Changeset 1751
- Timestamp:
- 09/07/12 23:44:03 (10 years ago)
- Location:
- draft-ietf-httpbis/latest
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
draft-ietf-httpbis/latest/p6-cache.html
r1745 r1751 452 452 } 453 453 @bottom-center { 454 content: "Expires January 1 0, 2013";454 content: "Expires January 11, 2013"; 455 455 } 456 456 @bottom-right { … … 475 475 <link rel="Index" href="#rfc.index"> 476 476 <link rel="Chapter" title="1 Introduction" href="#rfc.section.1"> 477 <link rel="Chapter" title="2 Cache Operation" href="#rfc.section.2"> 478 <link rel="Chapter" title="3 Header Field Definitions" href="#rfc.section.3"> 479 <link rel="Chapter" title="4 History Lists" href="#rfc.section.4"> 480 <link rel="Chapter" title="5 IANA Considerations" href="#rfc.section.5"> 481 <link rel="Chapter" title="6 Security Considerations" href="#rfc.section.6"> 482 <link rel="Chapter" title="7 Acknowledgments" href="#rfc.section.7"> 483 <link rel="Chapter" href="#rfc.section.8" title="8 References"> 477 <link rel="Chapter" title="2 Overview of Cache Operation" href="#rfc.section.2"> 478 <link rel="Chapter" title="3 Storing Responses in Caches" href="#rfc.section.3"> 479 <link rel="Chapter" title="4 Constructing Responses from Caches" href="#rfc.section.4"> 480 <link rel="Chapter" title="5 Updating Caches with HEAD Responses" href="#rfc.section.5"> 481 <link rel="Chapter" title="6 Request Methods that Invalidate" href="#rfc.section.6"> 482 <link rel="Chapter" title="7 Header Field Definitions" href="#rfc.section.7"> 483 <link rel="Chapter" title="8 History Lists" href="#rfc.section.8"> 484 <link rel="Chapter" title="9 IANA Considerations" href="#rfc.section.9"> 485 <link rel="Chapter" title="10 Security Considerations" href="#rfc.section.10"> 486 <link rel="Chapter" title="11 Acknowledgments" href="#rfc.section.11"> 487 <link rel="Chapter" href="#rfc.section.12" title="12 References"> 484 488 <link rel="Appendix" title="A Changes from RFC 2616" href="#rfc.section.A"> 485 489 <link rel="Appendix" title="B Collected ABNF" href="#rfc.section.B"> … … 494 498 <meta name="dct.creator" content="Reschke, J. F."> 495 499 <meta name="dct.identifier" content="urn:ietf:id:draft-ietf-httpbis-p6-cache-latest"> 496 <meta name="dct.issued" scheme="ISO8601" content="2012-07- 09">500 <meta name="dct.issued" scheme="ISO8601" content="2012-07-10"> 497 501 <meta name="dct.replaces" content="urn:ietf:rfc:2616"> 498 502 <meta name="dct.abstract" content="The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypertext information systems. HTTP has been in use by the World Wide Web global information initiative since 1990. This document is Part 6 of the seven-part specification that defines the protocol referred to as "HTTP/1.1" and, taken together, obsoletes RFC 2616. Part 6 defines requirements on HTTP caches and the associated header fields that control cache behavior or indicate cacheable response messages."> … … 520 524 </tr> 521 525 <tr> 522 <td class="left">Expires: January 1 0, 2013</td>526 <td class="left">Expires: January 11, 2013</td> 523 527 <td class="right">M. Nottingham, Editor</td> 524 528 </tr> … … 537 541 <tr> 538 542 <td class="left"></td> 539 <td class="right">July 9, 2012</td>543 <td class="right">July 10, 2012</td> 540 544 </tr> 541 545 </tbody> … … 567 571 in progress”. 568 572 </p> 569 <p>This Internet-Draft will expire on January 1 0, 2013.</p>573 <p>This Internet-Draft will expire on January 11, 2013.</p> 570 574 <h1><a id="rfc.copyrightnotice" href="#rfc.copyrightnotice">Copyright Notice</a></h1> 571 575 <p>Copyright © 2012 IETF Trust and the persons identified as the document authors. All rights reserved.</p> … … 597 601 </ul> 598 602 </li> 599 <li>2. <a href="#caching.overview">Cache Operation</a><ul> 600 <li>2.1 <a href="#response.cacheability">Response Cacheability</a></li> 601 <li>2.2 <a href="#constructing.responses.from.caches">Constructing Responses from Caches</a></li> 602 <li>2.3 <a href="#expiration.model">Freshness Model</a><ul> 603 <li>2.3.1 <a href="#calculating.freshness.lifetime">Calculating Freshness Lifetime</a><ul> 604 <li>2.3.1.1 <a href="#heuristic.freshness">Calculating Heuristic Freshness</a></li> 603 <li>2. <a href="#caching.overview">Overview of Cache Operation</a></li> 604 <li>3. <a href="#response.cacheability">Storing Responses in Caches</a><ul> 605 <li>3.1 <a href="#incomplete.responses">Storing Incomplete Responses</a></li> 606 <li>3.2 <a href="#caching.authenticated.responses">Storing Responses to Authenticated Requests</a></li> 607 </ul> 608 </li> 609 <li>4. <a href="#constructing.responses.from.caches">Constructing Responses from Caches</a><ul> 610 <li>4.1 <a href="#expiration.model">Freshness Model</a><ul> 611 <li>4.1.1 <a href="#calculating.freshness.lifetime">Calculating Freshness Lifetime</a></li> 612 <li>4.1.2 <a href="#heuristic.freshness">Calculating Heuristic Freshness</a></li> 613 <li>4.1.3 <a href="#age.calculations">Calculating Age</a></li> 614 <li>4.1.4 <a href="#serving.stale.responses">Serving Stale Responses</a></li> 615 </ul> 616 </li> 617 <li>4.2 <a href="#validation.model">Validation Model</a><ul> 618 <li>4.2.1 <a href="#freshening.responses">Freshening Responses with 304 Not Modified</a></li> 619 </ul> 620 </li> 621 <li>4.3 <a href="#caching.negotiated.responses">Using Negotiated Responses</a></li> 622 <li>4.4 <a href="#combining.responses">Combining Partial Content</a></li> 623 </ul> 624 </li> 625 <li>5. <a href="#head.effects">Updating Caches with HEAD Responses</a></li> 626 <li>6. <a href="#invalidation.after.updates.or.deletions">Request Methods that Invalidate</a></li> 627 <li>7. <a href="#header.field.definitions">Header Field Definitions</a><ul> 628 <li>7.1 <a href="#header.age">Age</a></li> 629 <li>7.2 <a href="#header.cache-control">Cache-Control</a><ul> 630 <li>7.2.1 <a href="#cache-request-directive">Request Cache-Control Directives</a><ul> 631 <li>7.2.1.1 <a href="#cache-request-directive.no-cache">no-cache</a></li> 632 <li>7.2.1.2 <a href="#cache-request-directive.no-store">no-store</a></li> 633 <li>7.2.1.3 <a href="#cache-request-directive.max-age">max-age</a></li> 634 <li>7.2.1.4 <a href="#cache-request-directive.max-stale">max-stale</a></li> 635 <li>7.2.1.5 <a href="#cache-request-directive.min-fresh">min-fresh</a></li> 636 <li>7.2.1.6 <a href="#cache-request-directive.no-transform">no-transform</a></li> 637 <li>7.2.1.7 <a href="#cache-request-directive.only-if-cached">only-if-cached</a></li> 605 638 </ul> 606 639 </li> 607 <li>2.3.2 <a href="#age.calculations">Calculating Age</a></li> 608 <li>2.3.3 <a href="#serving.stale.responses">Serving Stale Responses</a></li> 640 <li>7.2.2 <a href="#cache-response-directive">Response Cache-Control Directives</a><ul> 641 <li>7.2.2.1 <a href="#cache-response-directive.only-if-cached">public</a></li> 642 <li>7.2.2.2 <a href="#cache-response-directive.private">private</a></li> 643 <li>7.2.2.3 <a href="#cache-response-directive.no-cache">no-cache</a></li> 644 <li>7.2.2.4 <a href="#cache-response-directive.no-store">no-store</a></li> 645 <li>7.2.2.5 <a href="#cache-response-directive.must-revalidate">must-revalidate</a></li> 646 <li>7.2.2.6 <a href="#cache-response-directive.proxy-revalidate">proxy-revalidate</a></li> 647 <li>7.2.2.7 <a href="#cache-response-directive.max-age">max-age</a></li> 648 <li>7.2.2.8 <a href="#cache-response-directive.s-maxage">s-maxage</a></li> 649 <li>7.2.2.9 <a href="#cache-response-directive.no-transform">no-transform</a></li> 650 </ul> 651 </li> 652 <li>7.2.3 <a href="#cache.control.extensions">Cache Control Extensions</a></li> 609 653 </ul> 610 654 </li> 611 <li>2.4 <a href="#validation.model">Validation Model</a><ul> 612 <li>2.4.1 <a href="#freshening.responses">Freshening Responses with 304 Not Modified</a></li> 613 </ul> 614 </li> 615 <li>2.5 <a href="#head.effects">Updating Caches with HEAD Responses</a></li> 616 <li>2.6 <a href="#invalidation.after.updates.or.deletions">Request Methods that Invalidate</a></li> 617 <li>2.7 <a href="#caching.authenticated.responses">Shared Caching of Authenticated Responses</a></li> 618 <li>2.8 <a href="#caching.negotiated.responses">Caching Negotiated Responses</a></li> 619 <li>2.9 <a href="#combining.responses">Combining Partial Content</a></li> 620 </ul> 621 </li> 622 <li>3. <a href="#header.field.definitions">Header Field Definitions</a><ul> 623 <li>3.1 <a href="#header.age">Age</a></li> 624 <li>3.2 <a href="#header.cache-control">Cache-Control</a><ul> 625 <li>3.2.1 <a href="#cache-request-directive">Request Cache-Control Directives</a><ul> 626 <li>3.2.1.1 <a href="#cache-request-directive.no-cache">no-cache</a></li> 627 <li>3.2.1.2 <a href="#cache-request-directive.no-store">no-store</a></li> 628 <li>3.2.1.3 <a href="#cache-request-directive.max-age">max-age</a></li> 629 <li>3.2.1.4 <a href="#cache-request-directive.max-stale">max-stale</a></li> 630 <li>3.2.1.5 <a href="#cache-request-directive.min-fresh">min-fresh</a></li> 631 <li>3.2.1.6 <a href="#cache-request-directive.no-transform">no-transform</a></li> 632 <li>3.2.1.7 <a href="#cache-request-directive.only-if-cached">only-if-cached</a></li> 633 </ul> 634 </li> 635 <li>3.2.2 <a href="#cache-response-directive">Response Cache-Control Directives</a><ul> 636 <li>3.2.2.1 <a href="#cache-response-directive.only-if-cached">public</a></li> 637 <li>3.2.2.2 <a href="#cache-response-directive.private">private</a></li> 638 <li>3.2.2.3 <a href="#cache-response-directive.no-cache">no-cache</a></li> 639 <li>3.2.2.4 <a href="#cache-response-directive.no-store">no-store</a></li> 640 <li>3.2.2.5 <a href="#cache-response-directive.must-revalidate">must-revalidate</a></li> 641 <li>3.2.2.6 <a href="#cache-response-directive.proxy-revalidate">proxy-revalidate</a></li> 642 <li>3.2.2.7 <a href="#cache-response-directive.max-age">max-age</a></li> 643 <li>3.2.2.8 <a href="#cache-response-directive.s-maxage">s-maxage</a></li> 644 <li>3.2.2.9 <a href="#cache-response-directive.no-transform">no-transform</a></li> 645 </ul> 646 </li> 647 <li>3.2.3 <a href="#cache.control.extensions">Cache Control Extensions</a></li> 648 </ul> 649 </li> 650 <li>3.3 <a href="#header.expires">Expires</a></li> 651 <li>3.4 <a href="#header.pragma">Pragma</a></li> 652 <li>3.5 <a href="#header.vary">Vary</a></li> 653 <li>3.6 <a href="#header.warning">Warning</a><ul> 654 <li>3.6.1 <a href="#warn.110">110 Response is Stale</a></li> 655 <li>3.6.2 <a href="#warn.111">111 Revalidation Failed</a></li> 656 <li>3.6.3 <a href="#warn.112">112 Disconnected Operation</a></li> 657 <li>3.6.4 <a href="#warn.113">113 Heuristic Expiration</a></li> 658 <li>3.6.5 <a href="#warn.199">199 Miscellaneous Warning</a></li> 659 <li>3.6.6 <a href="#warn.214">214 Transformation Applied</a></li> 660 <li>3.6.7 <a href="#warn.299">299 Miscellaneous Persistent Warning</a></li> 661 <li>3.6.8 <a href="#warn.code.extensions">Warn Code Extensions</a></li> 655 <li>7.3 <a href="#header.expires">Expires</a></li> 656 <li>7.4 <a href="#header.pragma">Pragma</a></li> 657 <li>7.5 <a href="#header.vary">Vary</a></li> 658 <li>7.6 <a href="#header.warning">Warning</a><ul> 659 <li>7.6.1 <a href="#warn.110">110 Response is Stale</a></li> 660 <li>7.6.2 <a href="#warn.111">111 Revalidation Failed</a></li> 661 <li>7.6.3 <a href="#warn.112">112 Disconnected Operation</a></li> 662 <li>7.6.4 <a href="#warn.113">113 Heuristic Expiration</a></li> 663 <li>7.6.5 <a href="#warn.199">199 Miscellaneous Warning</a></li> 664 <li>7.6.6 <a href="#warn.214">214 Transformation Applied</a></li> 665 <li>7.6.7 <a href="#warn.299">299 Miscellaneous Persistent Warning</a></li> 666 <li>7.6.8 <a href="#warn.code.extensions">Warn Code Extensions</a></li> 662 667 </ul> 663 668 </li> 664 669 </ul> 665 670 </li> 666 <li> 4. <a href="#history.lists">History Lists</a></li>667 <li> 5. <a href="#IANA.considerations">IANA Considerations</a><ul>668 <li> 5.1 <a href="#cache.directive.registration">Cache Directive Registry</a></li>669 <li> 5.2 <a href="#warn.code.registration">Warn Code Registry</a></li>670 <li> 5.3 <a href="#header.field.registration">Header Field Registration</a></li>671 <li>8. <a href="#history.lists">History Lists</a></li> 672 <li>9. <a href="#IANA.considerations">IANA Considerations</a><ul> 673 <li>9.1 <a href="#cache.directive.registration">Cache Directive Registry</a></li> 674 <li>9.2 <a href="#warn.code.registration">Warn Code Registry</a></li> 675 <li>9.3 <a href="#header.field.registration">Header Field Registration</a></li> 671 676 </ul> 672 677 </li> 673 <li> 6. <a href="#security.considerations">Security Considerations</a></li>674 <li> 7. <a href="#acks">Acknowledgments</a></li>675 <li> 8. <a href="#rfc.references">References</a><ul>676 <li> 8.1 <a href="#rfc.references.1">Normative References</a></li>677 <li> 8.2 <a href="#rfc.references.2">Informative References</a></li>678 <li>10. <a href="#security.considerations">Security Considerations</a></li> 679 <li>11. <a href="#acks">Acknowledgments</a></li> 680 <li>12. <a href="#rfc.references">References</a><ul> 681 <li>12.1 <a href="#rfc.references.1">Normative References</a></li> 682 <li>12.2 <a href="#rfc.references.2">Informative References</a></li> 678 683 </ul> 679 684 </li> … … 698 703 </p> 699 704 <p id="rfc.section.1.1.p.2">The goal of caching in HTTP/1.1 is to significantly improve performance by reusing a prior response message to satisfy a current 700 request. A stored response is considered "fresh", as defined in <a href="#expiration.model" title="Freshness Model">Section 2.3</a>, if the response can be reused without "validation" (checking with the origin server to see if the cached response remains705 request. A stored response is considered "fresh", as defined in <a href="#expiration.model" title="Freshness Model">Section 4.1</a>, if the response can be reused without "validation" (checking with the origin server to see if the cached response remains 701 706 valid for this request). A fresh cache response can therefore reduce both latency and network transfers each time it is reused. 702 When a cached response is not fresh, it might still be reusable if it can be freshened by validation (<a href="#validation.model" title="Validation Model">Section 2.4</a>) or if the origin is unavailable.707 When a cached response is not fresh, it might still be reusable if it can be freshened by validation (<a href="#validation.model" title="Validation Model">Section 4.2</a>) or if the origin is unavailable. 703 708 </p> 704 709 <h2 id="rfc.section.1.2"><a href="#rfc.section.1.2">1.2</a> <a id="intro.terminology" href="#intro.terminology">Terminology</a></h2> … … 825 830 <div id="rfc.iref.c.4"></div> 826 831 <div id="rfc.iref.c.5"></div> 827 <h1 id="rfc.section.2"><a href="#rfc.section.2">2.</a> <a id="caching.overview" href="#caching.overview"> Cache Operation</a></h1>832 <h1 id="rfc.section.2"><a href="#rfc.section.2">2.</a> <a id="caching.overview" href="#caching.overview">Overview of Cache Operation</a></h1> 828 833 <p id="rfc.section.2.p.1">Proper cache operation preserves the semantics of HTTP transfers (<a href="#Part2" id="rfc.xref.Part2.2"><cite title="HTTP/1.1, part 2: Message Semantics, Payload and Content Negotiation">[Part2]</cite></a>) while eliminating the transfer of information already held in the cache. Although caching is an entirely <em class="bcp14">OPTIONAL</em> feature of HTTP, we assume that reusing the cached response is desirable and that such reuse is the default behavior when 829 834 no requirement or locally-desired configuration prevents it. Therefore, HTTP cache requirements are focused on preventing … … 832 837 <p id="rfc.section.2.p.2">Each <dfn>cache entry</dfn> consists of a cache key and one or more HTTP responses corresponding to prior requests that used the same key. The most common 833 838 form of cache entry is a successful result of a retrieval request: i.e., a <a href="p2-semantics.html#status.200" class="smpl">200 (OK)</a> response containing a representation of the resource identified by the request target. However, it is also possible to cache 834 negative results (e.g., <a href="p2-semantics.html#status.404" class="smpl">404 (Not Found)</a>, incomplete results (e.g., <a href="p5-range.html#status.206" class="smpl">206 (Partial Content)</a>), and responses to safe methods other than GET if the method's definition allows such caching and defines something suitable 839 negative results (e.g., <a href="p2-semantics.html#status.404" class="smpl">404 (Not 840 Found)</a>, incomplete results (e.g., <a href="p5-range.html#status.206" class="smpl">206 (Partial 841 Content)</a>), and responses to safe methods other than GET if the method's definition allows such caching and defines something suitable 835 842 for use as a cache key. 836 843 </p> … … 839 846 </p> 840 847 <p id="rfc.section.2.p.4">If a request target is subject to content negotiation, its cache entry might consist of multiple stored responses, each differentiated 841 by a secondary key for the values of the original request's selecting header fields (<a href="#caching.negotiated.responses" title=" Caching Negotiated Responses">Section 2.8</a>).842 </p> 843 <h 2 id="rfc.section.2.1"><a href="#rfc.section.2.1">2.1</a> <a id="response.cacheability" href="#response.cacheability">Response Cacheability</a></h2>844 <p id="rfc.section. 