Difference between Pragma and Cache-Control headers?
I read about Pragma header on Wikipedia which says:
"The Pragma: no-cache header field is an HTTP/1.0 header intended for use in requests. It is a means for the browser to tell the server and any intermediate caches that it wants a fresh version of the resource, not for the server to tell the browser not to cache the resource. Some user agents do pay attention to this header in responses, but the HTTP/1.1 RFC specifically warns against relying on this behavior."
But I haven't understood what it does? What is the difference between the Cache-Control header whose value is no-cache and Pragma whose value is also no-cache?
Pragma is the HTTP/1.0 implementation and cache-control is the HTTP/1.1 implementation of the same concept. They both are meant to prevent the client from caching the response. Older clients may not support HTTP/1.1 which is why that header is still in use.
There is no difference, except that Pragma is only defined as applicable to the requests by the client, whereas Cache-Control may be used by both the requests of the clients and the replies of the servers.
So, as far as standards go, they can only be compared from the perspective of the client making a requests and the server receiving a request from the client. The http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.32 defines the scenario as follows:
HTTP/1.1 caches SHOULD treat "Pragma: no-cache" as if the client had sent "Cache-Control: no-cache". No new Pragma directives will be defined in HTTP. Note: because the meaning of "Pragma: no-cache as a response header field is not actually specified, it does not provide a reliable replacement for "Cache-Control: no-cache" in a response
The way I would read the above:
if you're writing a client and need no-cache: just use Pragma: no-cache in your requests, since you may not know if Cache-Control is supported by the server; but in replies, to decide on whether to cache, check for Cache-Control
just use Pragma: no-cache in your requests, since you may not know if Cache-Control is supported by the server;
but in replies, to decide on whether to cache, check for Cache-Control
if you're writing a server: in parsing requests from the clients, check for Cache-Control; if not found, check for Pragma: no-cache, and execute the Cache-Control: no-cache logic; in replies, provide Cache-Control.
in parsing requests from the clients, check for Cache-Control; if not found, check for Pragma: no-cache, and execute the Cache-Control: no-cache logic;
in replies, provide Cache-Control.
Of course, reality might be different from what's written or implied in the RFC!
Cache-Control: max-age=86400 and Pragma: no-cache? Which one will then be honored by the modern browsers?
Pragma: no-cache is only defined for requests from the browser, and it would thus be entirely invalid and undefined in replies from the server to the browser, e.g., I'd imagine that every single browser (whether modern or not) should ignore such a header in any reply it may receive.
Stop using (HTTP 1.0) Replaced with (HTTP 1.1 since 1999) Expires: [date] Cache-Control: max-age=[seconds] Pragma: no-cache Cache-Control: no-cache
If it's after 1999, and you're still using Expires or Pragma, you're doing it wrong.
I'm looking at you Stackoverflow:
200 OK Pragma: no-cache Content-Type: application/json X-Frame-Options: SAMEORIGIN X-Request-Guid: a3433194-4a03-4206-91ea-6a40f9bfd824 Strict-Transport-Security: max-age=15552000 Content-Length: 54 Accept-Ranges: bytes Date: Tue, 03 Apr 2018 19:03:12 GMT Via: 1.1 varnish Connection: keep-alive X-Served-By: cache-yyz8333-YYZ X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1522782193.766958,VS0,VE30 Vary: Fastly-SSL X-DNS-Prefetch-Control: off Cache-Control: private
tl;dr: Pragma is a legacy of HTTP/1.0 and hasn't been needed since Internet Explorer 5, or Netscape 4.7. Unless you expect some of your users to be using IE5: it's safe to stop using it.
Expires: [date] (deprecated - HTTP 1.0)
Pragma: no-cache (deprecated - HTTP 1.0)
Cache-Control: max-age=[seconds]
Cache-Control: no-cache (must re-validate the cached copy every time)
And the conditional requests:
Etag (entity tag) based conditional requests Server: Etag: W/“1d2e7–1648e509289” Client: If-None-Match: W/“1d2e7–1648e509289” Server: 304 Not Modified
Server: Etag: W/“1d2e7–1648e509289”
Client: If-None-Match: W/“1d2e7–1648e509289”
Server: 304 Not Modified
Modified date based conditional requests Server: last-modified: Thu, 09 May 2019 19:15:47 GMT Client: If-Modified-Since: Fri, 13 Jul 2018 10:49:23 GMT Server: 304 Not Modified
Server: last-modified: Thu, 09 May 2019 19:15:47 GMT
Client: If-Modified-Since: Fri, 13 Jul 2018 10:49:23 GMT
Server: 304 Not Modified
last-modified: Thu, 09 May 2019 19:15:47 GMT
Pragma at all. (In HTTP/1.0, Pragma was defined as an extensible field for implementation-specified directives for recipients. This specification deprecates such extensions to improve interoperability.)
Follow WeChat
Success story sharing
Want to stay one step ahead of the latest teleworks?
Subscribe Now相似问题
- What's the difference between a POST and a PUT HTTP REQUEST?
- What is the difference between a URI, a URL and a URN?
- What is the difference between POST and PUT in HTTP?
- What's the difference between Cache-Control: max-age=0 and no-cache?
- what’s the difference between Expires and Cache-Control headers?
- Difference between no-cache and must-revalidate
- Why is it common to put CSRF prevention tokens in cookies?
- How does "304 Not Modified" work exactly?
Pragma: no-cacheis intended to be used only in requests (meaning "I want the original, not a cached copy") and its behaviour is not specified for responses.Cache-Control: no-cachehas the same meaning for requests but is actually also defined for responses, meaning "If you want to use a cached copy of this in future, you must first check with me that it is up-to-date (i.e. perform revalidation)".max-agewhich doesn't prevent caching. It just sets an expiration date for it...