subsequent range request ([Part5]) and combining the successful
436 response with the stored entry, as defined in Section 2.9. A cache
437 MUST NOT use an incomplete response to answer requests unless the
438 response has been made complete or the request is partial and
439 specifies a range that is wholly within the incomplete response. A
440 cache MUST NOT send a partial response to a client without explicitly
441 marking it as such using the 206 (Partial Content) status code.
443 2.2. Constructing Responses from Caches
445 For a presented request, a cache MUST NOT return a stored response,
446 unless:
448 o The presented effective request URI (Section 5.5 of [Part1]) and
449 that of the stored response match, and
451 o the request method associated with the stored response allows it
452 to be used for the presented request, and
454 o selecting header fields nominated by the stored response (if any)
455 match those presented (see Section 2.8), and
457 o the presented request does not contain the no-cache pragma
458 (Section 3.4), nor the no-cache cache directive (Section 3.2.1),
459 unless the stored response is successfully validated
460 (Section 2.4), and
462 o the stored response does not contain the no-cache cache directive
463 (Section 3.2.2), unless it is successfully validated
464 (Section 2.4), and
466 o the stored response is either:
468 * fresh (see Section 2.3), or
470 * allowed to be served stale (see Section 2.3.3), or
472 * successfully validated (see Section 2.4).
474 Note that any of the requirements listed above can be overridden by a
475 cache-control extension; see Section 3.2.3.
477 When a stored response is used to satisfy a request without
478 validation, a cache MUST include a single Age header field
479 (Section 3.1) in the response with a value equal to the stored
480 response's current_age; see Section 2.3.2.
482 A cache MUST write through requests with methods that are unsafe
483 (Section 6.1.1 of [Part2]) to the origin server; i.e., a cache must
484 not generate a reply to such a request before having forwarded the
485 request and having received a corresponding response.
487 Also, note that unsafe requests might invalidate already stored
488 responses; see Section 2.6.
490 When more than one suitable response is stored, a cache MUST use the
491 most recent response (as determined by the Date header field). It
492 can also forward a request with "Cache-Control: max-age=0" or "Cache-
493 Control: no-cache" to disambiguate which response to use.
495 A cache that does not have a clock available MUST NOT use stored
496 responses without revalidating them on every use. A cache,
497 especially a shared cache, SHOULD use a mechanism, such as NTP
498 [RFC1305], to synchronize its clock with a reliable external
499 standard.
501 2.3. Freshness Model
503 When a response is "fresh" in the cache, it can be used to satisfy
504 subsequent requests without contacting the origin server, thereby
505 improving efficiency.
507 The primary mechanism for determining freshness is for an origin
508 server to provide an explicit expiration time in the future, using
509 either the Expires header field (Section 3.3) or the max-age response
510 cache directive (Section 3.2.2). Generally, origin servers will
511 assign future explicit expiration times to responses in the belief
512 that the representation is not likely to change in a semantically
513 significant way before the expiration time is reached.
515 If an origin server wishes to force a cache to validate every
516 request, it can assign an explicit expiration time in the past to
517 indicate that the response is already stale. Compliant caches will
518 normally validate the cached response before reusing it for
519 subsequent requests (see Section 2.3.3).
521 Since origin servers do not always provide explicit expiration times,
522 a cache MAY assign a heuristic expiration time when an explicit time
523 is not specified, employing algorithms that use other header field
524 values (such as the Last-Modified time) to estimate a plausible
525 expiration time. This specification does not provide specific
526 algorithms, but does impose worst-case constraints on their results.
528 The calculation to determine if a response is fresh is:
530 response_is_fresh = (freshness_lifetime > current_age)
532 The freshness_lifetime is defined in Section 2.3.1; the current_age
533 is defined in Section 2.3.2.
535 Additionally, clients can influence freshness calculation -- either
536 constraining it relaxing it -- by using the max-age and min-fresh
537 request cache directives. See Section 3.2.1 for details.
539 Note that freshness applies only to cache operation; it cannot be
540 used to force a user agent to refresh its display or reload a
541 resource. See Section 4 for an explanation of the difference between
542 caches and history mechanisms.
544 2.3.1. Calculating Freshness Lifetime
546 A cache can calculate the freshness lifetime (denoted as
547 freshness_lifetime) of a response by using the first match of:
549 o If the cache is shared and the s-maxage response cache directive
550 (Section 3.2.2) is present, use its value, or
552 o If the max-age response cache directive (Section 3.2.2) is
553 present, use its value, or
555 o If the Expires response header field (Section 3.3) is present, use
556 its value minus the value of the Date response header field, or
558 o Otherwise, no explicit expiration time is present in the response.
559 A heuristic freshness lifetime might be applicable; see
560 Section 2.3.1.1.
562 Note that this calculation is not vulnerable to clock skew, since all
563 of the information comes from the origin server.
565 2.3.1.1. Calculating Heuristic Freshness
567 If no explicit expiration time is present in a stored response that
568 has a status code whose definition allows heuristic freshness to be
569 used (including the following in Section 7 of [Part2]: 200, 203, 206,
570 300, 301 and 410), a cache MAY calculate a heuristic expiration time.
571 A cache MUST NOT use heuristics to determine freshness for responses
572 with status codes that do not explicitly allow it.
574 When a heuristic is used to calculate freshness lifetime, a cache
575 SHOULD attach a Warning header field with a 113 warn-code to the
576 response if its current_age is more than 24 hours and such a warning
577 is not already present.
579 Also, if the response has a Last-Modified header field (Section 2.2
580 of [Part4]), caches are encouraged to use a heuristic expiration
581 value that is no more than some fraction of the interval since that
582 time. A typical setting of this fraction might be 10%.
584 Note: RFC 2616 ([RFC2616], Section 13.9) required that caches do
585 not calculate heuristic freshness for URIs with query components
586 (i.e., those containing '?'). In practice, this has not been
587 widely implemented. Therefore, servers are encouraged to send
588 explicit directives (e.g., Cache-Control: no-cache) if they wish
589 to preclude caching.
591 2.3.2. Calculating Age
593 HTTP/1.1 uses the Age header field to convey the estimated age of the
594 response message when obtained from a cache. The Age field value is
595 the cache's estimate of the amount of time since the response was
596 generated or validated by the origin server. In essence, the Age
597 value is the sum of the time that the response has been resident in
598 each of the caches along the path from the origin server, plus the
599 amount of time it has been in transit along network paths.
601 The following data is used for the age calculation:
603 age_value
605 The term "age_value" denotes the value of the Age header field
606 (Section 3.1), in a form appropriate for arithmetic operation; or
607 0, if not available.
609 date_value
611 HTTP/1.1 requires origin servers to send a Date header field, if
612 possible, with every response, giving the time at which the
613 response was generated. The term "date_value" denotes the value
614 of the Date header field, in a form appropriate for arithmetic
615 operations. See Section 10.2 of [Part2] for the definition of the
616 Date header field, and for requirements regarding responses
617 without it.
619 now
621 The term "now" means "the current value of the clock at the host
622 performing the calculation". A cache SHOULD use NTP ([RFC1305])
623 or some similar protocol to synchronize its clocks to a globally
624 accurate time standard.
626 request_time
628 The current value of the clock at the host at the time the request
629 resulting in the stored response was made.
631 response_time
633 The current value of the clock at the host at the time the
634 response was received.
