When you browse any web page ( google.com, yahoo.com, bing.com ) in a modern web browser, if you inspect the request HTTP headers, you can find the cache-control : no-cache header, this header is always used in the HTTP response header. But why it is used in the HTTP request header, this article will tell you the reason.
If you do not know how to view the HTTP request headers with google chrome inspector, you can read the article How To View HTTP Headers, Cookies In Google Chrome, Firefox, Internet Explorer.
1. What Dose cache-control : no-cache Means.
- The cache-control header no-cache value will tell the intermediary proxies do not to return the cached web resource back to me immediately even the cached web resource is fresh ( not expired ).
- It tells the intermediary proxies to communicate with the original webserver to check whether the web resources have been modified or not.
- If not modified since the last check then return the cached version directly, otherwise, the intermediary proxies need to update the cached web resource to the newest version and return the newest version back to the client browser.
- This action will make the client browser communicate with the original web server, but if the web resource is not expired, it does not need to re-download the web page again.
- So in this way, we can make sure the web content is updated and reduce the web traffic.
2. Why Modern Web Browser Send cache-control: no-cache In HTTP Request Header.
- The main reason for the web browsers to send cache-control:no-cache request HTTP header is because of security especially for important websites such as bank account login pages.
- This way can make sure the returned web page is sent from the original web server, not modified by any intermediary proxy server.
- Because hackers can inject code in the proxy server to monitor user actions and save user data.