2.1.p.1">A cache <em class="bcp14">MUST NOT</em> store a response to any request, unless:848 by a secondary key for the values of the original request's selecting header fields (<a href="#caching.negotiated.responses" title="Using Negotiated Responses">Section 4.3</a>). 849 </p> 850 <h1 id="rfc.section.3"><a href="#rfc.section.3">3.</a> <a id="response.cacheability" href="#response.cacheability">Storing Responses in Caches</a></h1> 851 <p id="rfc.section.3.p.1">A cache <em class="bcp14">MUST NOT</em> store a response to any request, unless: 845 852 </p> 846 853 <ul> 847 854 <li>The request method is understood by the cache and defined as being cacheable, and</li> 848 855 <li>the response status code is understood by the cache, and</li> 849 <li>the "no-store" cache directive (see <a href="#header.cache-control" id="rfc.xref.header.cache-control.1" title="Cache-Control">Section 3.2</a>) does not appear in request or response header fields, and850 </li> 851 <li>the "private" cache response directive (see <a href="#cache-response-directive" title="Response Cache-Control Directives">Section 3.2.2</a>) does not appear in the response, if the cache is shared, and852 </li> 853 <li>the <a href="p7-auth.html#header.authorization" class="smpl">Authorization</a> header field (see <a href="p7-auth.html#header.authorization" title="Authorization">Section 4.1</a> of <a href="#Part7" id="rfc.xref.Part7.1"><cite title="HTTP/1.1, part 7: Authentication">[Part7]</cite></a>) does not appear in the request, if the cache is shared, unless the response explicitly allows it (see <a href="#caching.authenticated.responses" title="S hared Caching of Authenticated Responses">Section 2.7</a>), and856 <li>the "no-store" cache directive (see <a href="#header.cache-control" id="rfc.xref.header.cache-control.1" title="Cache-Control">Section 7.2</a>) does not appear in request or response header fields, and 857 </li> 858 <li>the "private" cache response directive (see <a href="#cache-response-directive" title="Response Cache-Control Directives">Section 7.2.2</a>) does not appear in the response, if the cache is shared, and 859 </li> 860 <li>the <a href="p7-auth.html#header.authorization" class="smpl">Authorization</a> header field (see <a href="p7-auth.html#header.authorization" title="Authorization">Section 4.1</a> of <a href="#Part7" id="rfc.xref.Part7.1"><cite title="HTTP/1.1, part 7: Authentication">[Part7]</cite></a>) does not appear in the request, if the cache is shared, unless the response explicitly allows it (see <a href="#caching.authenticated.responses" title="Storing Responses to Authenticated Requests">Section 3.2</a>), and 854 861 </li> 855 862 <li>the response either: 856 863 <ul> 857 <li>contains an <a href="#header.expires" class="smpl">Expires</a> header field (see <a href="#header.expires" id="rfc.xref.header.expires.1" title="Expires">Section 3.3</a>), or864 <li>contains an <a href="#header.expires" class="smpl">Expires</a> header field (see <a href="#header.expires" id="rfc.xref.header.expires.1" title="Expires">Section 7.3</a>), or 858 865 </li> 859 <li>contains a max-age response cache directive (see <a href="#cache-response-directive" title="Response Cache-Control Directives">Section 3.2.2</a>), or866 <li>contains a max-age response cache directive (see <a href="#cache-response-directive" title="Response Cache-Control Directives">Section 7.2.2</a>), or 860 867 </li> 861 868 <li>contains a s-maxage response cache directive and the cache is shared, or</li> 862 <li>contains a Cache Control Extension (see <a href="#cache.control.extensions" title="Cache Control Extensions">Section 3.2.3</a>) that allows it to be cached, or869 <li>contains a Cache Control Extension (see <a href="#cache.control.extensions" title="Cache Control Extensions">Section 7.2.3</a>) that allows it to be cached, or 863 870 </li> 864 <li>has a status code that can be served with heuristic freshness (see <a href="#heuristic.freshness" title="Calculating Heuristic Freshness">Section 2.3.1.1</a>).871 <li>has a status code that can be served with heuristic freshness (see <a href="#heuristic.freshness" title="Calculating Heuristic Freshness">Section 4.1.2</a>). 865 872 </li> 866 873 </ul> 867 874 </li> 868 875 </ul> 869 <p id="rfc.section. 2.1.p.2">Note that any of the requirements listed above can be overridden by a cache-control extension; see <a href="#cache.control.extensions" title="Cache Control Extensions">Section 3.2.3</a>.870 </p> 871 <p id="rfc.section. 2.1.p.3">In this context, a cache has "understood" a request method or a response status code if it recognizes it and implements any876 <p id="rfc.section.3.p.2">Note that any of the requirements listed above can be overridden by a cache-control extension; see <a href="#cache.control.extensions" title="Cache Control Extensions">Section 7.2.3</a>. 877 </p> 878 <p id="rfc.section.3.p.3">In this context, a cache has "understood" a request method or a response status code if it recognizes it and implements any 872 879 cache-specific behavior. 873 880 </p> 874 <p id="rfc.section. 2.1.p.4">Note that, in normal operation, most caches will not store a response that has neither a cache validator nor an explicit expiration881 <p id="rfc.section.3.p.4">Note that, in normal operation, most caches will not store a response that has neither a cache validator nor an explicit expiration 875 882 time, as such responses are not usually useful to store. However, caches are not prohibited from storing such responses. 876 883 </p> 877 <p id="rfc.section.2.1.p.5">A response message is considered complete when all of the octets indicated by the message framing (<a href="#Part1" id="rfc.xref.Part1.11"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>) are received prior to the connection being closed. If the request is GET, the response status is <a href="p2-semantics.html#status.200" class="smpl">200 (OK)</a>, and the entire response header block has been received, a cache <em class="bcp14">MAY</em> store an incomplete response message body if the cache entry is recorded as incomplete. Likewise, a <a href="p5-range.html#status.206" class="smpl">206 (Partial Content)</a> response <em class="bcp14">MAY</em> be stored as if it were an incomplete <a href="p2-semantics.html#status.200" class="smpl">200 (OK)</a> cache entry. However, a cache <em class="bcp14">MUST NOT</em> store incomplete or partial content responses if it does not support the <a href="p5-range.html#range.retrieval.requests" class="smpl">Range</a> and <a href="p5-range.html#header.content-range" class="smpl">Content-Range</a> header fields or if it does not understand the range units used in those fields. 878 </p> 879 <p id="rfc.section.2.1.p.6">A cache <em class="bcp14">MAY</em> complete a stored incomplete response by making a subsequent range request (<a href="#Part5" id="rfc.xref.Part5.1"><cite title="HTTP/1.1, part 5: Range Requests and Partial Responses">[Part5]</cite></a>) and combining the successful response with the stored entry, as defined in <a href="#combining.responses" title="Combining Partial Content">Section 2.9</a>. A cache <em class="bcp14">MUST NOT</em> use an incomplete response to answer requests unless the response has been made complete or the request is partial and specifies 884 <h2 id="rfc.section.3.1"><a href="#rfc.section.3.1">3.1</a> <a id="incomplete.responses" href="#incomplete.responses">Storing Incomplete Responses</a></h2> 885 <p id="rfc.section.3.1.p.1">A response message is considered complete when all of the octets indicated by the message framing (<a href="#Part1" id="rfc.xref.Part1.11"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>) are received prior to the connection being closed. If the request is GET, the response status is <a href="p2-semantics.html#status.200" class="smpl">200 886 (OK)</a>, and the entire response header block has been received, a cache <em class="bcp14">MAY</em> store an incomplete response message body if the cache entry is recorded as incomplete. Likewise, a <a href="p5-range.html#status.206" class="smpl">206 (Partial Content)</a> response <em class="bcp14">MAY</em> be stored as if it were an incomplete <a href="p2-semantics.html#status.200" class="smpl">200 887 (OK)</a> cache entry. However, a cache <em class="bcp14">MUST NOT</em> store incomplete or partial content responses if it does not support the <a href="p5-range.html#range.retrieval.requests" class="smpl">Range</a> and <a href="p5-range.html#header.content-range" class="smpl">Content-Range</a> header fields or if it does not understand the range units used in those fields. 888 </p> 889 <p id="rfc.section.3.1.p.2">A cache <em class="bcp14">MAY</em> complete a stored incomplete response by making a subsequent range request (<a href="#Part5" id="rfc.xref.Part5.1"><cite title="HTTP/1.1, part 5: Range Requests and Partial Responses">[Part5]</cite></a>) and combining the successful response with the stored entry, as defined in <a href="#combining.responses" title="Combining Partial Content">Section 4.4</a>. A cache <em class="bcp14">MUST NOT</em> use an incomplete response to answer requests unless the response has been made complete or the request is partial and specifies 880 890 a range that is wholly within the incomplete response. A cache <em class="bcp14">MUST NOT</em> send a partial response to a client without explicitly marking it as such using the <a href="p5-range.html#status.206" class="smpl">206 (Partial Content)</a> status code. 881 891 </p> 882 <h2 id="rfc.section.2.2"><a href="#rfc.section.2.2">2.2</a> <a id="constructing.responses.from.caches" href="#constructing.responses.from.caches">Constructing Responses from Caches</a></h2> 883 <p id="rfc.section.2.2.p.1">For a presented request, a cache <em class="bcp14">MUST NOT</em> return a stored response, unless: 892 <h2 id="rfc.section.3.2"><a href="#rfc.section.3.2">3.2</a> <a id="caching.authenticated.responses" href="#caching.authenticated.responses">Storing Responses to Authenticated Requests</a></h2> 893 <p id="rfc.section.3.2.p.1">A shared cache <em class="bcp14">MUST NOT</em> use a cached response to a request with an <a href="p7-auth.html#header.authorization" class="smpl">Authorization</a> header field (<a href="p7-auth.html#header.authorization" title="Authorization">Section 4.1</a> of <a href="#Part7" id="rfc.xref.Part7.2"><cite title="HTTP/1.1, part 7: Authentication">[Part7]</cite></a>) to satisfy any subsequent request unless a cache directive that allows such responses to be stored is present in the response. 894 </p> 895 <p id="rfc.section.3.2.p.2">In this specification, the following <a href="#header.cache-control" class="smpl">Cache-Control</a> response directives (<a href="#cache-response-directive" title="Response Cache-Control Directives">Section 7.2.2</a>) have such an effect: must-revalidate, public, s-maxage. 896 </p> 897 <p id="rfc.section.3.2.p.3">Note that cached responses that contain the "must-revalidate" and/or "s-maxage" response directives are not allowed to be 898 served stale (<a href="#serving.stale.responses" title="Serving Stale Responses">Section 4.1.4</a>) by shared caches. In particular, a response with either "max-age=0, must-revalidate" or "s-maxage=0" cannot be used to satisfy 899 a subsequent request without revalidating it on the origin server. 900 </p> 901 <h1 id="rfc.section.4"><a href="#rfc.section.4">4.</a> <a id="constructing.responses.from.caches" href="#constructing.responses.from.caches">Constructing Responses from Caches</a></h1> 902 <p id="rfc.section.4.p.1">For a presented request, a cache <em class="bcp14">MUST NOT</em> return a stored response, unless: 884 903 </p> 885 904 <ul> … … 887 906 </li> 888 907 <li>the request method associated with the stored response allows it to be used for the presented request, and</li> 889 <li>selecting header fields nominated by the stored response (if any) match those presented (see <a href="#caching.negotiated.responses" title=" Caching Negotiated Responses">Section 2.8</a>), and890 </li> 891 <li>the presented request does not contain the no-cache pragma (<a href="#header.pragma" id="rfc.xref.header.pragma.1" title="Pragma">Section 3.4</a>), nor the no-cache cache directive (<a href="#cache-request-directive" title="Request Cache-Control Directives">Section 3.2.1</a>), unless the stored response is successfully validated (<a href="#validation.model" title="Validation Model">Section 2.4</a>), and892 </li> 893 <li>the stored response does not contain the no-cache cache directive (<a href="#cache-response-directive" title="Response Cache-Control Directives">Section 3.2.2</a>), unless it is successfully validated (<a href="#validation.model" title="Validation Model">Section 2.4</a>), and908 <li>selecting header fields nominated by the stored response (if any) match those presented (see <a href="#caching.negotiated.responses" title="Using Negotiated Responses">Section 4.3</a>), and 909 </li> 910 <li>the presented request does not contain the no-cache pragma (<a href="#header.pragma" id="rfc.xref.header.pragma.1" title="Pragma">Section 7.4</a>), nor the no-cache cache directive (<a href="#cache-request-directive" title="Request Cache-Control Directives">Section 7.2.1</a>), unless the stored response is successfully validated (<a href="#validation.model" title="Validation Model">Section 4.2</a>), and 911 </li> 912 <li>the stored response does not contain the no-cache cache directive (<a href="#cache-response-directive" title="Response Cache-Control Directives">Section 7.2.2</a>), unless it is successfully validated (<a href="#validation.model" title="Validation Model">Section 4.2</a>), and 894 913 </li> 895 914 <li>the stored response is either: 896 915 <ul> 897 <li>fresh (see <a href="#expiration.model" title="Freshness Model">Section 2.3</a>), or916 <li>fresh (see <a href="#expiration.model" title="Freshness Model">Section 4.1</a>), or 898 917 </li> 899 <li>allowed to be served stale (see <a href="#serving.stale.responses" title="Serving Stale Responses">Section 2.3.3</a>), or918 <li>allowed to be served stale (see <a href="#serving.stale.responses" title="Serving Stale Responses">Section 4.1.4</a>), or 900 919 </li> 901 <li>successfully validated (see <a href="#validation.model" title="Validation Model">Section 2.4</a>).920 <li>successfully validated (see <a href="#validation.model" title="Validation Model">Section 4.2</a>). 902 921 </li> 903 922 </ul> 904 923 </li> 905 924 </ul> 906 <p id="rfc.section. 2.2.p.2">Note that any of the requirements listed above can be overridden by a cache-control extension; see <a href="#cache.control.extensions" title="Cache Control Extensions">Section 3.2.3</a>.907 </p> 908 <p id="rfc.section. 2.2.p.3">When a stored response is used to satisfy a request without validation, a cache <em class="bcp14">MUST</em> include a single <a href="#header.age" class="smpl">Age</a> header field (<a href="#header.age" id="rfc.xref.header.age.1" title="Age">Section 3.1</a>) in the response with a value equal to the stored response's current_age; see <a href="#age.calculations" title="Calculating Age">Section 2.3.2</a>.909 </p> 910 <p id="rfc.section. 