636 A response's age can be calculated in two entirely independent ways:
638 1. the "apparent_age": response_time minus date_value, if the local
639 clock is reasonably well synchronized to the origin server's
640 clock. If the result is negative, the result is replaced by
641 zero.
643 2. the "corrected_age_value", if all of the caches along the
644 response path implement HTTP/1.1. A cache MUST interpret this
645 value relative to the time the request was initiated, not the
646 time that the response was received.
648 apparent_age = max(0, response_time - date_value);
650 response_delay = response_time - request_time;
651 corrected_age_value = age_value + response_delay;
653 These SHOULD be combined as
655 corrected_initial_age = max(apparent_age, corrected_age_value);
657 unless the cache is confident in the value of the Age header (e.g.,
658 because there are no HTTP/1.0 hops in the Via header), in which case
659 the corrected_age_value MAY be used as the corrected_initial_age.
661 The current_age of a stored response can then be calculated by adding
662 the amount of time (in seconds) since the stored response was last
663 validated by the origin server to the corrected_initial_age.
665 resident_time = now - response_time;
666 current_age = corrected_initial_age + resident_time;
668 Additionally, to avoid common problems in date parsing:
670 o HTTP/1.1 clients and caches SHOULD assume that an RFC-850 date
671 which appears to be more than 50 years in the future is in fact in
672 the past (this helps solve the "year 2000" problem).
674 o Although all date formats are specified to be case-sensitive,
675 recipients SHOULD match day, week and timezone names case-
676 insensitively.
678 o An HTTP/1.1 implementation MAY internally represent a parsed
679 Expires date as earlier than the proper value, but MUST NOT
680 internally represent a parsed Expires date as later than the
681 proper value.
683 o All expiration-related calculations MUST be done in GMT. The
684 local time zone MUST NOT influence the calculation or comparison
685 of an age or expiration time.
687 o If an HTTP header field incorrectly carries a date value with a
688 time zone other than GMT, it MUST be converted into GMT using the
689 most conservative possible conversion.
691 2.3.3. Serving Stale Responses
693 A "stale" response is one that either has explicit expiry information
694 or is allowed to have heuristic expiry calculated, but is not fresh
695 according to the calculations in Section 2.3.
697 A cache MUST NOT return a stale response if it is prohibited by an
698 explicit in-protocol directive (e.g., by a "no-store" or "no-cache"
699 cache directive, a "must-revalidate" cache-response-directive, or an
700 applicable "s-maxage" or "proxy-revalidate" cache-response-directive;
701 see Section 3.2.2).
703 A cache MUST NOT return stale responses unless it is disconnected
704 (i.e., it cannot contact the origin server or otherwise find a
705 forward path) or doing so is explicitly allowed (e.g., by the max-
706 stale request directive; see Section 3.2.1).
708 A cache SHOULD append a Warning header field with the 110 warn-code
709 (see Section 3.6) to stale responses. Likewise, a cache SHOULD add
710 the 112 warn-code to stale responses if the cache is disconnected.
712 If a cache receives a first-hand response (either an entire response,
713 or a 304 (Not Modified) response) that it would normally forward to
714 the requesting client, and the received response is no longer fresh,
715 the cache can forward it to the requesting client without adding a
716 new Warning (but without removing any existing Warning header
717 fields). A cache shouldn't attempt to validate a response simply
718 because that response became stale in transit.
720 2.4. Validation Model
722 When a cache has one or more stored responses for a requested URI,
723 but cannot serve any of them (e.g., because they are not fresh, or
724 one cannot be selected; see Section 2.8), it can use the conditional
725 request mechanism [Part4] in the forwarded request to give the origin
726 server an opportunity to both select a valid stored response to be
727 used, and to update it. This process is known as "validating" or
728 "revalidating" the stored response.
730 When sending such a conditional request, a cache adds an If-Modified-
731 Since header field whose value is that of the Last-Modified header
732 field from the selected (see Section 2.8) stored response, if
733 available.
735 Additionally, a cache can add an If-None-Match header field whose
736 value is that of the ETag header field(s) from all responses stored
737 for the requested URI, if present. However, if any of the stored
738 responses contains only partial content, the cache shouldn't include
739 its entity-tag in the If-None-Match header field unless the request
740 is for a range that would be fully satisfied by that stored response.
742 Cache handling of a response to a conditional request is dependent
743 upon its status code:
745 o A 304 (Not Modified) response status code indicates that the
746 stored response can be updated and reused; see Section 2.4.1.
748 o A full response (i.e., one with a response body) indicates that
749 none of the stored responses nominated in the conditional request
750 is suitable. Instead, the cache can use the full response to
751 satisfy the request and MAY replace the stored response(s).
753 o However, if a cache receives a 5xx response while attempting to
754 validate a response, it can either forward this response to the
755 requesting client, or act as if the server failed to respond. In
756 the latter case, it can return a previously stored response (see
757 Section 2.3.3).
759 2.4.1. Freshening Responses with 304 Not Modified
761 When a cache receives a 304 (Not Modified) response and already has
762 one or more stored 200 (OK) responses for the same cache key, the
763 cache needs to identify which of the stored responses are updated by
764 this new response and then update the stored response(s) with the new
765 information provided in the 304 response.
767 o If the new response contains a strong validator, then that strong
768 validator identifies the selected representation. All of the
769 stored responses with the same strong validator are selected. If
770 none of the stored responses contain the same strong validator,
771 then this new response corresponds to a new selected
772 representation and MUST NOT update the existing stored responses.
774 o If the new response contains a weak validator and that validator
775 corresponds to one of the cache's stored responses, then the most
776 recent of those matching stored responses is selected.
778 o If the new response does not include any form of validator, there
779 is only one stored response, and that stored response also lacks a
780 validator, then that stored response is selected.
782 If a stored response is selected for update, the cache MUST:
784 o delete any Warning header fields in the stored response with warn-
785 code 1xx (see Section 3.6);
787 o retain any Warning header fields in the stored response with warn-
788 code 2xx; and,
790 o use other header fields provided in the 304 response to replace
791 all instances of the corresponding header fields in the stored
792 response.
794 2.5. Updating Caches with HEAD Responses
796 A response to the HEAD method is identical to what an equivalent
797 request made with a GET would have been, except it lacks a body.
798 This property of HEAD responses is used to both invalidate and update
799 cached GET responses.
801 If one or more stored GET responses can be selected (as per
802 Section 2.8) for a HEAD request, and the Content-Length, ETag or
803 Last-Modified value of a HEAD response differs from that in a
804 selected GET response, the cache MUST consider that selected response
805 to be stale.
807 If the Content-Length, ETag and Last-Modified values of a HEAD
808 response (when present) are the same as that in a selected GET
809 response (as per Section 2.8), the cache SHOULD update the remaining
810 headers in the stored response using the following rules:
812 o delete any Warning header fields in the stored response with warn-
813 code 1xx (see Section 3.6);
815 o retain any Warning header fields in the stored response with warn-
816 code 2xx; and,
818 o use other header fields provided in the response to replace all
819 instances of the corresponding header fields in the stored
820 response.
822 2.6. Request Methods that Invalidate
824 Because unsafe request methods (Section 6.1.1 of [Part2]) such as
825 PUT, POST or DELETE have the potential for changing state on the
826 origin server, intervening caches can use them to keep their contents
827 up-to-date.
