I have a mess with this header, I have read that Cache-Control:must-revalidate oblige to validate all requests with the source before serving a cached item, but just the stale ones? or all no matter if stale or fresh? I have read both things in different places.
What is the difference with Cache-Control:no-cache ? Because these headers look equivalent to me.
UPDATE 1: I have read this from a book:
The
Cache-Control: must-revalidateresponse header tells the cache
to bypass the freshness calculation mechanisms and revalidate on every
access:
@Peter O. has pointed out what the RFC says. So that old book is wrong.
UPDATE 2: In this tutorial : http://www.mnot.net/cache_docs/
no-cache— forces caches to submit the request to the origin server
for validation before releasing a cached copy, every time. This is
useful to assure that authentication is respected (in combination with
public), or to maintain rigid freshness, without sacrificing all of
the benefits of caching.
must-revalidate— tells caches that they must
obey any freshness information you give them about a representation.
HTTP allows caches to serve stale representations under special
conditions; by specifying this header, you’re telling the cache that
you want it to strictly follow your rules.
Section 14.9.4 of HTTP/1.1:
Section 14.8 of HTTP/1.1:
So it appears that only stale responses must be revalidated if
must-revalidateis received.For
no-cache, see section 14.9.1:Thus,
no-cacheapplies both to fresh and stale responses.EDIT:
This phrase may be relevant here (section 13.3):
So,
must-revalidateis probably relevant when the cache has intermediatecaches, since otherwise the cache can check the intermediate cache for a
fresh response rather than check the origin server directly.