2.2.p.4">A cache <em class="bcp14">MUST</em> write through requests with methods that are unsafe (<a href="p2-semantics.html#safe.methods" title="Safe Methods">Section 2.1.1</a> of <a href="#Part2" id="rfc.xref.Part2.3"><cite title="HTTP/1.1, part 2: Message Semantics, Payload and Content Negotiation">[Part2]</cite></a>) to the origin server; i.e., a cache is not allowed to generate a reply to such a request before having forwarded the request925 <p id="rfc.section.4.p.2">Note that any of the requirements listed above can be overridden by a cache-control extension; see <a href="#cache.control.extensions" title="Cache Control Extensions">Section 7.2.3</a>. 926 </p> 927 <p id="rfc.section.4.p.3">When a stored response is used to satisfy a request without validation, a cache <em class="bcp14">MUST</em> include a single <a href="#header.age" class="smpl">Age</a> header field (<a href="#header.age" id="rfc.xref.header.age.1" title="Age">Section 7.1</a>) in the response with a value equal to the stored response's current_age; see <a href="#age.calculations" title="Calculating Age">Section 4.1.3</a>. 928 </p> 929 <p id="rfc.section.4.p.4">A cache <em class="bcp14">MUST</em> write through requests with methods that are unsafe (<a href="p2-semantics.html#safe.methods" title="Safe Methods">Section 2.1.1</a> of <a href="#Part2" id="rfc.xref.Part2.3"><cite title="HTTP/1.1, part 2: Message Semantics, Payload and Content Negotiation">[Part2]</cite></a>) to the origin server; i.e., a cache is not allowed to generate a reply to such a request before having forwarded the request 911 930 and having received a corresponding response. 912 931 </p> 913 <p id="rfc.section. 2.2.p.5">Also, note that unsafe requests might invalidate already stored responses; see <a href="#invalidation.after.updates.or.deletions" title="Request Methods that Invalidate">Section 2.6</a>.914 </p> 915 <p id="rfc.section. 2.2.p.6">When more than one suitable response is stored, a cache <em class="bcp14">MUST</em> use the most recent response (as determined by the <a href="p2-semantics.html#header.date" class="smpl">Date</a> header field). It can also forward a request with "Cache-Control: max-age=0" or "Cache-Control: no-cache" to disambiguate932 <p id="rfc.section.4.p.5">Also, note that unsafe requests might invalidate already stored responses; see <a href="#invalidation.after.updates.or.deletions" title="Request Methods that Invalidate">Section 6</a>. 933 </p> 934 <p id="rfc.section.4.p.6">When more than one suitable response is stored, a cache <em class="bcp14">MUST</em> use the most recent response (as determined by the <a href="p2-semantics.html#header.date" class="smpl">Date</a> header field). It can also forward a request with "Cache-Control: max-age=0" or "Cache-Control: no-cache" to disambiguate 916 935 which response to use. 917 936 </p> 918 <p id="rfc.section. 2.2.p.7">A cache that does not have a clock available <em class="bcp14">MUST NOT</em> use stored responses without revalidating them on every use. A cache, especially a shared cache, <em class="bcp14">SHOULD</em> use a mechanism, such as NTP <a href="#RFC1305" id="rfc.xref.RFC1305.1"><cite title="Network Time Protocol (Version 3) Specification, Implementation">[RFC1305]</cite></a>, to synchronize its clock with a reliable external standard.919 </p> 920 <h2 id="rfc.section. 2.3"><a href="#rfc.section.2.3">2.3</a> <a id="expiration.model" href="#expiration.model">Freshness Model</a></h2>921 <p id="rfc.section. 2.3.p.1">When a response is "fresh" in the cache, it can be used to satisfy subsequent requests without contacting the origin server,937 <p id="rfc.section.4.p.7">A cache that does not have a clock available <em class="bcp14">MUST NOT</em> use stored responses without revalidating them on every use. A cache, especially a shared cache, <em class="bcp14">SHOULD</em> use a mechanism, such as NTP <a href="#RFC1305" id="rfc.xref.RFC1305.1"><cite title="Network Time Protocol (Version 3) Specification, Implementation">[RFC1305]</cite></a>, to synchronize its clock with a reliable external standard. 938 </p> 939 <h2 id="rfc.section.4.1"><a href="#rfc.section.4.1">4.1</a> <a id="expiration.model" href="#expiration.model">Freshness Model</a></h2> 940 <p id="rfc.section.4.1.p.1">When a response is "fresh" in the cache, it can be used to satisfy subsequent requests without contacting the origin server, 922 941 thereby improving efficiency. 923 942 </p> 924 <p id="rfc.section. 2.3.p.2">The primary mechanism for determining freshness is for an origin server to provide an explicit expiration time in the future,925 using either the <a href="#header.expires" class="smpl">Expires</a> header field (<a href="#header.expires" id="rfc.xref.header.expires.2" title="Expires">Section 3.3</a>) or the max-age response cache directive (<a href="#cache-response-directive" title="Response Cache-Control Directives">Section 3.2.2</a>). Generally, origin servers will assign future explicit expiration times to responses in the belief that the representation943 <p id="rfc.section.4.1.p.2">The primary mechanism for determining freshness is for an origin server to provide an explicit expiration time in the future, 944 using either the <a href="#header.expires" class="smpl">Expires</a> header field (<a href="#header.expires" id="rfc.xref.header.expires.2" title="Expires">Section 7.3</a>) or the max-age response cache directive (<a href="#cache-response-directive" title="Response Cache-Control Directives">Section 7.2.2</a>). Generally, origin servers will assign future explicit expiration times to responses in the belief that the representation 926 945 is not likely to change in a semantically significant way before the expiration time is reached. 927 946 </p> 928 <p id="rfc.section. 2.3.p.3">If an origin server wishes to force a cache to validate every request, it can assign an explicit expiration time in the past947 <p id="rfc.section.4.1.p.3">If an origin server wishes to force a cache to validate every request, it can assign an explicit expiration time in the past 929 948 to indicate that the response is already stale. Compliant caches will normally validate the cached response before reusing 930 it for subsequent requests (see <a href="#serving.stale.responses" title="Serving Stale Responses">Section 2.3.3</a>).931 </p> 932 <p id="rfc.section. 2.3.p.4">Since origin servers do not always provide explicit expiration times, a cache <em class="bcp14">MAY</em> assign a heuristic expiration time when an explicit time is not specified, employing algorithms that use other header field949 it for subsequent requests (see <a href="#serving.stale.responses" title="Serving Stale Responses">Section 4.1.4</a>). 950 </p> 951 <p id="rfc.section.4.1.p.4">Since origin servers do not always provide explicit expiration times, a cache <em class="bcp14">MAY</em> assign a heuristic expiration time when an explicit time is not specified, employing algorithms that use other header field 933 952 values (such as the <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> time) to estimate a plausible expiration time. This specification does not provide specific algorithms, but does impose worst-case 934 953 constraints on their results. … … 936 955 <div id="rfc.figure.u.4"></div> 937 956 <p>The calculation to determine if a response is fresh is:</p> <pre class="text"> response_is_fresh = (freshness_lifetime > current_age) 938 </pre> <p id="rfc.section. 2.3.p.6">The freshness_lifetime is defined in <a href="#calculating.freshness.lifetime" title="Calculating Freshness Lifetime">Section 2.3.1</a>; the current_age is defined in <a href="#age.calculations" title="Calculating Age">Section 2.3.2</a>.939 </p> 940 <p id="rfc.section. 2.3.p.7">Additionally, clients can influence freshness calculation — either constraining it relaxing it — by using the max-age and941 min-fresh request cache directives. See <a href="#cache-request-directive" title="Request Cache-Control Directives">Section 3.2.1</a> for details.942 </p> 943 <p id="rfc.section. 2.3.p.8">Note that freshness applies only to cache operation; it cannot be used to force a user agent to refresh its display or reload944 a resource. See <a href="#history.lists" title="History Lists">Section 4</a> for an explanation of the difference between caches and history mechanisms.945 </p> 946 <h3 id="rfc.section. 2.3.1"><a href="#rfc.section.2.3.1">2.3.1</a> <a id="calculating.freshness.lifetime" href="#calculating.freshness.lifetime">Calculating Freshness Lifetime</a></h3>947 <p id="rfc.section. 2.3.1.p.1">A cache can calculate the freshness lifetime (denoted as freshness_lifetime) of a response by using the first match of: </p>957 </pre> <p id="rfc.section.4.1.p.6">The freshness_lifetime is defined in <a href="#calculating.freshness.lifetime" title="Calculating Freshness Lifetime">Section 4.1.1</a>; the current_age is defined in <a href="#age.calculations" title="Calculating Age">Section 4.1.3</a>. 958 </p> 959 <p id="rfc.section.4.1.p.7">Additionally, clients can influence freshness calculation — either constraining it relaxing it — by using the max-age and 960 min-fresh request cache directives. See <a href="#cache-request-directive" title="Request Cache-Control Directives">Section 7.2.1</a> for details. 961 </p> 962 <p id="rfc.section.4.1.p.8">Note that freshness applies only to cache operation; it cannot be used to force a user agent to refresh its display or reload 963 a resource. See <a href="#history.lists" title="History Lists">Section 8</a> for an explanation of the difference between caches and history mechanisms. 964 </p> 965 <h3 id="rfc.section.4.1.1"><a href="#rfc.section.4.1.1">4.1.1</a> <a id="calculating.freshness.lifetime" href="#calculating.freshness.lifetime">Calculating Freshness Lifetime</a></h3> 966 <p id="rfc.section.4.1.1.p.1">A cache can calculate the freshness lifetime (denoted as freshness_lifetime) of a response by using the first match of: </p> 948 967 <ul> 949 <li>If the cache is shared and the s-maxage response cache directive (<a href="#cache-response-directive" title="Response Cache-Control Directives">Section 3.2.2</a>) is present, use its value, or950 </li> 951 <li>If the max-age response cache directive (<a href="#cache-response-directive" title="Response Cache-Control Directives">Section 3.2.2</a>) is present, use its value, or952 </li> 953 <li>If the <a href="#header.expires" class="smpl">Expires</a> response header field (<a href="#header.expires" id="rfc.xref.header.expires.3" title="Expires">Section 3.3</a>) is present, use its value minus the value of the <a href="p2-semantics.html#header.date" class="smpl">Date</a> response header field, or954 </li> 955 <li>Otherwise, no explicit expiration time is present in the response. A heuristic freshness lifetime might be applicable; see <a href="#heuristic.freshness" title="Calculating Heuristic Freshness">Section 2.3.1.1</a>.956 </li> 957 </ul> 958 <p id="rfc.section. 2.3.1.p.2">Note that this calculation is not vulnerable to clock skew, since all of the information comes from the origin server.</p>959 <p id="rfc.section. 2.3.1.p.3">When there is more than one value present for a given directive (e.g., two <a href="#header.expires" class="smpl">Expires</a> header fields, multiple Cache-Control: max-age directives), it is considered invalid. Caches are encouraged to consider responses968 <li>If the cache is shared and the s-maxage response cache directive (<a href="#cache-response-directive" title="Response Cache-Control Directives">Section 7.2.2</a>) is present, use its value, or 969 </li> 970 <li>If the max-age response cache directive (<a href="#cache-response-directive" title="Response Cache-Control Directives">Section 7.2.2</a>) is present, use its value, or 971 </li> 972 <li>If the <a href="#header.expires" class="smpl">Expires</a> response header field (<a href="#header.expires" id="rfc.xref.header.expires.3" title="Expires">Section 7.3</a>) is present, use its value minus the value of the <a href="p2-semantics.html#header.date" class="smpl">Date</a> response header field, or 973 </li> 974 <li>Otherwise, no explicit expiration time is present in the response. A heuristic freshness lifetime might be applicable; see <a href="#heuristic.freshness" title="Calculating Heuristic Freshness">Section 4.1.2</a>. 975 </li> 976 </ul> 977 <p id="rfc.section.4.1.1.p.2">Note that this calculation is not vulnerable to clock skew, since all of the information comes from the origin server.</p> 978 <p id="rfc.section.4.1.1.p.3">When there is more than one value present for a given directive (e.g., two <a href="#header.expires" class="smpl">Expires</a> header fields, multiple Cache-Control: max-age directives), it is considered invalid. Caches are encouraged to consider responses 960 979 that have invalid freshness information to be stale. 961 980 </p> 962 <h4 id="rfc.section.2.3.1.1"><a href="#rfc.section.2.3.1.1">2.3.1.1</a> <a id="heuristic.freshness" href="#heuristic.freshness">Calculating Heuristic Freshness</a></h4> 963 <p id="rfc.section.2.3.1.1.p.1">If no explicit expiration time is present in a stored response that has a status code whose definition allows heuristic freshness 964 to be used (including the following in <a href="p2-semantics.html#status.codes" title="Status Codes">Section 4</a> of <a href="#Part2" id="rfc.xref.Part2.4"><cite title="HTTP/1.1, part 2: Message Semantics, Payload and Content Negotiation">[Part2]</cite></a>: <a href="p2-semantics.html#status.200" class="smpl">200 (OK)</a>, <a href="p2-semantics.html#status.203" class="smpl">203 965 (Non-Authoritative Information)</a>, <a href="p5-range.html#status.206" class="smpl">206 (Partial Content)</a>, <a href="p2-semantics.html#status.300" class="smpl">300 (Multiple Choices)</a>, <a href="p2-semantics.html#status.301" class="smpl">301 (Moved Permanently)</a> and <a href="p2-semantics.html#status.410" class="smpl">410 (Gone)</a>), a cache <em class="bcp14">MAY</em> calculate a heuristic expiration time. A cache <em class="bcp14">MUST NOT</em> use heuristics to determine freshness for responses with status codes that do not explicitly allow it. 966 </p> 967 <p id="rfc.section.2.3.1.1.p.2">When a heuristic is used to calculate freshness lifetime, a cache <em class="bcp14">SHOULD</em> attach a <a href="#header.warning" class="smpl">Warning</a> header field with a 113 warn-code to the response if its current_age is more than 24 hours and such a warning is not already 981 <h3 id="rfc.section.4.1.2"><a href="#rfc.section.4.1.2">4.1.2</a> <a id="heuristic.freshness" href="#heuristic.freshness">Calculating Heuristic Freshness</a></h3> 982 <p id="rfc.section.4.1.2.p.1">If no explicit expiration time is present in a stored response that has a status code whose definition allows heuristic freshness 983 to be used (including the following in <a href="p2-semantics.html#status.codes" title="Status Codes">Section 4</a> of <a href="#Part2" id="rfc.xref.Part2.4"><cite title="HTTP/1.1, part 2: Message Semantics, Payload and Content Negotiation">[Part2]</cite></a>: <a href="p2-semantics.html#status.200" class="smpl">200 (OK)</a>, <a href="p2-semantics.html#status.203" class="smpl">203 (Non-Authoritative Information)</a>, <a href="p5-range.html#status.206" class="smpl">206 (Partial 984 Content)</a>, <a href="p2-semantics.html#status.300" class="smpl">300 (Multiple Choices)</a>, <a href="p2-semantics.html#status.301" class="smpl">301 (Moved 985 Permanently)</a> and <a href="p2-semantics.html#status.410" class="smpl">410 (Gone)</a>), a cache <em class="bcp14">MAY</em> calculate a heuristic expiration time. A cache <em class="bcp14">MUST NOT</em> use heuristics to determine freshness for responses with status codes that do not explicitly allow it. 986 </p> 987 <p id="rfc.section.4.1.2.p.2">When a heuristic is used to calculate freshness lifetime, a cache <em class="bcp14">SHOULD</em> attach a <a href="#header.warning" class="smpl">Warning</a> header field with a 113 warn-code to the response if its current_age is more than 24 hours and such a warning is not already 968 988 present. 969 989 </p> 970 <p id="rfc.section. 