829 A cache MUST invalidate the effective Request URI (Section 5.5 of
831 [Part1]) as well as the URI(s) in the Location and Content-Location
832 response header fields (if present) when a non-error response to a
833 request with an unsafe method is received.
835 However, a cache MUST NOT invalidate a URI from a Location or
836 Content-Location response header field if the host part of that URI
837 differs from the host part in the effective request URI (Section 5.5
838 of [Part1]). This helps prevent denial of service attacks.
840 A cache MUST invalidate the effective request URI (Section 5.5 of
841 [Part1]) when it receives a non-error response to a request with a
842 method whose safety is unknown.
844 Here, a "non-error response" is one with a 2xx or 3xx status code.
845 "Invalidate" means that the cache will either remove all stored
846 responses related to the effective request URI, or will mark these as
847 "invalid" and in need of a mandatory validation before they can be
848 returned in response to a subsequent request.
850 Note that this does not guarantee that all appropriate responses are
851 invalidated. For example, the request that caused the change at the
852 origin server might not have gone through the cache where a response
853 is stored.
855 2.7. Shared Caching of Authenticated Responses
857 A shared cache MUST NOT use a cached response to a request with an
858 Authorization header field (Section 4.1 of [Part7]) to satisfy any
859 subsequent request unless a cache directive that allows such
860 responses to be stored is present in the response.
862 In this specification, the following Cache-Control response
863 directives (Section 3.2.2) have such an effect: must-revalidate,
864 public, s-maxage.
866 Note that cached responses that contain the "must-revalidate" and/or
867 "s-maxage" response directives are not allowed to be served stale
868 (Section 2.3.3) by shared caches. In particular, a response with
869 either "max-age=0, must-revalidate" or "s-maxage=0" cannot be used to
870 satisfy a subsequent request without revalidating it on the origin
871 server.
873 2.8. Caching Negotiated Responses
875 When a cache receives a request that can be satisfied by a stored
876 response that has a Vary header field (Section 3.5), it MUST NOT use
877 that response unless all of the selecting header fields nominated by
878 the Vary header field match in both the original request (i.e., that
879 associated with the stored response), and the presented request.
881 The selecting header fields from two requests are defined to match if
882 and only if those in the first request can be transformed to those in
883 the second request by applying any of the following:
885 o adding or removing whitespace, where allowed in the header field's
886 syntax
888 o combining multiple header fields with the same field name (see
889 Section 3.2 of [Part1])
891 o normalizing both header field values in a way that is known to
892 have identical semantics, according to the header field's
893 specification (e.g., re-ordering field values when order is not
894 significant; case-normalization, where values are defined to be
895 case-insensitive)
897 If (after any normalization that might take place) a header field is
898 absent from a request, it can only match another request if it is
899 also absent there.
901 A Vary header field-value of "*" always fails to match, and
902 subsequent requests to that resource can only be properly interpreted
903 by the origin server.
905 The stored response with matching selecting header fields is known as
906 the selected response.
908 If multiple selected responses are available, the most recent
909 response (as determined by the Date header field) is used; see
910 Section 2.2.
912 If no selected response is available, the cache can forward the
913 presented request to the origin server in a conditional request; see
914 Section 2.4.
916 2.9. Combining Partial Content
918 A response might transfer only a partial representation if the
919 connection closed prematurely or if the request used one or more
920 Range specifiers ([Part5]). After several such transfers, a cache
921 might have received several ranges of the same representation. A
922 cache MAY combine these ranges into a single stored response, and
923 reuse that response to satisfy later requests, if they all share the
924 same strong validator and the cache complies with the client
925 requirements in Section 4.2 of [Part5].
927 When combining the new response with one or more stored responses, a
928 cache MUST:
930 o delete any Warning header fields in the stored response with warn-
931 code 1xx (see Section 3.6);
933 o retain any Warning header fields in the stored response with warn-
934 code 2xx; and,
936 o use other header fields provided in the new response, aside from
937 Content-Range, to replace all instances of the corresponding
938 header fields in the stored response.
940 3. Header Field Definitions
942 This section defines the syntax and semantics of HTTP/1.1 header
943 fields related to caching.
945 3.1. Age
947 The "Age" header field conveys the sender's estimate of the amount of
948 time since the response was generated or successfully validated at
949 the origin server. Age values are calculated as specified in
950 Section 2.3.2.
952 Age = delta-seconds
954 Age field-values are non-negative integers, representing time in
955 seconds (see Section 1.5).
957 The presence of an Age header field in a response implies that a
958 response is not first-hand. However, the converse is not true, since
959 HTTP/1.0 caches might not implement the Age header field.
961 3.2. Cache-Control
963 The "Cache-Control" header field is used to specify directives for
964 caches along the request/response chain. Such cache directives are
965 unidirectional in that the presence of a directive in a request does
966 not imply that the same directive is to be given in the response.
968 A cache MUST obey the requirements of the Cache-Control directives
969 defined in this section. See Section 3.2.3 for information about how
970 Cache-Control directives defined elsewhere are handled.
972 Note: HTTP/1.0 caches might not implement Cache-Control and might
973 only implement Pragma: no-cache (see Section 3.4).
975 A proxy, whether or not it implements a cache, MUST pass cache
976 directives through in forwarded messages, regardless of their
977 significance to that application, since the directives might be
978 applicable to all recipients along the request/response chain. It is
979 not possible to target a directive to a specific cache.
981 Cache directives are identified by a token, to be compared case-
982 insensitively, and have an optional argument.
984 Cache-Control = 1#cache-directive
986 cache-directive = cache-request-directive
987 / cache-response-directive
989 cache-extension = token [ "=" ( token / quoted-string ) ]
991 3.2.1. Request Cache-Control Directives
993 cache-request-directive =
994 "no-cache"
995 / "no-store"
996 / "max-age" "=" delta-seconds
997 / "max-stale" [ "=" delta-seconds ]
998 / "min-fresh" "=" delta-seconds
999 / "no-transform"
1000 / "only-if-cached"
1001 / cache-extension
1003 no-cache
1005 The no-cache request directive indicates that a cache MUST NOT use
1006 a stored response to satisfy the request without successful
1007 validation on the origin server.
1009 no-store
1011 The no-store request directive indicates that a cache MUST NOT
1012 store any part of either this request or any response to it. This
1013 directive applies to both private and shared caches. "MUST NOT
1014 store" in this context means that the cache MUST NOT intentionally
1015 store the information in non-volatile storage, and MUST make a
1016 best-effort attempt to remove the information from volatile
1017 storage as promptly as possible after forwarding it.
1019 This directive is NOT a reliable or sufficient mechanism for
1020 ensuring privacy. In particular, malicious or compromised caches
1021 might not recognize or obey this directive, and communications
1022 networks might be vulnerable to eavesdropping.
1024 Note that if a request containing this directive is satisfied from
1025 a cache, the no-store request directive does not apply to the
1026 already stored response.
1028 max-age
1030 The max-age request directive indicates that the client is
1031 unwilling to accept a response whose age is greater than the
1032 specified number of seconds. Unless the max-stale request
1033 directive is also present, the client is not willing to accept a
1034 stale response.
1036 max-stale
1038 The max-stale request directive indicates that the client is
1039 willing to accept a response that has exceeded its expiration
1040 time. If max-stale is assigned a value, then the client is
1041 willing to accept a response that has exceeded its expiration time
1042 by no more than the specified number of seconds. If no value is
1043 assigned to max-stale, then the client is willing to accept a
1044 stale response of any age.