2.3.1.1.p.3">Also, if the response has a <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> header field (<a href="p4-conditional.html#header.last-modified" title="Last-Modified">Section 2.2</a> of <a href="#Part4" id="rfc.xref.Part4.4"><cite title="HTTP/1.1, part 4: Conditional Requests">[Part4]</cite></a>), caches are encouraged to use a heuristic expiration value that is no more than some fraction of the interval since that990 <p id="rfc.section.4.1.2.p.3">Also, if the response has a <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> header field (<a href="p4-conditional.html#header.last-modified" title="Last-Modified">Section 2.2</a> of <a href="#Part4" id="rfc.xref.Part4.4"><cite title="HTTP/1.1, part 4: Conditional Requests">[Part4]</cite></a>), caches are encouraged to use a heuristic expiration value that is no more than some fraction of the interval since that 971 991 time. A typical setting of this fraction might be 10%. 972 992 </p> 973 <div class="note" id="rfc.section. 2.3.1.1.p.4">993 <div class="note" id="rfc.section.4.1.2.p.4"> 974 994 <p> <b>Note:</b> RFC 2616 (<a href="#RFC2616" id="rfc.xref.RFC2616.1"><cite title="Hypertext Transfer Protocol -- HTTP/1.1">[RFC2616]</cite></a>, <a href="http://tools.ietf.org/html/rfc2616#section-13.9">Section 13.9</a>) required that caches do not calculate heuristic freshness for URIs with query components (i.e., those containing '?'). In 975 995 practice, this has not been widely implemented. Therefore, servers are encouraged to send explicit directives (e.g., Cache-Control: … … 977 997 </p> 978 998 </div> 979 <h3 id="rfc.section. 2.3.2"><a href="#rfc.section.2.3.2">2.3.2</a> <a id="age.calculations" href="#age.calculations">Calculating Age</a></h3>980 <p id="rfc.section. 2.3.2.p.1">HTTP/1.1 uses the <a href="#header.age" class="smpl">Age</a> header field to convey the estimated age of the response message when obtained from a cache. The Age field value is the cache's999 <h3 id="rfc.section.4.1.3"><a href="#rfc.section.4.1.3">4.1.3</a> <a id="age.calculations" href="#age.calculations">Calculating Age</a></h3> 1000 <p id="rfc.section.4.1.3.p.1">HTTP/1.1 uses the <a href="#header.age" class="smpl">Age</a> header field to convey the estimated age of the response message when obtained from a cache. The Age field value is the cache's 981 1001 estimate of the amount of time since the response was generated or validated by the origin server. In essence, the Age value 982 1002 is the sum of the time that the response has been resident in each of the caches along the path from the origin server, plus 983 1003 the amount of time it has been in transit along network paths. 984 1004 </p> 985 <p id="rfc.section. 2.3.2.p.2">The following data is used for the age calculation:</p>986 <p id="rfc.section. 2.3.2.p.3"> <dfn>age_value</dfn>1005 <p id="rfc.section.4.1.3.p.2">The following data is used for the age calculation:</p> 1006 <p id="rfc.section.4.1.3.p.3"> <dfn>age_value</dfn> 987 1007 </p> 988 1008 <ul class="empty"> 989 <li>The term "age_value" denotes the value of the <a href="#header.age" class="smpl">Age</a> header field (<a href="#header.age" id="rfc.xref.header.age.2" title="Age">Section 3.1</a>), in a form appropriate for arithmetic operation; or 0, if not available.990 </li> 991 </ul> 992 <p id="rfc.section. 2.3.2.p.4"> <dfn>date_value</dfn>1009 <li>The term "age_value" denotes the value of the <a href="#header.age" class="smpl">Age</a> header field (<a href="#header.age" id="rfc.xref.header.age.2" title="Age">Section 7.1</a>), in a form appropriate for arithmetic operation; or 0, if not available. 1010 </li> 1011 </ul> 1012 <p id="rfc.section.4.1.3.p.4"> <dfn>date_value</dfn> 993 1013 </p> 994 1014 <ul class="empty"> … … 997 1017 </li> 998 1018 </ul> 999 <p id="rfc.section. 2.3.2.p.5"> <dfn>now</dfn>1019 <p id="rfc.section.4.1.3.p.5"> <dfn>now</dfn> 1000 1020 </p> 1001 1021 <ul class="empty"> … … 1003 1023 </li> 1004 1024 </ul> 1005 <p id="rfc.section. 2.3.2.p.6"> <dfn>request_time</dfn>1025 <p id="rfc.section.4.1.3.p.6"> <dfn>request_time</dfn> 1006 1026 </p> 1007 1027 <ul class="empty"> 1008 1028 <li>The current value of the clock at the host at the time the request resulting in the stored response was made.</li> 1009 1029 </ul> 1010 <p id="rfc.section. 2.3.2.p.7"> <dfn>response_time</dfn>1030 <p id="rfc.section.4.1.3.p.7"> <dfn>response_time</dfn> 1011 1031 </p> 1012 1032 <ul class="empty"> 1013 1033 <li>The current value of the clock at the host at the time the response was received.</li> 1014 1034 </ul> 1015 <p id="rfc.section. 2.3.2.p.8">A response's age can be calculated in two entirely independent ways: </p>1035 <p id="rfc.section.4.1.3.p.8">A response's age can be calculated in two entirely independent ways: </p> 1016 1036 <ol> 1017 1037 <li>the "apparent_age": response_time minus date_value, if the local clock is reasonably well synchronized to the origin server's … … 1028 1048 <p>These <em class="bcp14">SHOULD</em> be combined as 1029 1049 </p> <pre class="text"> corrected_initial_age = max(apparent_age, corrected_age_value); 1030 </pre><p id="rfc.section. 2.3.2.p.11">unless the cache is confident in the value of the <a href="#header.age" class="smpl">Age</a> header field (e.g., because there are no HTTP/1.0 hops in the <a href="p1-messaging.html#header.via" class="smpl">Via</a> header field), in which case the corrected_age_value <em class="bcp14">MAY</em> be used as the corrected_initial_age.1031 </p> 1032 <p id="rfc.section. 2.3.2.p.12">The current_age of a stored response can then be calculated by adding the amount of time (in seconds) since the stored response1050 </pre><p id="rfc.section.4.1.3.p.11">unless the cache is confident in the value of the <a href="#header.age" class="smpl">Age</a> header field (e.g., because there are no HTTP/1.0 hops in the <a href="p1-messaging.html#header.via" class="smpl">Via</a> header field), in which case the corrected_age_value <em class="bcp14">MAY</em> be used as the corrected_initial_age. 1051 </p> 1052 <p id="rfc.section.4.1.3.p.12">The current_age of a stored response can then be calculated by adding the amount of time (in seconds) since the stored response 1033 1053 was last validated by the origin server to the corrected_initial_age. 1034 1054 </p> 1035 1055 <div id="rfc.figure.u.7"></div><pre class="text"> resident_time = now - response_time; 1036 1056 current_age = corrected_initial_age + resident_time; 1037 </pre><p id="rfc.section. 2.3.2.p.14">Additionally, to avoid common problems in date parsing:</p>1038 <p id="rfc.section. 2.3.2.p.15"> </p>1057 </pre><p id="rfc.section.4.1.3.p.14">Additionally, to avoid common problems in date parsing:</p> 1058 <p id="rfc.section.4.1.3.p.15"> </p> 1039 1059 <ul> 1040 1060 <li>HTTP/1.1 clients and caches <em class="bcp14">SHOULD</em> assume that an RFC-850 date which appears to be more than 50 years in the future is in fact in the past (this helps solve … … 1050 1070 </li> 1051 1071 </ul> 1052 <h3 id="rfc.section. 2.3.3"><a href="#rfc.section.2.3.3">2.3.3</a> <a id="serving.stale.responses" href="#serving.stale.responses">Serving Stale Responses</a></h3>1053 <p id="rfc.section. 2.3.3.p.1">A "stale" response is one that either has explicit expiry information or is allowed to have heuristic expiry calculated, but1054 is not fresh according to the calculations in <a href="#expiration.model" title="Freshness Model">Section 2.3</a>.1055 </p> 1056 <p id="rfc.section. 2.3.3.p.2">A cache <em class="bcp14">MUST NOT</em> return a stale response if it is prohibited by an explicit in-protocol directive (e.g., by a "no-store" or "no-cache" cache1072 <h3 id="rfc.section.4.1.4"><a href="#rfc.section.4.1.4">4.1.4</a> <a id="serving.stale.responses" href="#serving.stale.responses">Serving Stale Responses</a></h3> 1073 <p id="rfc.section.4.1.4.p.1">A "stale" response is one that either has explicit expiry information or is allowed to have heuristic expiry calculated, but 1074 is not fresh according to the calculations in <a href="#expiration.model" title="Freshness Model">Section 4.1</a>. 1075 </p> 1076 <p id="rfc.section.4.1.4.p.2">A cache <em class="bcp14">MUST NOT</em> return a stale response if it is prohibited by an explicit in-protocol directive (e.g., by a "no-store" or "no-cache" cache 1057 1077 directive, a "must-revalidate" cache-response-directive, or an applicable "s-maxage" or "proxy-revalidate" cache-response-directive; 1058 see <a href="#cache-response-directive" title="Response Cache-Control Directives">Section 3.2.2</a>).1059 </p> 1060 <p id="rfc.section. 2.3.3.p.3">A cache <em class="bcp14">MUST NOT</em> return stale responses unless it is disconnected (i.e., it cannot contact the origin server or otherwise find a forward path)1061 or doing so is explicitly allowed (e.g., by the max-stale request directive; see <a href="#cache-request-directive" title="Request Cache-Control Directives">Section 3.2.1</a>).1062 </p> 1063 <p id="rfc.section. 2.3.3.p.4">A cache <em class="bcp14">SHOULD</em> append a <a href="#header.warning" class="smpl">Warning</a> header field with the 110 warn-code (see <a href="#header.warning" id="rfc.xref.header.warning.1" title="Warning">Section 3.6</a>) to stale responses. Likewise, a cache <em class="bcp14">SHOULD</em> add the 112 warn-code to stale responses if the cache is disconnected.1064 </p> 1065 <p id="rfc.section. 2.3.3.p.5">If a cache receives a first-hand response (either an entire response, or a <a href="p4-conditional.html#status.304" class="smpl">304 (Not Modified)</a> response) that it would normally forward to the requesting client, and the received response is no longer fresh, the cache1078 see <a href="#cache-response-directive" title="Response Cache-Control Directives">Section 7.2.2</a>). 1079 </p> 1080 <p id="rfc.section.4.1.4.p.3">A cache <em class="bcp14">MUST NOT</em> return stale responses unless it is disconnected (i.e., it cannot contact the origin server or otherwise find a forward path) 1081 or doing so is explicitly allowed (e.g., by the max-stale request directive; see <a href="#cache-request-directive" title="Request Cache-Control Directives">Section 7.2.1</a>). 1082 </p> 1083 <p id="rfc.section.4.1.4.p.4">A cache <em class="bcp14">SHOULD</em> append a <a href="#header.warning" class="smpl">Warning</a> header field with the 110 warn-code (see <a href="#header.warning" id="rfc.xref.header.warning.1" title="Warning">Section 7.6</a>) to stale responses. Likewise, a cache <em class="bcp14">SHOULD</em> add the 112 warn-code to stale responses if the cache is disconnected. 1084 </p> 1085 <p id="rfc.section.4.1.4.p.5">If a cache receives a first-hand response (either an entire response, or a <a href="p4-conditional.html#status.304" class="smpl">304 (Not Modified)</a> response) that it would normally forward to the requesting client, and the received response is no longer fresh, the cache 1066 1086 can forward it to the requesting client without adding a new <a href="#header.warning" class="smpl">Warning</a> (but without removing any existing Warning header fields). A cache shouldn't attempt to validate a response simply because 1067 1087 that response became stale in transit. 1068 1088 </p> 1069 <h2 id="rfc.section. 2.4"><a href="#rfc.section.2.4">2.4</a> <a id="validation.model" href="#validation.model">Validation Model</a></h2>1070 <p id="rfc.section. 2.4.p.1">When a cache has one or more stored responses for a requested URI, but cannot serve any of them (e.g., because they are not1071 fresh, or one cannot be selected; see <a href="#caching.negotiated.responses" title=" Caching Negotiated Responses">Section 2.8</a>), it can use the conditional request mechanism <a href="#Part4" id="rfc.xref.Part4.5"><cite title="HTTP/1.1, part 4: Conditional Requests">[Part4]</cite></a> in the forwarded request to give the origin server an opportunity to both select a valid stored response to be used, and to1089 <h2 id="rfc.section.4.2"><a href="#rfc.section.4.2">4.2</a> <a id="validation.model" href="#validation.model">Validation Model</a></h2> 1090 <p id="rfc.section.4.2.p.1">When a cache has one or more stored responses for a requested URI, but cannot serve any of them (e.g., because they are not 1091 fresh, or one cannot be selected; see <a href="#caching.negotiated.responses" title="Using Negotiated Responses">Section 4.3</a>), it can use the conditional request mechanism <a href="#Part4" id="rfc.xref.Part4.5"><cite title="HTTP/1.1, part 4: Conditional Requests">[Part4]</cite></a> in the forwarded request to give the origin server an opportunity to both select a valid stored response to be used, and to 1072 1092 update it. This process is known as "validating" or "revalidating" the stored response. 1073 1093 </p> 1074 <p id="rfc.section. 2.4.p.2">When sending such a conditional request, a cache adds an <a href="p4-conditional.html#header.if-modified-since" class="smpl">If-Modified-Since</a> header field whose value is that of the <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> header field from the selected (see <a href="#caching.negotiated.responses" title="Caching Negotiated Responses">Section 2.8</a>) stored response, if available.1075 </p> 1076 <p id="rfc.section. 2.4.p.3">Additionally, a cache can add an <a href="p4-conditional.html#header.if-none-match" class="smpl">If-None-Match</a> header field whose value is that of the <a href="p4-conditional.html#header.etag" class="smpl">ETag</a> header field(s) from all responses stored for the requested URI, if present. However, if any of the stored responses contains1094 <p id="rfc.section.4.2.p.2">When sending such a conditional request, a cache adds an <a href="p4-conditional.html#header.if-modified-since" class="smpl">If-Modified-Since</a> header field whose value is that of the <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> header field from the selected (see <a href="#caching.negotiated.responses" title="Using Negotiated Responses">Section 4.3</a>) stored response, if available. 1095 </p> 1096 <p id="rfc.section.4.2.p.3">Additionally, a cache can add an <a href="p4-conditional.html#header.if-none-match" class="smpl">If-None-Match</a> header field whose value is that of the <a href="p4-conditional.html#header.etag" class="smpl">ETag</a> header field(s) from all responses stored for the requested URI, if present. However, if any of the stored responses contains 1077 1097 only partial content, the cache shouldn't include its entity-tag in the If-None-Match header field unless the request is for 1078 1098 a range that would be fully satisfied by that stored response. 1079 1099 </p> 1080 <p id="rfc.section. 2.4.p.4">Cache handling of a response to a conditional request is dependent upon its status code:</p>1081 <p id="rfc.section. 2.4.p.5"> </p>1100 <p id="rfc.section.4.2.p.4">Cache handling of a response to a conditional request is dependent upon its status code:</p> 1101 <p id="rfc.section.4.2.p.5"> </p> 1082 1102 <ul> 1083 <li>A <a href="p4-conditional.html#status.304" class="smpl">304 (Not Modified)</a> response status code indicates that the stored response can be updated and reused; see <a href="#freshening.responses" title="Freshening Responses with 304 Not Modified">Section 2.4.1</a>.1103 <li>A <a href="p4-conditional.html#status.304" class="smpl">304 (Not Modified)</a> response status code indicates that the stored response can be updated and reused; see <a href="#freshening.responses" title="Freshening Responses with 304 Not Modified">Section 4.2.1</a>. 1084 1104 </li> 1085 1105 <li>A full response (i.e., one with a response body) indicates that none of the stored responses nominated in the conditional … … 1087 1107 </li> 1088 1108 <li>However, if a cache receives a <a href="p2-semantics.html#status.5xx" class="smpl">5xx (Server Error)</a> response while attempting to validate a response, it can either forward this response to the requesting client, or act as 1089 if the server failed to respond. In the latter case, it can return a previously stored response (see <a href="#serving.stale.responses" title="Serving Stale Responses">Section 2.3.3</a>).1090 </li> 1091 </ul> 1092 <h3 id="rfc.section. 2.4.1"><a href="#rfc.section.2.4.1">2.4.1</a> <a id="freshening.responses" href="#freshening.responses">Freshening Responses with 304 Not Modified</a></h3>1093 <p id="rfc.section. 2.4.1.p.1">When a cache receives a <a href="p4-conditional.html#status.304" class="smpl">304 (Not Modified)</a> response and already has one or more stored <a href="p2-semantics.html#status.200" class="smpl">200 (OK)</a> responses for the same cache key, the cache needs to identify which of the stored responses are updated by this new response1109 if the server failed to respond. In the latter case, it can return a previously stored response (see <a href="#serving.stale.responses" title="Serving Stale Responses">Section 4.1.4</a>). 1110 </li> 1111 </ul> 1112 <h3 id="rfc.section.4.2.1"><a href="#rfc.section.4.2.1">4.2.1</a> <a id="freshening.responses" href="#freshening.responses">Freshening Responses with 304 Not Modified</a></h3> 1113 <p id="rfc.section.4.2.1.p.1">When a cache receives a <a href="p4-conditional.html#status.304" class="smpl">304 (Not Modified)</a> response and already has one or more stored <a href="p2-semantics.html#status.200" class="smpl">200 (OK)</a> responses for the same cache key, the cache needs to identify which of the stored responses are updated by this new response 1094 1114 and then update the stored response(s) with the new information provided in the <a href="p4-conditional.html#status.304" class="smpl">304</a> response. 1095 1115 </p> … … 1106 1126 </li> 1107 1127 </ul> 1108 <p id="rfc.section. 2.4.1.p.2">If a stored response is selected for update, the cache <em class="bcp14">MUST</em>:1128 <p id="rfc.section.4.2.1.p.2">If a stored response is selected for update, the cache <em class="bcp14">MUST</em>: 1109 1129 </p> 1110 1130 <ul> 1111 <li>delete any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 1xx (see <a href="#header.warning" id="rfc.xref.header.warning.2" title="Warning">Section 3.6</a>);1131 <li>delete any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 1xx (see <a href="#header.warning" id="rfc.xref.header.warning.2" title="Warning">Section 7.6</a>); 1112 1132 </li> 1113 1133 <li>retain any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 2xx; and, … … 1116 1136 </li> 1117 1137 </ul> 1118 <h2 id="rfc.section.2.5"><a href="#rfc.section.2.5">2.5</a> <a id="head.effects" href="#head.effects">Updating Caches with HEAD Responses</a></h2> 1119 <p id="rfc.section.2.5.p.1">A response to the HEAD method is identical to what an equivalent request made with a GET would have been, except it lacks 1138 <h2 id="rfc.section.4.3"><a href="#rfc.section.4.3">4.3</a> <a id="caching.negotiated.responses" href="#caching.negotiated.responses">Using Negotiated Responses</a></h2> 1139 <p id="rfc.section.4.3.p.1">When a cache receives a request that can be satisfied by a stored response that has a <a href="#header.vary" class="smpl">Vary</a> header field (<a href="#header.vary" id="rfc.xref.header.vary.1" title="Vary">Section 7.5</a>), it <em class="bcp14">MUST NOT</em> use that response unless all of the selecting header fields nominated by the Vary header field match in both the original 1140 request (i.e., that associated with the stored response), and the presented request. 1141 </p> 1142 <p id="rfc.section.4.3.p.2">The selecting header fields from two requests are defined to match if and only if those in the first request can be transformed 1143 to those in the second request by applying any of the following: 1144 </p> 1145 <ul> 1146 <li>adding or removing whitespace, where allowed in the header field's syntax</li> 1147 <li>combining multiple header fields with the same field name (see <a href="p1-messaging.html#header.fields" title="Header Fields">Section 3.2</a> of <a href="#Part1" id="rfc.xref.Part1.13"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>) 1148 </li> 1149 <li>normalizing both header field values in a way that is known to have identical semantics, according to the header field's specification 1150 (e.g., re-ordering field values when order is not significant; case-normalization, where values are defined to be case-insensitive) 1151 </li> 1152 </ul> 1153 <p id="rfc.section.4.3.p.3">If (after any normalization that might take place) a header field is absent from a request, it can only match another request 1154 if it is also absent there. 1155 </p> 1156 <p id="rfc.section.4.3.p.4">A <a href="#header.vary" class="smpl">Vary</a> header field-value of "*" always fails to match, and subsequent requests to that resource can only be properly interpreted 1157 by the origin server. 1158 </p> 1159 <p id="rfc.section.4.3.p.5">The stored response with matching selecting header fields is known as the selected response.</p> 1160 <p id="rfc.section.4.3.p.6">If multiple selected responses are available, the most recent response (as determined by the <a href="p2-semantics.html#header.date" class="smpl">Date</a> header field) is used; see <a href="#constructing.responses.from.caches" title="Constructing Responses from Caches">Section 4</a>. 1161 </p> 1162 <p id="rfc.section.4.3.p.7">If no selected response is available, the cache can forward the presented request to the origin server in a conditional request; 1163 see <a href="#validation.model" title="Validation Model">Section 4.2</a>. 1164 </p> 1165 <h2 id="rfc.section.4.4"><a href="#rfc.section.4.4">4.4</a> <a id="combining.responses" href="#combining.responses">Combining Partial Content</a></h2> 1166 <p id="rfc.section.4.4.p.1">A response might transfer only a partial representation if the connection closed prematurely or if the request used one or 1167 more Range specifiers (<a href="#Part5" id="rfc.xref.Part5.2"><cite title="HTTP/1.1, part 5: Range Requests and Partial Responses">[Part5]</cite></a>). After several such transfers, a cache might have received several ranges of the same representation. A cache <em class="bcp14">MAY</em> combine these ranges into a single stored response, and reuse that response to satisfy later requests, if they all share the 1168 same strong validator and the cache complies with the client requirements in <a href="p5-range.html#combining.byte.ranges" title="Combining Ranges">Section 4.2</a> of <a href="#Part5" id="rfc.xref.Part5.3"><cite title="HTTP/1.1, part 5: Range Requests and Partial Responses">[Part5]</cite></a>. 1169 </p> 1170 <p id="rfc.section.4.4.p.2">When combining the new response with one or more stored responses, a cache <em class="bcp14">MUST</em>: 1171 </p> 1172 <ul> 1173 <li>delete any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 1xx (see <a href="#header.warning" id="rfc.xref.header.warning.3" title="Warning">Section 7.6</a>); 1174 </li> 1175 <li>retain any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 2xx; and, 1176 </li> 1177 <li>use other header fields provided in the new response, aside from <a href="p5-range.html#header.content-range" class="smpl">Content-Range</a>, to replace all instances of the corresponding header fields in the stored response. 1178 </li> 1179 </ul> 1180 <h1 id="rfc.section.5"><a href="#rfc.section.5">5.</a> <a id="head.effects" href="#head.effects">Updating Caches with HEAD Responses</a></h1> 1181 <p id="rfc.section.5.p.1">A response to the HEAD method is identical to what an equivalent request made with a GET would have been, except it lacks 1120 1182 a body. This property of HEAD responses is used to both invalidate and update cached GET responses. 1121 1183 </p> 1122 <p id="rfc.section. 2.5.p.2">If one or more stored GET responses can be selected (as per <a href="#caching.negotiated.responses" title="Caching Negotiated Responses">Section 2.8</a>) for a HEAD request, and the <a href="p1-messaging.html#header.content-length" class="smpl">Content-Length</a>, <a href="p4-conditional.html#header.etag" class="smpl">ETag</a> or <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> value of a HEAD response differs from that in a selected GET response, the cache <em class="bcp14">MUST</em> consider that selected response to be stale.1123 </p> 1124 <p id="rfc.section. 2.5.p.3">If the <a href="p1-messaging.html#header.content-length" class="smpl">Content-Length</a>, <a href="p4-conditional.html#header.etag" class="smpl">ETag</a> and <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> values of a HEAD response (when present) are the same as that in a selected GET response (as per <a href="#caching.negotiated.responses" title="Caching Negotiated Responses">Section 2.8</a>), the cache <em class="bcp14">SHOULD</em> update the remaining headers in the stored response using the following rules:1184 <p id="rfc.section.5.p.2">If one or more stored GET responses can be selected (as per <a href="#caching.negotiated.responses" title="Using Negotiated Responses">Section 4.3</a>) for a HEAD request, and the <a href="p1-messaging.html#header.content-length" class="smpl">Content-Length</a>, <a href="p4-conditional.html#header.etag" class="smpl">ETag</a> or <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> value of a HEAD response differs from that in a selected GET response, the cache <em class="bcp14">MUST</em> consider that selected response to be stale. 1185 </p> 1186 <p id="rfc.section.5.p.3">If the <a href="p1-messaging.html#header.content-length" class="smpl">Content-Length</a>, <a href="p4-conditional.html#header.etag" class="smpl">ETag</a> and <a href="p4-conditional.html#header.last-modified" class="smpl">Last-Modified</a> values of a HEAD response (when present) are the same as that in a selected GET response (as per <a href="#caching.negotiated.responses" title="Using Negotiated Responses">Section 4.3</a>), the cache <em class="bcp14">SHOULD</em> update the remaining headers in the stored response using the following rules: 1125 1187 </p> 1126 1188 <ul> 1127 <li>delete any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 1xx (see <a href="#header.warning" id="rfc.xref.header.warning. 3" title="Warning">Section 3.6</a>);1189 <li>delete any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 1xx (see <a href="#header.warning" id="rfc.xref.header.warning.4" title="Warning">Section 7.6</a>); 1128 1190 </li> 1129 1191 <li>retain any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 2xx; and, … … 1133 1195 </li> 1134 1196 </ul> 1135 <h 2 id="rfc.section.2.6"><a href="#rfc.section.2.6">2.6</a> <a id="invalidation.after.updates.or.deletions" href="#invalidation.after.updates.or.deletions">Request Methods that Invalidate</a></h2>1136 <p id="rfc.section. 2.6.p.1">Because unsafe request methods (<a href="p2-semantics.html#safe.methods" title="Safe Methods">Section 2.1.1</a> of <a href="#Part2" id="rfc.xref.Part2.6"><cite title="HTTP/1.1, part 2: Message Semantics, Payload and Content Negotiation">[Part2]</cite></a>) such as PUT, POST or DELETE have the potential for changing state on the origin server, intervening caches can use them1197 <h1 id="rfc.section.6"><a href="#rfc.section.6">6.</a> <a id="invalidation.after.updates.or.deletions" href="#invalidation.after.updates.or.deletions">Request Methods that Invalidate</a></h1> 1198 <p id="rfc.section.6.p.1">Because unsafe request methods (<a href="p2-semantics.html#safe.methods" title="Safe Methods">Section 2.1.1</a> of <a href="#Part2" id="rfc.xref.Part2.6"><cite title="HTTP/1.1, part 2: Message Semantics, Payload and Content Negotiation">[Part2]</cite></a>) such as PUT, POST or DELETE have the potential for changing state on the origin server, intervening caches can use them 1137 1199 to keep their contents up-to-date. 1138 1200 </p> 1139 <p id="rfc.section. 2.6.p.2">A cache <em class="bcp14">MUST</em> invalidate the effective Request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 5.5</a> of <a href="#Part1" id="rfc.xref.Part1.13"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>) as well as the URI(s) in the <a href="p2-semantics.html#header.location" class="smpl">Location</a> and <a href="p2-semantics.html#header.content-location" class="smpl">Content-Location</a> response header fields (if present) when a non-error response to a request with an unsafe method is received.1140 </p> 1141 <p id="rfc.section. 2.6.p.3">However, a cache <em class="bcp14">MUST NOT</em> invalidate a URI from a <a href="p2-semantics.html#header.location" class="smpl">Location</a> or <a href="p2-semantics.html#header.content-location" class="smpl">Content-Location</a> response header field if the host part of that URI differs from the host part in the effective request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 5.5</a> of <a href="#Part1" id="rfc.xref.Part1.14"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>). This helps prevent denial of service attacks.1142 </p> 1143 <p id="rfc.section. 2.6.p.4">A cache <em class="bcp14">MUST</em> invalidate the effective request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 5.5</a> of <a href="#Part1" id="rfc.xref.Part1.15"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>) when it receives a non-error response to a request with a method whose safety is unknown.1144 </p> 1145 <p id="rfc.section. 2.6.p.5">Here, a "non-error response" is one with a <a href="p2-semantics.html#status.2xx" class="smpl">2xx (Successful)</a> or <a href="p2-semantics.html#status.3xx" class="smpl">3xx (Redirection)</a> status code. "Invalidate" means that the cache will either remove all stored responses related to the effective request URI,1201 <p id="rfc.section.6.p.2">A cache <em class="bcp14">MUST</em> invalidate the effective Request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 5.5</a> of <a href="#Part1" id="rfc.xref.Part1.14"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>) as well as the URI(s) in the <a href="p2-semantics.html#header.location" class="smpl">Location</a> and <a href="p2-semantics.html#header.content-location" class="smpl">Content-Location</a> response header fields (if present) when a non-error response to a request with an unsafe method is received. 1202 </p> 1203 <p id="rfc.section.6.p.3">However, a cache <em class="bcp14">MUST NOT</em> invalidate a URI from a <a href="p2-semantics.html#header.location" class="smpl">Location</a> or <a href="p2-semantics.html#header.content-location" class="smpl">Content-Location</a> response header field if the host part of that URI differs from the host part in the effective request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 5.5</a> of <a href="#Part1" id="rfc.xref.Part1.15"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>). This helps prevent denial of service attacks. 1204 </p> 1205 <p id="rfc.section.6.p.4">A cache <em class="bcp14">MUST</em> invalidate the effective request URI (<a href="p1-messaging.html#effective.request.uri" title="Effective Request URI">Section 5.5</a> of <a href="#Part1" id="rfc.xref.Part1.16"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>) when it receives a non-error response to a request with a method whose safety is unknown. 1206 </p> 1207 <p id="rfc.section.6.p.5">Here, a "non-error response" is one with a <a href="p2-semantics.html#status.2xx" class="smpl">2xx (Successful)</a> or <a href="p2-semantics.html#status.3xx" class="smpl">3xx (Redirection)</a> status code. "Invalidate" means that the cache will either remove all stored responses related to the effective request URI, 1146 1208 or will mark these as "invalid" and in need of a mandatory validation before they can be returned in response to a subsequent 1147 1209 request. 1148 1210 </p> 1149 <p id="rfc.section. 2.6.p.6">Note that this does not guarantee that all appropriate responses are invalidated. For example, the request that caused the1211 <p id="rfc.section.6.p.6">Note that this does not guarantee that all appropriate responses are invalidated. For example, the request that caused the 1150 1212 change at the origin server might not have gone through the cache where a response is stored. 1151 1213 </p> 1152 <h2 id="rfc.section.2.7"><a href="#rfc.section.2.7">2.7</a> <a id="caching.authenticated.responses" href="#caching.authenticated.responses">Shared Caching of Authenticated Responses</a></h2> 1153 <p id="rfc.section.2.7.p.1">A shared cache <em class="bcp14">MUST NOT</em> use a cached response to a request with an <a href="p7-auth.html#header.authorization" class="smpl">Authorization</a> header field (<a href="p7-auth.html#header.authorization" title="Authorization">Section 4.1</a> of <a href="#Part7" id="rfc.xref.Part7.2"><cite title="HTTP/1.1, part 7: Authentication">[Part7]</cite></a>) to satisfy any subsequent request unless a cache directive that allows such responses to be stored is present in the response. 