1046 min-fresh
1048 The min-fresh request directive indicates that the client is
1049 willing to accept a response whose freshness lifetime is no less
1050 than its current age plus the specified time in seconds. That is,
1051 the client wants a response that will still be fresh for at least
1052 the specified number of seconds.
1054 no-transform
1056 The no-transform request directive indicates that an intermediary
1057 (whether or not it implements a cache) MUST NOT change the
1058 Content-Encoding, Content-Range or Content-Type request header
1059 fields, nor the request representation.
1061 only-if-cached
1063 The only-if-cached request directive indicates that the client
1064 only wishes to obtain a stored response. If it receives this
1065 directive, a cache SHOULD either respond using a stored response
1066 that is consistent with the other constraints of the request, or
1067 respond with a 504 (Gateway Timeout) status code. If a group of
1068 caches is being operated as a unified system with good internal
1069 connectivity, a member cache MAY forward such a request within
1070 that group of caches.
1072 3.2.2. Response Cache-Control Directives
1074 cache-response-directive =
1075 "public"
1076 / "private" [ "=" DQUOTE 1#field-name DQUOTE ]
1077 / "no-cache" [ "=" DQUOTE 1#field-name DQUOTE ]
1078 / "no-store"
1079 / "no-transform"
1080 / "must-revalidate"
1081 / "proxy-revalidate"
1082 / "max-age" "=" delta-seconds
1083 / "s-maxage" "=" delta-seconds
1084 / cache-extension
1086 public
1088 The public response directive indicates that a response whose
1089 associated request contains an 'Authentication' header MAY be
1090 stored (see Section 2.7).
1092 private
1094 The private response directive indicates that the response message
1095 is intended for a single user and MUST NOT be stored by a shared
1096 cache. A private cache MAY store the response.
1098 If the private response directive specifies one or more field-
1099 names, this requirement is limited to the field-values associated
1100 with the listed response header fields. That is, a shared cache
1101 MUST NOT store the specified field-names(s), whereas it MAY store
1102 the remainder of the response message.
1104 Note: This usage of the word "private" only controls where the
1105 response can be stored; it cannot ensure the privacy of the
1106 message content. Also, private response directives with field-
1107 names are often handled by implementations as if an unqualified
1108 private directive was received; i.e., the special handling for the
1109 qualified form is not widely implemented.
1111 no-cache
1113 The no-cache response directive indicates that the response MUST
1114 NOT be used to satisfy a subsequent request without successful
1115 validation on the origin server. This allows an origin server to
1116 prevent a cache from using it to satisfy a request without
1117 contacting it, even by caches that have been configured to return
1118 stale responses.
1120 If the no-cache response directive specifies one or more field-
1121 names, then a cache MAY use the response to satisfy a subsequent
1122 request, subject to any other restrictions on caching. However,
1123 any header fields in the response that have the field-name(s)
1124 listed MUST NOT be sent in the response to a subsequent request
1125 without successful revalidation with the origin server. This
1126 allows an origin server to prevent the re-use of certain header
1127 fields in a response, while still allowing caching of the rest of
1128 the response.
1130 Note: Most HTTP/1.0 caches will not recognize or obey this
1131 directive. Also, no-cache response directives with field-names
1132 are often handled by implementations as if an unqualified no-cache
1133 directive was received; i.e., the special handling for the
1134 qualified form is not widely implemented.
1136 no-store
1138 The no-store response directive indicates that a cache MUST NOT
1139 store any part of either the immediate request or response. This
1140 directive applies to both private and shared caches. "MUST NOT
1141 store" in this context means that the cache MUST NOT intentionally
1142 store the information in non-volatile storage, and MUST make a
1143 best-effort attempt to remove the information from volatile
1144 storage as promptly as possible after forwarding it.
1146 This directive is NOT a reliable or sufficient mechanism for
1147 ensuring privacy. In particular, malicious or compromised caches
1148 might not recognize or obey this directive, and communications
1149 networks might be vulnerable to eavesdropping.
1151 must-revalidate
1153 The must-revalidate response directive indicates that once it has
1154 become stale, a cache MUST NOT use the response to satisfy
1155 subsequent requests without successful validation on the origin
1156 server.
1158 The must-revalidate directive is necessary to support reliable
1159 operation for certain protocol features. In all circumstances a
1160 cache MUST obey the must-revalidate directive; in particular, if a
1161 cache cannot reach the origin server for any reason, it MUST
1162 generate a 504 (Gateway Timeout) response.
1164 The must-revalidate directive ought to be used by servers if and
1165 only if failure to validate a request on the representation could
1166 result in incorrect operation, such as a silently unexecuted
1167 financial transaction.
1169 proxy-revalidate
1171 The proxy-revalidate response directive has the same meaning as
1172 the must-revalidate response directive, except that it does not
1173 apply to private caches.
1175 max-age
1177 The max-age response directive indicates that the response is to
1178 be considered stale after its age is greater than the specified
1179 number of seconds.
1181 s-maxage
1183 The s-maxage response directive indicates that, in shared caches,
1184 the maximum age specified by this directive overrides the maximum
1185 age specified by either the max-age directive or the Expires
1186 header field. The s-maxage directive also implies the semantics
1187 of the proxy-revalidate response directive.
1189 no-transform
1191 The no-transform response directive indicates that an intermediary
1192 (regardless of whether it implements a cache) MUST NOT change the
1193 Content-Encoding, Content-Range or Content-Type response header
1194 fields, nor the response representation.
1196 3.2.3. Cache Control Extensions
1198 The Cache-Control header field can be extended through the use of one
1199 or more cache-extension tokens, each with an optional value.
1200 Informational extensions (those that do not require a change in cache
1201 behavior) can be added without changing the semantics of other
1202 directives. Behavioral extensions are designed to work by acting as
1203 modifiers to the existing base of cache directives. Both the new
1204 directive and the standard directive are supplied, such that
1205 applications that do not understand the new directive will default to
1206 the behavior specified by the standard directive, and those that
1207 understand the new directive will recognize it as modifying the
1208 requirements associated with the standard directive. In this way,
1209 extensions to the cache-control directives can be made without
1210 requiring changes to the base protocol.
1212 This extension mechanism depends on an HTTP cache obeying all of the
1213 cache-control directives defined for its native HTTP-version, obeying
1214 certain extensions, and ignoring all directives that it does not
1215 understand.
1217 For example, consider a hypothetical new response directive called
1218 "community" that acts as a modifier to the private directive. We
1219 define this new directive to mean that, in addition to any private
1220 cache, any cache that is shared only by members of the community
1221 named within its value may cache the response. An origin server
1222 wishing to allow the UCI community to use an otherwise private
1223 response in their shared cache(s) could do so by including
1225 Cache-Control: private, community="UCI"
1227 A cache seeing this header field will act correctly even if the cache
1228 does not understand the community cache-extension, since it will also
1229 see and understand the private directive and thus default to the safe
1230 behavior.
1232 A cache MUST ignore unrecognized cache directives; it is assumed that
1233 any cache directive likely to be unrecognized by an HTTP/1.1 cache
1234 will be combined with standard directives (or the response's default
1235 cacheability) such that the cache behavior will remain minimally
1236 correct even if the cache does not understand the extension(s).