1154 </p> 1155 <p id="rfc.section.2.7.p.2">In this specification, the following <a href="#header.cache-control" class="smpl">Cache-Control</a> response directives (<a href="#cache-response-directive" title="Response Cache-Control Directives">Section 3.2.2</a>) have such an effect: must-revalidate, public, s-maxage. 1156 </p> 1157 <p id="rfc.section.2.7.p.3">Note that cached responses that contain the "must-revalidate" and/or "s-maxage" response directives are not allowed to be 1158 served stale (<a href="#serving.stale.responses" title="Serving Stale Responses">Section 2.3.3</a>) by shared caches. In particular, a response with either "max-age=0, must-revalidate" or "s-maxage=0" cannot be used to satisfy 1159 a subsequent request without revalidating it on the origin server. 1160 </p> 1161 <h2 id="rfc.section.2.8"><a href="#rfc.section.2.8">2.8</a> <a id="caching.negotiated.responses" href="#caching.negotiated.responses">Caching Negotiated Responses</a></h2> 1162 <p id="rfc.section.2.8.p.1">When a cache receives a request that can be satisfied by a stored response that has a <a href="#header.vary" class="smpl">Vary</a> header field (<a href="#header.vary" id="rfc.xref.header.vary.1" title="Vary">Section 3.5</a>), it <em class="bcp14">MUST NOT</em> use that response unless all of the selecting header fields nominated by the Vary header field match in both the original 1163 request (i.e., that associated with the stored response), and the presented request. 1164 </p> 1165 <p id="rfc.section.2.8.p.2">The selecting header fields from two requests are defined to match if and only if those in the first request can be transformed 1166 to those in the second request by applying any of the following: 1167 </p> 1168 <ul> 1169 <li>adding or removing whitespace, where allowed in the header field's syntax</li> 1170 <li>combining multiple header fields with the same field name (see <a href="p1-messaging.html#header.fields" title="Header Fields">Section 3.2</a> of <a href="#Part1" id="rfc.xref.Part1.16"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>) 1171 </li> 1172 <li>normalizing both header field values in a way that is known to have identical semantics, according to the header field's specification 1173 (e.g., re-ordering field values when order is not significant; case-normalization, where values are defined to be case-insensitive) 1174 </li> 1175 </ul> 1176 <p id="rfc.section.2.8.p.3">If (after any normalization that might take place) a header field is absent from a request, it can only match another request 1177 if it is also absent there. 1178 </p> 1179 <p id="rfc.section.2.8.p.4">A <a href="#header.vary" class="smpl">Vary</a> header field-value of "*" always fails to match, and subsequent requests to that resource can only be properly interpreted 1180 by the origin server. 1181 </p> 1182 <p id="rfc.section.2.8.p.5">The stored response with matching selecting header fields is known as the selected response.</p> 1183 <p id="rfc.section.2.8.p.6">If multiple selected responses are available, the most recent response (as determined by the <a href="p2-semantics.html#header.date" class="smpl">Date</a> header field) is used; see <a href="#constructing.responses.from.caches" title="Constructing Responses from Caches">Section 2.2</a>. 1184 </p> 1185 <p id="rfc.section.2.8.p.7">If no selected response is available, the cache can forward the presented request to the origin server in a conditional request; 1186 see <a href="#validation.model" title="Validation Model">Section 2.4</a>. 1187 </p> 1188 <h2 id="rfc.section.2.9"><a href="#rfc.section.2.9">2.9</a> <a id="combining.responses" href="#combining.responses">Combining Partial Content</a></h2> 1189 <p id="rfc.section.2.9.p.1">A response might transfer only a partial representation if the connection closed prematurely or if the request used one or 1190 more Range specifiers (<a href="#Part5" id="rfc.xref.Part5.2"><cite title="HTTP/1.1, part 5: Range Requests and Partial Responses">[Part5]</cite></a>). After several such transfers, a cache might have received several ranges of the same representation. A cache <em class="bcp14">MAY</em> combine these ranges into a single stored response, and reuse that response to satisfy later requests, if they all share the 1191 same strong validator and the cache complies with the client requirements in <a href="p5-range.html#combining.byte.ranges" title="Combining Ranges">Section 4.2</a> of <a href="#Part5" id="rfc.xref.Part5.3"><cite title="HTTP/1.1, part 5: Range Requests and Partial Responses">[Part5]</cite></a>. 1192 </p> 1193 <p id="rfc.section.2.9.p.2">When combining the new response with one or more stored responses, a cache <em class="bcp14">MUST</em>: 1194 </p> 1195 <ul> 1196 <li>delete any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 1xx (see <a href="#header.warning" id="rfc.xref.header.warning.4" title="Warning">Section 3.6</a>); 1197 </li> 1198 <li>retain any <a href="#header.warning" class="smpl">Warning</a> header fields in the stored response with warn-code 2xx; and, 1199 </li> 1200 <li>use other header fields provided in the new response, aside from <a href="p5-range.html#header.content-range" class="smpl">Content-Range</a>, to replace all instances of the corresponding header fields in the stored response. 1201 </li> 1202 </ul> 1203 <h1 id="rfc.section.3"><a href="#rfc.section.3">3.</a> <a id="header.field.definitions" href="#header.field.definitions">Header Field Definitions</a></h1> 1204 <p id="rfc.section.3.p.1">This section defines the syntax and semantics of HTTP/1.1 header fields related to caching.</p> 1214 <h1 id="rfc.section.7"><a href="#rfc.section.7">7.</a> <a id="header.field.definitions" href="#header.field.definitions">Header Field Definitions</a></h1> 1215 <p id="rfc.section.7.p.1">This section defines the syntax and semantics of HTTP/1.1 header fields related to caching.</p> 1205 1216 <div id="rfc.iref.a.2"></div> 1206 1217 <div id="rfc.iref.h.2"></div> 1207 <h2 id="rfc.section. 3.1"><a href="#rfc.section.3.1">3.1</a> <a id="header.age" href="#header.age">Age</a></h2>1208 <p id="rfc.section. 3.1.p.1">The "Age" header field conveys the sender's estimate of the amount of time since the response was generated or successfully1209 validated at the origin server. Age values are calculated as specified in <a href="#age.calculations" title="Calculating Age">Section 2.3.2</a>.1218 <h2 id="rfc.section.7.1"><a href="#rfc.section.7.1">7.1</a> <a id="header.age" href="#header.age">Age</a></h2> 1219 <p id="rfc.section.7.1.p.1">The "Age" header field conveys the sender's estimate of the amount of time since the response was generated or successfully 1220 validated at the origin server. Age values are calculated as specified in <a href="#age.calculations" title="Calculating Age">Section 4.1.3</a>. 1210 1221 </p> 1211 1222 <div id="rfc.figure.u.8"></div><pre class="inline"><span id="rfc.iref.g.2"></span> <a href="#header.age" class="smpl">Age</a> = <a href="#delta-seconds" class="smpl">delta-seconds</a> 1212 </pre><p id="rfc.section. 3.1.p.3">Age field-values are non-negative integers, representing time in seconds (see <a href="#delta-seconds" title="Delta Seconds">Section 1.4.3</a>).1213 </p> 1214 <p id="rfc.section. 3.1.p.4">The presence of an Age header field in a response implies that a response is not first-hand. However, the converse is not1223 </pre><p id="rfc.section.7.1.p.3">Age field-values are non-negative integers, representing time in seconds (see <a href="#delta-seconds" title="Delta Seconds">Section 1.4.3</a>). 1224 </p> 1225 <p id="rfc.section.7.1.p.4">The presence of an Age header field in a response implies that a response is not first-hand. However, the converse is not 1215 1226 true, since HTTP/1.0 caches might not implement the Age header field. 1216 1227 </p> 1217 1228 <div id="rfc.iref.c.6"></div> 1218 1229 <div id="rfc.iref.h.3"></div> 1219 <h2 id="rfc.section. 3.2"><a href="#rfc.section.3.2">3.2</a> <a id="header.cache-control" href="#header.cache-control">Cache-Control</a></h2>1220 <p id="rfc.section. 3.2.p.1">The "Cache-Control" header field is used to specify directives for caches along the request/response chain. Such cache directives1230 <h2 id="rfc.section.7.2"><a href="#rfc.section.7.2">7.2</a> <a id="header.cache-control" href="#header.cache-control">Cache-Control</a></h2> 1231 <p id="rfc.section.7.2.p.1">The "Cache-Control" header field is used to specify directives for caches along the request/response chain. Such cache directives 1221 1232 are unidirectional in that the presence of a directive in a request does not imply that the same directive is to be given 1222 1233 in the response. 1223 1234 </p> 1224 <p id="rfc.section. 3.2.p.2">A cache <em class="bcp14">MUST</em> obey the requirements of the Cache-Control directives defined in this section. See <a href="#cache.control.extensions" title="Cache Control Extensions">Section 3.2.3</a> for information about how Cache-Control directives defined elsewhere are handled.1225 </p> 1226 <div class="note" id="rfc.section. 3.2.p.3">1227 <p> <b>Note:</b> HTTP/1.0 caches might not implement Cache-Control and might only implement Pragma: no-cache (see <a href="#header.pragma" id="rfc.xref.header.pragma.2" title="Pragma">Section 3.4</a>).1235 <p id="rfc.section.7.2.p.2">A cache <em class="bcp14">MUST</em> obey the requirements of the Cache-Control directives defined in this section. See <a href="#cache.control.extensions" title="Cache Control Extensions">Section 7.2.3</a> for information about how Cache-Control directives defined elsewhere are handled. 1236 </p> 1237 <div class="note" id="rfc.section.7.2.p.3"> 1238 <p> <b>Note:</b> HTTP/1.0 caches might not implement Cache-Control and might only implement Pragma: no-cache (see <a href="#header.pragma" id="rfc.xref.header.pragma.2" title="Pragma">Section 7.4</a>). 1228 1239 </p> 1229 1240 </div> 1230 <p id="rfc.section. 3.2.p.4">A proxy, whether or not it implements a cache, <em class="bcp14">MUST</em> pass cache directives through in forwarded messages, regardless of their significance to that application, since the directives1241 <p id="rfc.section.7.2.p.4">A proxy, whether or not it implements a cache, <em class="bcp14">MUST</em> pass cache directives through in forwarded messages, regardless of their significance to that application, since the directives 1231 1242 might be applicable to all recipients along the request/response chain. It is not possible to target a directive to a specific 1232 1243 cache. 1233 1244 </p> 1234 <p id="rfc.section. 3.2.p.5">Cache directives are identified by a token, to be compared case-insensitively, and have an optional argument, that can use1245 <p id="rfc.section.7.2.p.5">Cache directives are identified by a token, to be compared case-insensitively, and have an optional argument, that can use 1235 1246 both token and quoted-string syntax. For the directives defined below that define arguments, recipients ought to accept both 1236 1247 forms, even if one is documented to be preferred. For any directive not defined by this specification, recipients <em class="bcp14">MUST</em> accept both forms. … … 1239 1250 1240 1251 <a href="#header.cache-control" class="smpl">cache-directive</a> = <a href="#core.rules" class="smpl">token</a> [ "=" ( <a href="#core.rules" class="smpl">token</a> / <a href="#core.rules" class="smpl">quoted-string</a> ) ] 1241 </pre><p id="rfc.section. 3.2.p.7">For the cache directives defined below, no argument is defined (nor allowed) otherwise stated otherwise.</p>1242 <h3 id="rfc.section. 3.2.1"><a href="#rfc.section.3.2.1">3.2.1</a> <a id="cache-request-directive" href="#cache-request-directive">Request Cache-Control Directives</a></h3>1252 </pre><p id="rfc.section.7.2.p.7">For the cache directives defined below, no argument is defined (nor allowed) otherwise stated otherwise.</p> 1253 <h3 id="rfc.section.7.2.1"><a href="#rfc.section.7.2.1">7.2.1</a> <a id="cache-request-directive" href="#cache-request-directive">Request Cache-Control Directives</a></h3> 1243 1254 <div id="rfc.iref.c.7"></div> 1244 1255 <div id="rfc.iref.n.1"></div> 1245 <h4 id="rfc.section. 3.2.1.1"><a href="#rfc.section.3.2.1.1">3.2.1.1</a> <a id="cache-request-directive.no-cache" href="#cache-request-directive.no-cache">no-cache</a></h4>1246 <p id="rfc.section. 3.2.1.1.p.1">The no-cache request directive indicates that a cache <em class="bcp14">MUST NOT</em> use a stored response to satisfy the request without successful validation on the origin server.1256 <h4 id="rfc.section.7.2.1.1"><a href="#rfc.section.7.2.1.1">7.2.1.1</a> <a id="cache-request-directive.no-cache" href="#cache-request-directive.no-cache">no-cache</a></h4> 1257 <p id="rfc.section.7.2.1.1.p.1">The no-cache request directive indicates that a cache <em class="bcp14">MUST NOT</em> use a stored response to satisfy the request without successful validation on the origin server. 1247 1258 </p> 1248 1259 <div id="rfc.iref.c.8"></div> 1249 1260 <div id="rfc.iref.n.2"></div> 1250 <h4 id="rfc.section. 3.2.1.2"><a href="#rfc.section.3.2.1.2">3.2.1.2</a> <a id="cache-request-directive.no-store" href="#cache-request-directive.no-store">no-store</a></h4>1251 <p id="rfc.section. 3.2.1.2.p.1">The no-store request directive indicates that a cache <em class="bcp14">MUST NOT</em> store any part of either this request or any response to it. This directive applies to both private and shared caches. "<em class="bcp14">MUST NOT</em> store" in this context means that the cache <em class="bcp14">MUST NOT</em> intentionally store the information in non-volatile storage, and <em class="bcp14">MUST</em> make a best-effort attempt to remove the information from volatile storage as promptly as possible after forwarding it.1252 </p> 1253 <p id="rfc.section. 3.2.1.2.p.2">This directive is NOT a reliable or sufficient mechanism for ensuring privacy. In particular, malicious or compromised caches1261 <h4 id="rfc.section.7.2.1.2"><a href="#rfc.section.7.2.1.2">7.2.1.2</a> <a id="cache-request-directive.no-store" href="#cache-request-directive.no-store">no-store</a></h4> 1262 <p id="rfc.section.7.2.1.2.p.1">The no-store request directive indicates that a cache <em class="bcp14">MUST NOT</em> store any part of either this request or any response to it. This directive applies to both private and shared caches. "<em class="bcp14">MUST NOT</em> store" in this context means that the cache <em class="bcp14">MUST NOT</em> intentionally store the information in non-volatile storage, and <em class="bcp14">MUST</em> make a best-effort attempt to remove the information from volatile storage as promptly as possible after forwarding it. 1263 </p> 1264 <p id="rfc.section.7.2.1.2.p.2">This directive is NOT a reliable or sufficient mechanism for ensuring privacy. In particular, malicious or compromised caches 1254 1265 might not recognize or obey this directive, and communications networks might be vulnerable to eavesdropping. 1255 1266 </p> 1256 <p id="rfc.section. 3.2.1.2.p.3">Note that if a request containing this directive is satisfied from a cache, the no-store request directive does not apply1267 <p id="rfc.section.7.2.1.2.p.3">Note that if a request containing this directive is satisfied from a cache, the no-store request directive does not apply 1257 1268 to the already stored response. 1258 1269 </p> 1259 1270 <div id="rfc.iref.c.9"></div> 1260 1271 <div id="rfc.iref.m.1"></div> 1261 <h4 id="rfc.section. 3.2.1.3"><a href="#rfc.section.3.2.1.3">3.2.1.3</a> <a id="cache-request-directive.max-age" href="#cache-request-directive.max-age">max-age</a></h4>1262 <p id="rfc.section. 3.2.1.3.p.1">Argument syntax: </p>1272 <h4 id="rfc.section.7.2.1.3"><a href="#rfc.section.7.2.1.3">7.2.1.3</a> <a id="cache-request-directive.max-age" href="#cache-request-directive.max-age">max-age</a></h4> 1273 <p id="rfc.section.7.2.1.3.p.1">Argument syntax: </p> 1263 1274 <ul class="empty"> 1264 1275 <li> <a href="#delta-seconds" class="smpl">delta-seconds</a> (see <a href="#delta-seconds" title="Delta Seconds">Section 1.4.3</a>) 1265 1276 </li> 1266 1277 </ul> 1267 <p id="rfc.section. 3.2.1.3.p.2">The max-age request directive indicates that the client is unwilling to accept a response whose age is greater than the specified1278 <p id="rfc.section.7.2.1.3.p.2">The max-age request directive indicates that the client is unwilling to accept a response whose age is greater than the specified 1268 1279 number of seconds. Unless the max-stale request directive is also present, the client is not willing to accept a stale response. 1269 1280 </p> 1270 <p id="rfc.section. 3.2.1.3.p.3"> <b>Note:</b> This directive uses the token form of the argument syntax; e.g., 'max-age=5', not 'max-age="5"'. Senders <em class="bcp14">SHOULD NOT</em> use the quoted-string form.1281 <p id="rfc.section.7.2.1.3.p.3"> <b>Note:</b> This directive uses the token form of the argument syntax; e.g., 'max-age=5', not 'max-age="5"'. Senders <em class="bcp14">SHOULD NOT</em> use the quoted-string form. 1271 1282 </p> 1272 1283 <div id="rfc.iref.c.10"></div> 1273 1284 <div id="rfc.iref.m.2"></div> 1274 <h4 id="rfc.section. 3.2.1.4"><a href="#rfc.section.3.2.1.4">3.2.1.4</a> <a id="cache-request-directive.max-stale" href="#cache-request-directive.max-stale">max-stale</a></h4>1275 <p id="rfc.section. 3.2.1.4.p.1">Argument syntax: </p>1285 <h4 id="rfc.section.7.2.1.4"><a href="#rfc.section.7.2.1.4">7.2.1.4</a> <a id="cache-request-directive.max-stale" href="#cache-request-directive.max-stale">max-stale</a></h4> 1286 <p id="rfc.section.7.2.1.4.p.1">Argument syntax: </p> 1276 1287 <ul class="empty"> 1277 1288 <li> <a href="#delta-seconds" class="smpl">delta-seconds</a> (see <a href="#delta-seconds" title="Delta Seconds">Section 1.4.3</a>) 1278 1289 </li> 1279 1290 </ul> 1280 <p id="rfc.section. 3.2.1.4.p.2">The max-stale request directive indicates that the client is willing to accept a response that has exceeded its expiration1291 <p id="rfc.section.7.2.1.4.p.2">The max-stale request directive indicates that the client is willing to accept a response that has exceeded its expiration 1281 1292 time. If max-stale is assigned a value, then the client is willing to accept a response that has exceeded its expiration time 1282 1293 by no more than the specified number of seconds. If no value is assigned to max-stale, then the client is willing to accept 1283 1294 a stale response of any age. 1284 1295 </p> 1285 <p id="rfc.section. 3.2.1.4.p.3"> <b>Note:</b> This directive uses the token form of the argument syntax; e.g., 'max-stale=10', not 'max-stale="10"'. Senders <em class="bcp14">SHOULD NOT</em> use the quoted-string form.1296 <p id="rfc.section.7.2.1.4.p.3"> <b>Note:</b> This directive uses the token form of the argument syntax; e.g., 'max-stale=10', not 'max-stale="10"'. Senders <em class="bcp14">SHOULD NOT</em> use the quoted-string form. 1286 1297 </p> 1287 1298 <div id="rfc.iref.c.11"></div> 1288 1299 <div id="rfc.iref.m.3"></div> 1289 <h4 id="rfc.section. 3.2.1.5"><a href="#rfc.section.3.2.1.5">3.2.1.5</a> <a id="cache-request-directive.min-fresh" href="#cache-request-directive.min-fresh">min-fresh</a></h4>1290 <p id="rfc.section. 3.2.1.5.p.1">Argument syntax: </p>1300 <h4 id="rfc.section.7.2.1.5"><a href="#rfc.section.7.2.1.5">7.2.1.5</a> <a id="cache-request-directive.min-fresh" href="#cache-request-directive.min-fresh">min-fresh</a></h4> 1301 <p id="rfc.section.7.2.1.5.p.1">Argument syntax: </p> 1291 1302 <ul class="empty"> 1292 1303 <li> <a href="#delta-seconds" class="smpl">delta-seconds</a> (see <a href="#delta-seconds" title="Delta Seconds">Section 1.4.3</a>) 1293 1304 </li> 1294 1305 </ul> 1295 <p id="rfc.section. 3.2.1.5.p.2">The min-fresh request directive indicates that the client is willing to accept a response whose freshness lifetime is no less1306 <p id="rfc.section.7.2.1.5.p.2">The min-fresh request directive indicates that the client is willing to accept a response whose freshness lifetime is no less 1296 1307 than its current age plus the specified time in seconds. That is, the client wants a response that will still be fresh for 1297 1308 at least the specified number of seconds. 1298 1309 </p> 1299 <p id="rfc.section. 3.2.1.5.p.3"> <b>Note:</b> This directive uses the token form of the argument syntax; e.g., 'min-fresh=20', not 'min-fresh="20"'. Senders <em class="bcp14">SHOULD NOT</em> use the quoted-string form.1310 <p id="rfc.section.7.2.1.5.p.3"> <b>Note:</b> This directive uses the token form of the argument syntax; e.g., 'min-fresh=20', not 'min-fresh="20"'. Senders <em class="bcp14">SHOULD NOT</em> use the quoted-string form. 1300 1311 </p> 1301 1312 <div id="rfc.iref.c.12"></div> 1302 1313 <div id="rfc.iref.n.3"></div> 1303 <h4 id="rfc.section. 3.2.1.6"><a href="#rfc.section.3.2.1.6">3.2.1.6</a> <a id="cache-request-directive.no-transform" href="#cache-request-directive.no-transform">no-transform</a></h4>1304 <p id="rfc.section. 3.2.1.6.p.1">The no-transform request directive indicates that an intermediary (whether or not it implements a cache) <em class="bcp14">MUST NOT</em> change the <a href="p2-semantics.html#header.content-encoding" class="smpl">Content-Encoding</a>, <a href="p5-range.html#header.content-range" class="smpl">Content-Range</a> or <a href="p2-semantics.html#header.content-type" class="smpl">Content-Type</a> request header fields, nor the request representation.1314 <h4 id="rfc.section.7.2.1.6"><a href="#rfc.section.7.2.1.6">7.2.1.6</a> <a id="cache-request-directive.no-transform" href="#cache-request-directive.no-transform">no-transform</a></h4> 1315 <p id="rfc.section.7.2.1.6.p.1">The no-transform request directive indicates that an intermediary (whether or not it implements a cache) <em class="bcp14">MUST NOT</em> change the <a href="p2-semantics.html#header.content-encoding" class="smpl">Content-Encoding</a>, <a href="p5-range.html#header.content-range" class="smpl">Content-Range</a> or <a href="p2-semantics.html#header.content-type" class="smpl">Content-Type</a> request header fields, nor the request representation. 1305 1316 </p> 1306 1317 <div id="rfc.iref.c.13"></div> 1307 1318 <div id="rfc.iref.o.1"></div> 1308 <h4 id="rfc.section. 3.2.1.7"><a href="#rfc.section.3.2.1.7">3.2.1.7</a> <a id="cache-request-directive.only-if-cached" href="#cache-request-directive.only-if-cached">only-if-cached</a></h4>1309 <p id="rfc.section. 3.2.1.7.p.1">The only-if-cached request directive indicates that the client only wishes to obtain a stored response. If it receives 3ive,1310 a cache <em class="bcp14">SHOULD</em> either respond using a stored response that is consistent with the other constraints of the request, or respond with a <a href="p2-semantics.html#status.504" class="smpl">504 1311 (GatewayTimeout)</a> status code. If a group of caches is being operated as a unified system with good internal connectivity, a member cache <em class="bcp14">MAY</em> forward such a request within that group of caches.1312 </p> 1313 <h3 id="rfc.section. 3.2.2"><a href="#rfc.section.3.2.2">3.2.2</a> <a id="cache-response-directive" href="#cache-response-directive">Response Cache-Control Directives</a></h3>1319 <h4 id="rfc.section.7.2.1.7"><a href="#rfc.section.7.2.1.7">7.2.1.7</a> <a id="cache-request-directive.only-if-cached" href="#cache-request-directive.only-if-cached">only-if-cached</a></h4> 1320 <p id="rfc.section.7.2.1.7.p.1">The only-if-cached request directive indicates that the client only wishes to obtain a stored response. If it receives 3ive, 1321 a cache <em class="bcp14">SHOULD</em> either respond using a stored response that is consistent with the other constraints of the request, or respond with a <a href="p2-semantics.html#status.504" class="smpl">504 (Gateway 1322 Timeout)</a> status code. If a group of caches is being operated as a unified system with good internal connectivity, a member cache <em class="bcp14">MAY</em> forward such a request within that group of caches. 1323 </p> 1324 <h3 id="rfc.section.7.2.2"><a href="#rfc.section.7.2.2">7.2.2</a> <a id="cache-response-directive" href="#cache-response-directive">Response Cache-Control Directives</a></h3> 1314 1325 <div id="rfc.iref.c.14"></div> 1315 1326 <div id="rfc.iref.p.2"></div> 1316 <h4 id="rfc.section. 3.2.2.1"><a href="#rfc.section.3.2.2.1">3.2.2.1</a> <a id="cache-response-directive.only-if-cached" href="#cache-response-directive.only-if-cached">public</a></h4>1317 <p id="rfc.section. 3.2.2.1.p.1">The public response directive indicates that a response whose associated request contains an 'Authentication' header <em class="bcp14">MAY</em> be stored (see <a href="#caching.authenticated.responses" title="Shared Caching of Authenticated Responses">Section 2.7</a>).1327 <h4 id="rfc.section.7.2.2.1"><a href="#rfc.section.7.2.2.1">7.2.2.1</a> <a id="cache-response-directive.only-if-cached" href="#cache-response-directive.only-if-cached">public</a></h4> 1328 <p id="rfc.section.7.2.2.1.p.1">The public response directive indicates that a response whose associated request contains an 'Authentication' header <em class="bcp14">MAY</em> be stored (see <a href="#caching.authenticated.responses" title="Storing Responses to Authenticated Requests">Section 3.2</a>). 1318 1329 </p> 1319 1330 <div id="rfc.iref.c.15"></div> 1320 1331 <div id="rfc.iref.p.3"></div> 1321 <h4 id="rfc.section. 3.2.2.2"><a href="#rfc.section.3.2.2.2">3.2.2.2</a> <a id="cache-response-directive.private" href="#cache-response-directive.private">private</a></h4>1322 <p id="rfc.section. 3.2.2.2.p.1">Argument syntax: </p>1332 <h4 id="rfc.section.7.2.2.2"><a href="#rfc.section.7.2.2.2">7.2.2.2</a> <a id="cache-response-directive.private" href="#cache-response-directive.private">private</a></h4> 1333 <p id="rfc.section.7.2.2.2.p.1">Argument syntax: </p> 1323 1334 <ul class="empty"> 1324 1335 <li>#<a href="#abnf.dependencies" class="smpl">field-name</a> 1325 1336 </li> 1326 1337 </ul> 1327 <p id="rfc.section. 3.2.2.2.p.2">The private response directive indicates that the response message is intended for a single user and <em class="bcp14">MUST NOT</em> be stored by a shared cache. A private cache <em class="bcp14">MAY</em> store the response.1328 </p> 1329 <p id="rfc.section. 3.2.2.2.p.3">If the private response directive specifies one or more field-names, this requirement is limited to the field-values associated1338 <p id="rfc.section.7.2.2.2.p.2">The private response directive indicates that the response message is intended for a single user and <em class="bcp14">MUST NOT</em> be stored by a shared cache. A private cache <em class="bcp14">MAY</em> store the response. 1339 </p> 1340 <p id="rfc.section.7.2.2.2.p.3">If the private response directive specifies one or more field-names, this requirement is limited to the field-values associated 1330 1341 with the listed response header fields. That is, a shared cache <em class="bcp14">MUST NOT</em> store the specified field-names(s), whereas it <em class="bcp14">MAY</em> store the remainder of the response message. 1331 1342 </p> 1332 <p id="rfc.section. 3.2.2.2.p.4">The field-names given are not limited to the set of standard header fields defined by this specification. Field names are1343 <p id="rfc.section.7.2.2.2.p.4">The field-names given are not limited to the set of standard header fields defined by this specification. Field names are 1333 1344 case-insensitive. 1334 1345 </p> 1335 <p id="rfc.section. 3.2.2.2.p.5"> <b>Note:</b> This usage of the word "private" only controls where the response can be stored; it cannot ensure the privacy of the message1346 <p id="rfc.section.7.2.2.2.p.5"> <b>Note:</b> This usage of the word "private" only controls where the response can be stored; it cannot ensure the privacy of the message 1336 1347 content. Also, private response directives with field-names are often handled by implementations as if an unqualified private 1337 1348 directive was received; i.e., the special handling for the qualified form is not widely implemented. 1338 1349 </p> 1339 <p id="rfc.section. 3.2.2.2.p.6"> <b>Note:</b> This directive uses the quoted-string form of the argument syntax. Senders <em class="bcp14">SHOULD NOT</em> use the token form (even if quoting appears not to be needed for single-entry lists).1350 <p id="rfc.section.7.2.2.2.p.6"> <b>Note:</b> This directive uses the quoted-string form of the argument syntax. Senders <em class="bcp14">SHOULD NOT</em> use the token form (even if quoting appears not to be needed for single-entry lists). 1340 1351 </p> 1341 1352 <div id="rfc.iref.c.16"></div> 1342 1353 <div id="rfc.iref.n.4"></div> 1343 <h4 id="rfc.section. 3.2.2.3"><a href="#rfc.section.3.2.2.3">3.2.2.3</a> <a id="cache-response-directive.no-cache" href="#cache-response-directive.no-cache">no-cache</a></h4>1344 <p id="rfc.section. 3.2.2.3.p.1">Argument syntax: </p>1354 <h4 id="rfc.section.7.2.2.3"><a href="#rfc.section.7.2.2.3">7.2.2.3</a> <a id="cache-response-directive.no-cache" href="#cache-response-directive.no-cache">no-cache</a></h4> 1355 <p id="rfc.section.7.2.2.3.p.1">Argument syntax: </p> 1345 1356 <ul class="empty"> 1346 1357 <li>#<a href="#abnf.dependencies" class="smpl">field-name</a> 1347 1358 </li> 1348 1359 </ul> 1349 <p id="rfc.section. 3.2.2.3.p.2">The no-cache response directive indicates that the response <em class="bcp14">MUST NOT</em> be used to satisfy a subsequent request without successful validation on the origin server. This allows an origin server to1360 <p id="rfc.section.7.2.2.3.p.2">The no-cache response directive indicates that the response <em class="bcp14">MUST NOT</em> be used to satisfy a subsequent request without successful validation on the origin server. This allows an origin server to 1350 1361 prevent a cache from using it to satisfy a request without contacting it, even by caches that have been configured to return 1351 1362 stale responses. 1352 1363 </p> 1353 <p id="rfc.section. 3.2.2.3.p.3">If the no-cache response directive specifies one or more field-names, then a cache <em class="bcp14">MAY</em> use the response to satisfy a subsequent request, subject to any other restrictions on caching. However, any header fields1364 <p id="rfc.section.7.2.2.3.p.3">If the no-cache response directive specifies one or more field-names, then a cache <em class="bcp14">MAY</em> use the response to satisfy a subsequent request, subject to any other restrictions on caching. However, any header fields 1354 1365 in the response that have the field-name(s) listed <em class="bcp14">MUST NOT</em> be sent in the response to a subsequent request without successful revalidation with the origin server. This allows an origin 1355 1366 server to prevent the re-use of certain header fields in a response, while still allowing caching of the rest of the response. 1356 1367 </p> 1357 <p id="rfc.section. 3.2.2.3.p.4">The field-names given are not limited to the set of standard header fields defined by this specification. Field names are1368 <p id="rfc.section.7.2.2.3.p.4">The field-names given are not limited to the set of standard header fields defined by this specification. Field names are 1358 1369 case-insensitive. 1359 1370 </p> 1360 <p id="rfc.section. 3.2.2.3.p.5"> <b>Note:</b> Most HTTP/1.0 caches will not recognize or obey this directive. Also, no-cache response directives with field-names are often1371 <p id="rfc.section.7.2.2.3.p.5"> <b>Note:</b> Most HTTP/1.0 caches will not recognize or obey this directive. Also, no-cache response directives with field-names are often 1361 1372 handled by implementations as if an unqualified no-cache directive was received; i.e., the special handling for the qualified 1362 1373 form is not widely implemented. 1363 1374 </p> 1364 <p id="rfc.section. 3.2.2.3.p.6"> <b>Note:</b> This directive uses the quoted-string form of the argument syntax. Senders <em class="bcp14">SHOULD NOT</em> use the token form (even if quoting appears not to be needed for single-entry lists).1375 <p id="rfc.section.7.2.2.3.p.6"> <b>Note:</b> This directive uses the quoted-string form of the argument syntax. Senders <em class="bcp14">SHOULD NOT</em> use the token form (even if quoting appears not to be needed for single-entry lists). 1365 1376 </p> 1366 1377 <div id="rfc.iref.c.17"></div> 1367 1378 <div id="rfc.iref.n.5"></div> 1368 <h4 id="rfc.section. 3.2.2.4"><a href="#rfc.section.3.2.2.4">3.2.2.4</a> <a id="cache-response-directive.no-store" href="#cache-response-directive.no-store">no-store</a></h4>1369 <p id="rfc.section. 