1238 The HTTP Cache Directive Registry defines the name space for the
1239 cache directives.
1241 A registration MUST include the following fields:
1243 o Cache Directive Name
1245 o Pointer to specification text
1247 Values to be added to this name space require IETF Review (see
1248 [RFC5226], Section 4.1).
1250 The registry itself is maintained at
1251 .
1253 3.3. Expires
1255 The "Expires" header field gives the date/time after which the
1256 response is considered stale. See Section 2.3 for further discussion
1257 of the freshness model.
1259 The presence of an Expires field does not imply that the original
1260 resource will change or cease to exist at, before, or after that
1261 time.
1263 The field-value is an absolute date and time as defined by HTTP-date
1264 in Section 8 of [Part2]; a sender MUST use the rfc1123-date format.
1266 Expires = HTTP-date
1268 For example
1270 Expires: Thu, 01 Dec 1994 16:00:00 GMT
1272 A cache MUST treat other invalid date formats, especially including
1273 the value "0", as in the past (i.e., "already expired").
1275 Note: If a response includes a Cache-Control field with the max-
1276 age directive (see Section 3.2.2), that directive overrides the
1277 Expires field. Likewise, the s-maxage directive overrides Expires
1278 in shared caches.
1280 Historically, HTTP required the Expires field-value to be no more
1281 than a year in the future. While longer freshness lifetimes are no
1282 longer prohibited, extremely large values have been demonstrated to
1283 cause problems (e.g., clock overflows due to use of 32-bit integers
1284 for time values), and most caches will evict a response far sooner
1285 than that. Therefore, senders ought not produce them.
1287 An origin server without a clock MUST NOT assign Expires values to a
1288 response unless these values were associated with the resource by a
1289 system or user with a reliable clock. It MAY assign an Expires value
1290 that is known, at or before server configuration time, to be in the
1291 past (this allows "pre-expiration" of responses without storing
1292 separate Expires values for each resource).
1294 3.4. Pragma
1296 The "Pragma" header field allows backwards compatibility with
1297 HTTP/1.0 caches, so that clients can specify a "no-cache" request
1298 that they will understand (as Cache-Control was not defined until
1299 HTTP/1.1). When the Cache-Control header is also present and
1300 understood in a request, Pragma is ignored.
1302 In HTTP/1.0, Pragma was defined as an extensible field for
1303 implementation-specified directives for recipients. This
1304 specification deprecates such extensions to improve interoperability.
1306 Pragma = 1#pragma-directive
1307 pragma-directive = "no-cache" / extension-pragma
1308 extension-pragma = token [ "=" ( token / quoted-string ) ]
1310 When the Cache-Control header is not present in a request, the no-
1311 cache request pragma-directive MUST have the same effect on caches as
1312 if "Cache-Control: no-cache" were present (see Section 3.2.1).
1314 When sending a no-cache request, a client ought to include both the
1315 pragma and cache-control directives, unless Cache-Control: no-cache
1316 is purposefully omitted to target other Cache-Control response
1317 directives at HTTP/1.1 caches. For example:
1319 GET / HTTP/1.1
1320 Host: www.example.com
1321 Cache-Control: max-age=30
1322 Pragma: no-cache
1324 will constrain HTTP/1.1 caches to serve a response no older than 30
1325 seconds, while precluding implementations that do not understand
1326 Cache-Control from serving a cached response.
1328 Note: Because the meaning of "Pragma: no-cache" in responses is
1329 not specified, it does not provide a reliable replacement for
1330 "Cache-Control: no-cache" in them.
1332 3.5. Vary
1334 The "Vary" header field conveys the set of header fields that were
1335 used to select the representation.
1337 Caches use this information, in part, to determine whether a stored
1338 response can be used to satisfy a given request; see Section 2.8.
1339 determines, while the response is fresh, whether a cache is permitted
1340 to use the response to reply to a subsequent request without
1341 validation; see Section 2.8.
1343 In uncacheable or stale responses, the Vary field value advises the
1344 user agent about the criteria that were used to select the
1345 representation.
1347 Vary = "*" / 1#field-name
1349 The set of header fields named by the Vary field value is known as
1350 the selecting header fields.
1352 A server SHOULD include a Vary header field with any cacheable
1353 response that is subject to server-driven negotiation. Doing so
1354 allows a cache to properly interpret future requests on that resource
1355 and informs the user agent about the presence of negotiation on that
1356 resource. A server MAY include a Vary header field with a non-
1357 cacheable response that is subject to server-driven negotiation,
1358 since this might provide the user agent with useful information about
1359 the dimensions over which the response varies at the time of the
1360 response.
1362 A Vary field value of "*" signals that unspecified parameters not
1363 limited to the header fields (e.g., the network address of the
1364 client), play a role in the selection of the response representation;
1365 therefore, a cache cannot determine whether this response is
1366 appropriate. A proxy MUST NOT generate the "*" value.
1368 The field-names given are not limited to the set of standard header
1369 fields defined by this specification. Field names are case-
1370 insensitive.
1372 3.6. Warning
1374 The "Warning" header field is used to carry additional information
1375 about the status or transformation of a message that might not be
1376 reflected in the message. This information is typically used to warn
1377 about possible incorrectness introduced by caching operations or
1378 transformations applied to the payload of the message.
1380 Warnings can be used for other purposes, both cache-related and
1381 otherwise. The use of a warning, rather than an error status code,
1382 distinguishes these responses from true failures.
1384 Warning header fields can in general be applied to any message,
1385 however some warn-codes are specific to caches and can only be
1386 applied to response messages.
1388 Warning = 1#warning-value
1390 warning-value = warn-code SP warn-agent SP warn-text
1391 [SP warn-date]
1393 warn-code = 3DIGIT
1394 warn-agent = ( uri-host [ ":" port ] ) / pseudonym
1395 ; the name or pseudonym of the server adding
1396 ; the Warning header field, for use in debugging
1397 warn-text = quoted-string
1398 warn-date = DQUOTE HTTP-date DQUOTE
1400 Multiple warnings can be attached to a response (either by the origin
1401 server or by a cache), including multiple warnings with the same code
1402 number, only differing in warn-text.
1404 When this occurs, the user agent SHOULD inform the user of as many of
1405 them as possible, in the order that they appear in the response.
1407 Systems that generate multiple Warning header fields are encouraged
1408 to order them with this user agent behavior in mind. New Warning
1409 header fields are added after any existing Warning headers fields.
1411 Warnings are assigned three digit warn-codes. The first digit
1412 indicates whether the Warning is required to be deleted from a stored
1413 response after validation:
1415 o 1xx Warnings describe the freshness or validation status of the
1416 response, and so MUST be deleted by a cache after validation.
1417 They can only be generated by a cache when validating a cached
1418 entry, and MUST NOT be generated in any other situation.
1420 o 2xx Warnings describe some aspect of the representation that is
1421 not rectified by a validation (for example, a lossy compression of
1422 the representation) and MUST NOT be deleted by a cache after
1423 validation, unless a full response is returned, in which case they
1424 MUST be.
1426 If an implementation sends a message with one or more Warning header
1427 fields to a receiver whose version is HTTP/1.0 or lower, then the
1428 sender MUST include in each warning-value a warn-date that matches
1429 the Date header field in the message.
1431 If a system receives a message with a warning-value that includes a
1432 warn-date, and that warn-date is different from the Date value in the
1433 response, then that warning-value MUST be deleted from the message
1434 before storing, forwarding, or using it. (preventing the consequences
1435 of naive caching of Warning header fields.) If all of the warning-
1436 values are deleted for this reason, the Warning header field MUST be
1437 deleted as well.
1439 The following warn-codes are defined by this specification, each with
1440 a recommended warn-text in English, and a description of its meaning.
1442 3.6.1. 110 Response is Stale
1444 A cache SHOULD include this whenever the returned response is stale.
1446 3.6.2. 111 Revalidation Failed
1448 A cache SHOULD include this when returning a stale response because
1449 an attempt to validate the response failed, due to an inability to
1450 reach the server.
1452 3.6.3. 112 Disconnected Operation
1454 A cache SHOULD include this if it is intentionally disconnected from
1455 the rest of the network for a period of time.
1457 3.6.4. 113 Heuristic Expiration
1459 A cache SHOULD include this if it heuristically chose a freshness
1460 lifetime greater than 24 hours and the response's age is greater than
1461 24 hours.
1463 3.6.5. 199 Miscellaneous Warning
1465 The warning text can include arbitrary information to be presented to
1466 a human user, or logged. A system receiving this warning MUST NOT
1467 take any automated action, besides presenting the warning to the
1468 user.
1470 3.6.6. 214 Transformation Applied
1472 MUST be added by a proxy if it applies any transformation to the
1473 representation, such as changing the content-coding, media-type, or
1474 modifying the representation data, unless this Warning code already
1475 appears in the response.
1477 3.6.7. 299 Miscellaneous Persistent Warning
1479 The warning text can include arbitrary information to be presented to
1480 a human user, or logged. A system receiving this warning MUST NOT
1481 take any automated action.
1483 3.6.8. Warn Code Extensions
1485 The HTTP Warn Code Registry defines the name space for warn codes.
1487 A registration MUST include the following fields:
1489 o Warn Code (3 digits)
1491 o Short Description
1493 o Pointer to specification text
1495 Values to be added to this name space require IETF Review (see
1496 [RFC5226], Section 4.1).
1498 The registry itself is maintained at
1499 .
1501 4. History Lists
1503 User agents often have history mechanisms, such as "Back" buttons and
1504 history lists, that can be used to redisplay a representation
1505 retrieved earlier in a session.
1507 The freshness model (Section 2.3) does not necessarily apply to
1508 history mechanisms. I.e., a history mechanism can display a previous
1509 representation even if it has expired.
1511 This does not prohibit the history mechanism from telling the user
1512 that a view might be stale, or from honoring cache directives (e.g.,
1513 Cache-Control: no-store).
1515 5. IANA Considerations
1517 5.1. Cache Directive Registry
1519 The registration procedure for HTTP Cache Directives is defined by
1520 Section 3.2.3 of this document.
1522 The HTTP Cache Directive Registry shall be created at
1523 and be
1524 populated with the registrations below:
1526 +------------------------+------------------------------+
1527 | Cache Directive | Reference |
1528 +------------------------+------------------------------+
1529 | max-age | Section 3.2.1, Section 3.2.2 |
1530 | max-stale | Section 3.2.1 |
1531 | min-fresh | Section 3.2.1 |
1532 | must-revalidate | Section 3.2.2 |
1533 | no-cache | Section 3.2.1, Section 3.2.2 |
1534 | no-store | Section 3.2.1, Section 3.2.2 |
1535 | no-transform | Section 3.2.1, Section 3.2.2 |
1536 | only-if-cached | Section 3.2.1 |
1537 | private | Section 3.2.2 |
1538 | proxy-revalidate | Section 3.2.2 |
1539 | public | Section 3.2.2 |
1540 | s-maxage | Section 3.2.2 |
1541 | stale-if-error | [RFC5861], Section 4 |
1542 | stale-while-revalidate | [RFC5861], Section 3 |
1543 +------------------------+------------------------------+
1545 5.2. Warn Code Registry
1547 The registration procedure for HTTP Warn Codes is defined by
1548 Section 3.6.8 of this document.
1550 The HTTP Warn Code Registry shall be created at
1551 and be
1552 populated with the registrations below:
1554 +-----------+----------------------------------+---------------+
1555 | Warn Code | Short Description | Reference |
1556 +-----------+----------------------------------+---------------+
1557 | 110 | Response is Stale | Section 3.6.1 |
1558 | 111 | Revalidation Failed | Section 3.6.2 |
1559 | 112 | Disconnected Operation | Section 3.6.3 |
1560 | 113 | Heuristic Expiration | Section 3.6.4 |
1561 | 199 | Miscellaneous Warning | Section 3.6.5 |
1562 | 214 | Transformation Applied | Section 3.6.6 |
1563 | 299 | Miscellaneous Persistent Warning | Section 3.6.7 |
1564 +-----------+----------------------------------+---------------+
1566 5.3. Header Field Registration
1568 The Message Header Field Registry located at shall be
1570 updated with the permanent registrations below (see [RFC3864]):
1572 +-------------------+----------+----------+-------------+
1573 | Header Field Name | Protocol | Status | Reference |
1574 +-------------------+----------+----------+-------------+
1575 | Age | http | standard | Section 3.1 |
1576 | Cache-Control | http | standard | Section 3.2 |
1577 | Expires | http | standard | Section 3.3 |
1578 | Pragma | http | standard | Section 3.4 |
1579 | Vary | http | standard | Section 3.5 |
1580 | Warning | http | standard | Section 3.6 |
1581 +-------------------+----------+----------+-------------+
1583 The change controller is: "IETF (iesg@ietf.org) - Internet
1584 Engineering Task Force".
1586 6. Security Considerations
1588 Caches expose additional potential vulnerabilities, since the
1589 contents of the cache represent an attractive target for malicious
1590 exploitation. Because cache contents persist after an HTTP request
1591 is complete, an attack on the cache can reveal information long after
1592 a user believes that the information has been removed from the
1593 network. Therefore, cache contents need to be protected as sensitive
1594 information.
1596 7. Acknowledgments
1598 See Section 9 of [Part1].
1600 8. References
1601 8.1. Normative References
1603 [Part1] Fielding, R., Ed., Lafon, Y., Ed., and J. Reschke, Ed.,
1604 "HTTP/1.1, part 1: URIs, Connections, and Message
1605 Parsing", draft-ietf-httpbis-p1-messaging-19 (work in
1606 progress), March 2012.
1608 [Part2] Fielding, R., Ed., Lafon, Y., Ed., and J. Reschke, Ed.,
1609 "HTTP/1.1, part 2: Message Semantics",
1610 draft-ietf-httpbis-p2-semantics-19 (work in progress),
1611 March 2012.
1613 [Part4] Fielding, R., Ed., Lafon, Y., Ed., and J. Reschke, Ed.,
1614 "HTTP/1.1, part 4: Conditional Requests",
1615 draft-ietf-httpbis-p4-conditional-19 (work in progress),
1616 March 2012.
1618 [Part5] Fielding, R., Ed., Lafon, Y., Ed., and J. Reschke, Ed.,
1619 "HTTP/1.1, part 5: Range Requests and Partial Responses",
1620 draft-ietf-httpbis-p5-range-19 (work in progress),
1621 March 2012.
1623 [Part7] Fielding, R., Ed., Lafon, Y., Ed., and J. Reschke, Ed.,
1624 "HTTP/1.1, part 7: Authentication",
1625 draft-ietf-httpbis-p7-auth-19 (work in progress),
1626 March 2012.
1628 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
1629 Requirement Levels", BCP 14, RFC 2119, March 1997.
1631 [RFC5234] Crocker, D., Ed. and P. Overell, "Augmented BNF for Syntax
1632 Specifications: ABNF", STD 68, RFC 5234, January 2008.
1634 8.2. Informative References
1636 [RFC1305] Mills, D., "Network Time Protocol (Version 3)
1637 Specification, Implementation", RFC 1305, March 1992.
1639 [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
1640 Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
1641 Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.
1643 [RFC3864] Klyne, G., Nottingham, M., and J. Mogul, "Registration
1644 Procedures for Message Header Fields", BCP 90, RFC 3864,
1645 September 2004.
1647 [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
1648 IANA Considerations Section in RFCs", BCP 26, RFC 5226,
1649 May 2008.
1651 [RFC5861] Nottingham, M., "HTTP Cache-Control Extensions for Stale
1652 Content", RFC 5861, April 2010.
1654 Appendix A. Changes from RFC 2616
1656 Make the specified age calculation algorithm less conservative.
1657 (Section 2.3.2)
1659 Remove requirement to consider Content-Location in successful
1660 responses in order to determine the appropriate response to use.
1661 (Section 2.4)
1663 Clarify denial of service attack avoidance requirement.
1664 (Section 2.6)
1666 Change ABNF productions for header fields to only define the field
1667 value. (Section 3)
1669 Do not mention RFC 2047 encoding and multiple languages in Warning
1670 header fields anymore, as these aspects never were implemented.
1671 (Section 3.6)
1673 Appendix B. Collected ABNF
1675 Age = delta-seconds
1677 Cache-Control = *( "," OWS ) cache-directive *( OWS "," [ OWS
1678 cache-directive ] )
1680 Expires = HTTP-date
1682 HTTP-date =
1684 OWS =
1686 Pragma = *( "," OWS ) pragma-directive *( OWS "," [ OWS
1687 pragma-directive ] )
1689 Vary = "*" / ( *( "," OWS ) field-name *( OWS "," [ OWS field-name ]
1690 ) )
1692 Warning = *( "," OWS ) warning-value *( OWS "," [ OWS warning-value ]
1693 )
1695 cache-directive = cache-request-directive / cache-response-directive
1696 cache-extension = token [ "=" ( token / quoted-string ) ]
1697 cache-request-directive = "no-cache" / "no-store" / ( "max-age="
1698 delta-seconds ) / ( "max-stale" [ "=" delta-seconds ] ) / (
1699 "min-fresh=" delta-seconds ) / "no-transform" / "only-if-cached" /
1700 cache-extension
1701 cache-response-directive = "public" / ( "private" [ "=" DQUOTE *( ","
1702 OWS ) field-name *( OWS "," [ OWS field-name ] ) DQUOTE ] ) / (
1703 "no-cache" [ "=" DQUOTE *( "," OWS ) field-name *( OWS "," [ OWS
1704 field-name ] ) DQUOTE ] ) / "no-store" / "no-transform" /
1705 "must-revalidate" / "proxy-revalidate" / ( "max-age=" delta-seconds
1706 ) / ( "s-maxage=" delta-seconds ) / cache-extension
1708 delta-seconds = 1*DIGIT
1710 extension-pragma = token [ "=" ( token / quoted-string ) ]
1712 field-name =
1714 port =
1715 pragma-directive = "no-cache" / extension-pragma
1716 pseudonym =
1718 quoted-string =
1720 token =
1722 uri-host =
1724 warn-agent = ( uri-host [ ":" port ] ) / pseudonym
1725 warn-code = 3DIGIT
1726 warn-date = DQUOTE HTTP-date DQUOTE
1727 warn-text = quoted-string
1728 warning-value = warn-code SP warn-agent SP warn-text [ SP warn-date
1729 ]
1731 ABNF diagnostics:
1733 ; Age defined but not used
1734 ; Cache-Control defined but not used
1735 ; Expires defined but not used
1736 ; Pragma defined but not used
1737 ; Vary defined but not used
1738 ; Warning defined but not used
1740 Appendix C. Change Log (to be removed by RFC Editor before publication)
1741 C.1. Since RFC 2616
1743 Extracted relevant partitions from [RFC2616].
1745 C.2. Since draft-ietf-httpbis-p6-cache-00
1747 Closed issues:
1749 o : "Trailer"
1750 ()
1752 o : "Invalidation
1753 after Update or Delete"
1754 ()
1756 o : "Normative and
1757 Informative references"
1759 o : "Date reference
1760 typo"
1762 o : "Connection
1763 header text"
1765 o : "Informative
1766 references"
1768 o : "ISO-8859-1
1769 Reference"
1771 o : "Normative up-
1772 to-date references"
1774 o : "typo in
1775 13.2.2"
1777 Other changes:
1779 o Use names of RFC4234 core rules DQUOTE and HTAB (work in progress
1780 on )
1782 C.3. Since draft-ietf-httpbis-p6-cache-01
1784 Closed issues:
1786 o : "rel_path not
1787 used"
1789 Other changes:
1791 o Get rid of duplicate BNF rule names ("host" -> "uri-host") (work
1792 in progress on )
1794 o Add explicit references to BNF syntax and rules imported from
1795 other parts of the specification.
1797 C.4. Since draft-ietf-httpbis-p6-cache-02
1799 Ongoing work on IANA Message Header Field Registration
1800 ():
1802 o Reference RFC 3984, and update header field registrations for
1803 header fields defined in this document.
1805 C.5. Since draft-ietf-httpbis-p6-cache-03
1807 Closed issues:
1809 o : "Vary header
1810 classification"
1812 C.6. Since draft-ietf-httpbis-p6-cache-04
1814 Ongoing work on ABNF conversion
1815 ():
1817 o Use "/" instead of "|" for alternatives.
1819 o Introduce new ABNF rules for "bad" whitespace ("BWS"), optional
1820 whitespace ("OWS") and required whitespace ("RWS").
1822 o Rewrite ABNFs to spell out whitespace rules, factor out header
1823 field value format definitions.
1825 C.7. Since draft-ietf-httpbis-p6-cache-05
1827 This is a total rewrite of this part of the specification.
1829 Affected issues:
1831 o : "Definition of
1832 1xx Warn-Codes"
1834 o : "Placement of
1835 13.5.1 and 13.5.2"
1837 o : "The role of
1838 Warning and Semantic Transparency in Caching"
1840 o : "Methods and
1841 Caching"
1843 In addition: Final work on ABNF conversion
1844 ():
1846 o Add appendix containing collected and expanded ABNF, reorganize
1847 ABNF introduction.
1849 C.8. Since draft-ietf-httpbis-p6-cache-06
1851 Closed issues:
1853 o : "base for
1854 numeric protocol elements"
1856 Affected issues:
1858 o : "Vary and non-
1859 existant headers"
1861 C.9. Since draft-ietf-httpbis-p6-cache-07
1863 Closed issues:
1865 o : "Definition of
1866 1xx Warn-Codes"
1868 o : "Content-
1869 Location on 304 responses"
1871 o : "private and
1872 no-cache CC directives with headers"
1874 o : "RFC2047 and
1875 warn-text"
1877 C.10. Since draft-ietf-httpbis-p6-cache-08
1879 Closed issues:
1881 o : "serving
1882 negotiated responses from cache: header-specific canonicalization"
1884 o : "Effect of CC
1885 directives on history lists"
1887 o : "Cache
1888 Extensions can override no-store, etc."
1890 Affected issues:
1892 o : Status codes
1893 and caching
1895 Partly resolved issues:
1897 o : "Placement of
1898 13.5.1 and 13.5.2"
1900 C.11. Since draft-ietf-httpbis-p6-cache-09
1902 Closed issues:
1904 o : "Age
1905 calculation"
1907 o : "Clarify
1908 differences between / requirements for request and response CC
1909 directives"
1911 o : "Caching
1912 authenticated responses"
1914 o : "IANA registry
1915 for cache-control directives"
1917 o : "Heuristic
1918 caching of URLs with query components"
1920 Partly resolved issues:
1922 o : "Term for the
1923 requested resource's URI"
1925 C.12. Since draft-ietf-httpbis-p6-cache-10
1927 Closed issues:
1929 o : "Clarify
1930 entity / representation / variant terminology"
1932 o : "consider
1933 removing the 'changes from 2068' sections"
1935 o : "Allowing
1936 heuristic caching for new status codes"
1938 o Clean up TODOs and prose in "Combining Responses."
1940 C.13. Since draft-ietf-httpbis-p6-cache-11
1942 Closed issues:
1944 o : "Text about
1945 clock requirement for caches belongs in p6"
1947 C.14. Since draft-ietf-httpbis-p6-cache-12
1949 Closed issues:
1951 o : "Header
1952 Classification"
1954 o : "Clarify
1955 'public'"
1957 C.15. Since draft-ietf-httpbis-p6-cache-13
1959 Closed issues:
1961 o : "untangle
1962 ABNFs for header fields"
1964 C.16. Since draft-ietf-httpbis-p6-cache-14
1966 Closed issues:
1968 o : "Mismatch Vary"
1970 o : "Cache
1971 Invalidation only happens upon successful responses"
1973 o : "Recommend
1974 minimum sizes for protocol elements"
1976 o : "Proxies don't
1977 'understand' methods"
1979 o : "Cache
1980 Extensions can override no-store, etc."
1982 o : "Pragma"
1984 C.17. Since draft-ietf-httpbis-p6-cache-15
1986 Closed issues:
1988 o : "Motivate one-
1989 year limit for Expires"
1991 C.18. Since draft-ietf-httpbis-p6-cache-16
1993 Closed issues:
1995 o : "Document
1996 HTTP's error-handling philosophy"
1998 o : "Cache-Control
1999 directive case sensitivity"
2001 C.19. Since draft-ietf-httpbis-p6-cache-17
2003 Closed issues:
2005 o : "Interaction
2006 of request and response Cache-Control"
2008 o : "Refining age
2009 for 1.1 proxy chains"
2011 o : "warn-code
2012 registry"
2014 C.20. Since draft-ietf-httpbis-p6-cache-18
2016 Closed issues:
2018 o : "Combining
2019 HEAD responses"
2021 o : "Field names
2022 in cache-control header arguments"
2024 Index
2026 1
2027 110 Response is Stale (warn code) 31
2028 111 Revalidation Failed (warn code) 31
2029 112 Disconnected Operation (warn code) 31
2030 113 Heuristic Expiration (warn code) 32
2031 199 Miscellaneous Warning (warn code) 32
2033 2
2034 214 Transformation Applied (warn code) 32
2035 299 Miscellaneous Persistent Warning (warn code) 32
2037 A
2038 age 6
2039 Age header field 21
2041 C
2042 cache 5
2043 Cache Directives
2044 max-age 23, 26
2045 max-stale 23
2046 min-fresh 23
2047 must-revalidate 25
2048 no-cache 22, 24
2049 no-store 22, 25
2050 no-transform 23, 26
2051 only-if-cached 23
2052 private 24
2053 proxy-revalidate 26
2054 public 24
2055 s-maxage 26
2056 cache entry 8
2057 cache key 8
2058 Cache-Control header field 21
2059 cacheable 5
2061 E
2062 Expires header field 27
2063 explicit expiration time 6
2065 F
2066 first-hand 6
2067 fresh 6
2068 freshness lifetime 6
2070 G
2071 Grammar
2072 Age 21
2073 Cache-Control 22
2074 cache-extension 22
2075 cache-request-directive 22
2076 cache-response-directive 24
2077 delta-seconds 8
2078 Expires 28
2079 extension-pragma 28
2080 Pragma 28
2081 pragma-directive 28
2082 Vary 29
2083 warn-agent 30
2084 warn-code 30
2085 warn-date 30
2086 warn-text 30
2087 Warning 30
2088 warning-value 30
2090 H
2091 Header Fields
2092 Age 21
2093 Cache-Control 21
2094 Expires 27
2095 Pragma 28
2096 Vary 29
2097 Warning 30
2098 heuristic expiration time 6
2100 M
2101 max-age
2102 Cache Directive 23, 26
2103 max-stale
2104 Cache Directive 23
2105 min-fresh
2106 Cache Directive 23
2107 must-revalidate
2108 Cache Directive 25
2110 N
2111 no-cache
2112 Cache Directive 22, 24
2113 no-store
2114 Cache Directive 22, 25
2115 no-transform
2116 Cache Directive 23, 26
2118 O
2119 only-if-cached
2120 Cache Directive 23
2122 P
2123 Pragma header field 28
2124 private
2125 Cache Directive 24
2126 private cache 5
2127 proxy-revalidate
2128 Cache Directive 26
2129 public
2130 Cache Directive 24
2132 S
2133 s-maxage
2134 Cache Directive 26
2135 shared cache 5
2136 stale 6
2137 strong validator 7
2139 V
2140 validator 6
2141 strong 7
2142 Vary header field 29
2144 W
2145 Warn Codes
2146 110 Response is Stale 31
2147 111 Revalidation Failed 31
2148 112 Disconnected Operation 31
2149 113 Heuristic Expiration 32
2150 199 Miscellaneous Warning 32
2151 214 Transformation Applied 32
2152 299 Miscellaneous Persistent Warning 32
2153 Warning header field 30
2155 Authors' Addresses
2157 Roy T. Fielding (editor)
2158 Adobe Systems Incorporated
2159 345 Park Ave
2160 San Jose, CA 95110
2161 USA
2163 EMail: fielding@gbiv.com
2164 URI: http://roy.gbiv.com/
2165 Yves Lafon (editor)
2166 World Wide Web Consortium
2167 W3C / ERCIM
2168 2004, rte des Lucioles
2169 Sophia-Antipolis, AM 06902
2170 France
2172 EMail: ylafon@w3.org
2173 URI: http://www.raubacapeu.net/people/yves/
2175 Mark Nottingham (editor)
2176 Rackspace
2178 EMail: mnot@mnot.net
2179 URI: http://www.mnot.net/
2181 Julian F. Reschke (editor)
2182 greenbytes GmbH
2183 Hafenweg 16
2184 Muenster, NW 48155
2185 Germany
2187 Phone: +49 251 2807760
2188 Fax: +49 251 2807761
2189 EMail: julian.reschke@greenbytes.de
2190 URI: http://greenbytes.de/tech/webdav/