3.2.2.4.p.1">The no-store response directive indicates that a cache <em class="bcp14">MUST NOT</em> store any part of either the immediate request or response. This directive applies to both private and shared caches. "<em class="bcp14">MUST NOT</em> store" in this context means that the cache <em class="bcp14">MUST NOT</em> intentionally store the information in non-volatile storage, and <em class="bcp14">MUST</em> make a best-effort attempt to remove the information from volatile storage as promptly as possible after forwarding it.1370 </p> 1371 <p id="rfc.section. 3.2.2.4.p.2">This directive is NOT a reliable or sufficient mechanism for ensuring privacy. In particular, malicious or compromised caches1379 <h4 id="rfc.section.7.2.2.4"><a href="#rfc.section.7.2.2.4">7.2.2.4</a> <a id="cache-response-directive.no-store" href="#cache-response-directive.no-store">no-store</a></h4> 1380 <p id="rfc.section.7.2.2.4.p.1">The no-store response directive indicates that a cache <em class="bcp14">MUST NOT</em> store any part of either the immediate request or response. This directive applies to both private and shared caches. "<em class="bcp14">MUST NOT</em> store" in this context means that the cache <em class="bcp14">MUST NOT</em> intentionally store the information in non-volatile storage, and <em class="bcp14">MUST</em> make a best-effort attempt to remove the information from volatile storage as promptly as possible after forwarding it. 1381 </p> 1382 <p id="rfc.section.7.2.2.4.p.2">This directive is NOT a reliable or sufficient mechanism for ensuring privacy. In particular, malicious or compromised caches 1372 1383 might not recognize or obey this directive, and communications networks might be vulnerable to eavesdropping. 1373 1384 </p> 1374 1385 <div id="rfc.iref.c.18"></div> 1375 1386 <div id="rfc.iref.m.4"></div> 1376 <h4 id="rfc.section. 3.2.2.5"><a href="#rfc.section.3.2.2.5">3.2.2.5</a> <a id="cache-response-directive.must-revalidate" href="#cache-response-directive.must-revalidate">must-revalidate</a></h4>1377 <p id="rfc.section. 3.2.2.5.p.1">The must-revalidate response directive indicates that once it has become stale, a cache <em class="bcp14">MUST NOT</em> use the response to satisfy subsequent requests without successful validation on the origin server.1378 </p> 1379 <p id="rfc.section. 3.2.2.5.p.2">The must-revalidate directive is necessary to support reliable operation for certain protocol features. In all circumstances1387 <h4 id="rfc.section.7.2.2.5"><a href="#rfc.section.7.2.2.5">7.2.2.5</a> <a id="cache-response-directive.must-revalidate" href="#cache-response-directive.must-revalidate">must-revalidate</a></h4> 1388 <p id="rfc.section.7.2.2.5.p.1">The must-revalidate response directive indicates that once it has become stale, a cache <em class="bcp14">MUST NOT</em> use the response to satisfy subsequent requests without successful validation on the origin server. 1389 </p> 1390 <p id="rfc.section.7.2.2.5.p.2">The must-revalidate directive is necessary to support reliable operation for certain protocol features. In all circumstances 1380 1391 a cache <em class="bcp14">MUST</em> obey the must-revalidate directive; in particular, if a cache cannot reach the origin server for any reason, it <em class="bcp14">MUST</em> generate a <a href="p2-semantics.html#status.504" class="smpl">504 (Gateway Timeout)</a> response. 1381 1392 </p> 1382 <p id="rfc.section. 3.2.2.5.p.3">The must-revalidate directive ought to be used by servers if and only if failure to validate a request on the representation1393 <p id="rfc.section.7.2.2.5.p.3">The must-revalidate directive ought to be used by servers if and only if failure to validate a request on the representation 1383 1394 could result in incorrect operation, such as a silently unexecuted financial transaction. 1384 1395 </p> 1385 1396 <div id="rfc.iref.c.19"></div> 1386 1397 <div id="rfc.iref.p.4"></div> 1387 <h4 id="rfc.section. 3.2.2.6"><a href="#rfc.section.3.2.2.6">3.2.2.6</a> <a id="cache-response-directive.proxy-revalidate" href="#cache-response-directive.proxy-revalidate">proxy-revalidate</a></h4>1388 <p id="rfc.section. 3.2.2.6.p.1">The proxy-revalidate response directive has the same meaning as the must-revalidate response directive, except that it does1398 <h4 id="rfc.section.7.2.2.6"><a href="#rfc.section.7.2.2.6">7.2.2.6</a> <a id="cache-response-directive.proxy-revalidate" href="#cache-response-directive.proxy-revalidate">proxy-revalidate</a></h4> 1399 <p id="rfc.section.7.2.2.6.p.1">The proxy-revalidate response directive has the same meaning as the must-revalidate response directive, except that it does 1389 1400 not apply to private caches. 1390 1401 </p> 1391 1402 <div id="rfc.iref.c.20"></div> 1392 1403 <div id="rfc.iref.m.5"></div> 1393 <h4 id="rfc.section. 3.2.2.7"><a href="#rfc.section.3.2.2.7">3.2.2.7</a> <a id="cache-response-directive.max-age" href="#cache-response-directive.max-age">max-age</a></h4>1394 <p id="rfc.section. 3.2.2.7.p.1">Argument syntax: </p>1404 <h4 id="rfc.section.7.2.2.7"><a href="#rfc.section.7.2.2.7">7.2.2.7</a> <a id="cache-response-directive.max-age" href="#cache-response-directive.max-age">max-age</a></h4> 1405 <p id="rfc.section.7.2.2.7.p.1">Argument syntax: </p> 1395 1406 <ul class="empty"> 1396 1407 <li> <a href="#delta-seconds" class="smpl">delta-seconds</a> (see <a href="#delta-seconds" title="Delta Seconds">Section 1.4.3</a>) 1397 1408 </li> 1398 1409 </ul> 1399 <p id="rfc.section. 3.2.2.7.p.2">The max-age response directive indicates that the response is to be considered stale after its age is greater than the specified1410 <p id="rfc.section.7.2.2.7.p.2">The max-age response directive indicates that the response is to be considered stale after its age is greater than the specified 1400 1411 number of seconds. 1401 1412 </p> 1402 <p id="rfc.section. 3.2.2.7.p.3"> <b>Note:</b> This directive uses the token form of the argument syntax; e.g., 'max-age=5', not 'max-age="5"'. Senders <em class="bcp14">SHOULD NOT</em> use the quoted-string form.1413 <p id="rfc.section.7.2.2.7.p.3"> <b>Note:</b> This directive uses the token form of the argument syntax; e.g., 'max-age=5', not 'max-age="5"'. Senders <em class="bcp14">SHOULD NOT</em> use the quoted-string form. 1403 1414 </p> 1404 1415 <div id="rfc.iref.c.21"></div> 1405 1416 <div id="rfc.iref.s.4"></div> 1406 <h4 id="rfc.section. 3.2.2.8"><a href="#rfc.section.3.2.2.8">3.2.2.8</a> <a id="cache-response-directive.s-maxage" href="#cache-response-directive.s-maxage">s-maxage</a></h4>1407 <p id="rfc.section. 3.2.2.8.p.1">Argument syntax: </p>1417 <h4 id="rfc.section.7.2.2.8"><a href="#rfc.section.7.2.2.8">7.2.2.8</a> <a id="cache-response-directive.s-maxage" href="#cache-response-directive.s-maxage">s-maxage</a></h4> 1418 <p id="rfc.section.7.2.2.8.p.1">Argument syntax: </p> 1408 1419 <ul class="empty"> 1409 1420 <li> <a href="#delta-seconds" class="smpl">delta-seconds</a> (see <a href="#delta-seconds" title="Delta Seconds">Section 1.4.3</a>) 1410 1421 </li> 1411 1422 </ul> 1412 <p id="rfc.section. 3.2.2.8.p.2">The s-maxage response directive indicates that, in shared caches, the maximum age specified by this directive overrides the1423 <p id="rfc.section.7.2.2.8.p.2">The s-maxage response directive indicates that, in shared caches, the maximum age specified by this directive overrides the 1413 1424 maximum age specified by either the max-age directive or the <a href="#header.expires" class="smpl">Expires</a> header field. The s-maxage directive also implies the semantics of the proxy-revalidate response directive. 1414 1425 </p> 1415 <p id="rfc.section. 3.2.2.8.p.3"> <b>Note:</b> This directive uses the token form of the argument syntax; e.g., 's-maxage=10', not 's-maxage="10"'. Senders <em class="bcp14">SHOULD NOT</em> use the quoted-string form.1426 <p id="rfc.section.7.2.2.8.p.3"> <b>Note:</b> This directive uses the token form of the argument syntax; e.g., 's-maxage=10', not 's-maxage="10"'. Senders <em class="bcp14">SHOULD NOT</em> use the quoted-string form. 1416 1427 </p> 1417 1428 <div id="rfc.iref.c.22"></div> 1418 1429 <div id="rfc.iref.n.6"></div> 1419 <h4 id="rfc.section. 3.2.2.9"><a href="#rfc.section.3.2.2.9">3.2.2.9</a> <a id="cache-response-directive.no-transform" href="#cache-response-directive.no-transform">no-transform</a></h4>1420 <p id="rfc.section. 3.2.2.9.p.1">The no-transform response directive indicates that an intermediary (regardless of whether it implements a cache) <em class="bcp14">MUST NOT</em> change the <a href="p2-semantics.html#header.content-encoding" class="smpl">Content-Encoding</a>, <a href="p5-range.html#header.content-range" class="smpl">Content-Range</a> or <a href="p2-semantics.html#header.content-type" class="smpl">Content-Type</a> response header fields, nor the response representation.1421 </p> 1422 <h3 id="rfc.section. 3.2.3"><a href="#rfc.section.3.2.3">3.2.3</a> <a id="cache.control.extensions" href="#cache.control.extensions">Cache Control Extensions</a></h3>1423 <p id="rfc.section. 3.2.3.p.1">The Cache-Control header field can be extended through the use of one or more cache-extension tokens, each with an optional1430 <h4 id="rfc.section.7.2.2.9"><a href="#rfc.section.7.2.2.9">7.2.2.9</a> <a id="cache-response-directive.no-transform" href="#cache-response-directive.no-transform">no-transform</a></h4> 1431 <p id="rfc.section.7.2.2.9.p.1">The no-transform response directive indicates that an intermediary (regardless of whether it implements a cache) <em class="bcp14">MUST NOT</em> change the <a href="p2-semantics.html#header.content-encoding" class="smpl">Content-Encoding</a>, <a href="p5-range.html#header.content-range" class="smpl">Content-Range</a> or <a href="p2-semantics.html#header.content-type" class="smpl">Content-Type</a> response header fields, nor the response representation. 1432 </p> 1433 <h3 id="rfc.section.7.2.3"><a href="#rfc.section.7.2.3">7.2.3</a> <a id="cache.control.extensions" href="#cache.control.extensions">Cache Control Extensions</a></h3> 1434 <p id="rfc.section.7.2.3.p.1">The Cache-Control header field can be extended through the use of one or more cache-extension tokens, each with an optional 1424 1435 value. Informational extensions (those that do not require a change in cache behavior) can be added without changing the semantics 1425 1436 of other directives. Behavioral extensions are designed to work by acting as modifiers to the existing base of cache directives. … … 1429 1440 can be made without requiring changes to the base protocol. 1430 1441 </p> 1431 <p id="rfc.section. 3.2.3.p.2">This extension mechanism depends on an HTTP cache obeying all of the cache-control directives defined for its native HTTP-version,1442 <p id="rfc.section.7.2.3.p.2">This extension mechanism depends on an HTTP cache obeying all of the cache-control directives defined for its native HTTP-version, 1432 1443 obeying certain extensions, and ignoring all directives that it does not understand. 1433 1444 </p> 1434 <p id="rfc.section. 3.2.3.p.3">For example, consider a hypothetical new response directive called "community" that acts as a modifier to the private directive.1445 <p id="rfc.section.7.2.3.p.3">For example, consider a hypothetical new response directive called "community" that acts as a modifier to the private directive. 1435 1446 We define this new directive to mean that, in addition to any private cache, any cache that is shared only by members of the 1436 1447 community named within its value is allowed to cache the response. An origin server wishing to allow the UCI community to … … 1438 1449 </p> 1439 1450 <div id="rfc.figure.u.10"></div><pre class="text"> Cache-Control: private, community="UCI" 1440 </pre><p id="rfc.section. 3.2.3.p.5">A cache seeing this header field will act correctly even if the cache does not understand the community cache-extension, since1451 </pre><p id="rfc.section.7.2.3.p.5">A cache seeing this header field will act correctly even if the cache does not understand the community cache-extension, since 1441 1452 it will also see and understand the private directive and thus default to the safe behavior. 1442 1453 </p> 1443 <p id="rfc.section. 3.2.3.p.6">A cache <em class="bcp14">MUST</em> ignore unrecognized cache directives; it is assumed that any cache directive likely to be unrecognized by an HTTP/1.1 cache1454 <p id="rfc.section.7.2.3.p.6">A cache <em class="bcp14">MUST</em> ignore unrecognized cache directives; it is assumed that any cache directive likely to be unrecognized by an HTTP/1.1 cache 1444 1455 will be combined with standard directives (or the response's default cacheability) such that the cache behavior will remain 1445 1456 minimally correct even if the cache does not understand the extension(s). 1446 1457 </p> 1447 <p id="rfc.section. 3.2.3.p.7">New extension directives ought to consider defining:</p>1448 <p id="rfc.section. 3.2.3.p.8"> </p>1458 <p id="rfc.section.7.2.3.p.7">New extension directives ought to consider defining:</p> 1459 <p id="rfc.section.7.2.3.p.8"> </p> 1449 1460 <ul> 1450 1461 <li>What it means for a directive to be specified multiple times,</li> … … 1452 1463 <li>When the directive requires an argument, what it means when it is missing.</li> 1453 1464 </ul> 1454 <p id="rfc.section. 3.2.3.p.9">The HTTP Cache Directive Registry defines the name space for the cache directives.</p>1455 <p id="rfc.section. 3.2.3.p.10">A registration <em class="bcp14">MUST</em> include the following fields:1465 <p id="rfc.section.7.2.3.p.9">The HTTP Cache Directive Registry defines the name space for the cache directives.</p> 1466 <p id="rfc.section.7.2.3.p.10">A registration <em class="bcp14">MUST</em> include the following fields: 1456 1467 </p> 1457 1468 <ul> … … 1459 1470 <li>Pointer to specification text</li> 1460 1471 </ul> 1461 <p id="rfc.section. 3.2.3.p.11">Values to be added to this name space require IETF Review (see <a href="#RFC5226" id="rfc.xref.RFC5226.1"><cite title="Guidelines for Writing an IANA Considerations Section in RFCs">[RFC5226]</cite></a>, <a href="http://tools.ietf.org/html/rfc5226#section-4.1">Section 4.1</a>).1462 </p> 1463 <p id="rfc.section. 3.2.3.p.12">The registry itself is maintained at <<a href="http://www.iana.org/assignments/http-cache-directives">http://www.iana.org/assignments/http-cache-directives</a>>.1472 <p id="rfc.section.7.2.3.p.11">Values to be added to this name space require IETF Review (see <a href="#RFC5226" id="rfc.xref.RFC5226.1"><cite title="Guidelines for Writing an IANA Considerations Section in RFCs">[RFC5226]</cite></a>, <a href="http://tools.ietf.org/html/rfc5226#section-4.1">Section 4.1</a>). 1473 </p> 1474 <p id="rfc.section.7.2.3.p.12">The registry itself is maintained at <<a href="http://www.iana.org/assignments/http-cache-directives">http://www.iana.org/assignments/http-cache-directives</a>>. 1464 1475 </p> 1465 1476 <div id="rfc.iref.e.2"></div> 1466 1477 <div id="rfc.iref.h.4"></div> 1467 <h2 id="rfc.section. 3.3"><a href="#rfc.section.3.3">3.3</a> <a id="header.expires" href="#header.expires">Expires</a></h2>1468 <p id="rfc.section. 3.3.p.1">The "Expires" header field gives the date/time after which the response is considered stale. See <a href="#expiration.model" title="Freshness Model">Section 2.3</a> for further discussion of the freshness model.1469 </p> 1470 <p id="rfc.section. 3.3.p.2">The presence of an Expires field does not imply that the original resource will change or cease to exist at, before, or after1478 <h2 id="rfc.section.7.3"><a href="#rfc.section.7.3">7.3</a> <a id="header.expires" href="#header.expires">Expires</a></h2> 1479 <p id="rfc.section.7.3.p.1">The "Expires" header field gives the date/time after which the response is considered stale. See <a href="#expiration.model" title="Freshness Model">Section 4.1</a> for further discussion of the freshness model. 1480 </p> 1481 <p id="rfc.section.7.3.p.2">The presence of an Expires field does not imply that the original resource will change or cease to exist at, before, or after 1471 1482 that time. 1472 1483 </p> 1473 <p id="rfc.section. 3.3.p.3">The field-value is an absolute date and time as defined by HTTP-date in <a href="p2-semantics.html#http.date" title="Date/Time Formats">Section 5.1</a> of <a href="#Part2" id="rfc.xref.Part2.7"><cite title="HTTP/1.1, part 2: Message Semantics, Payload and Content Negotiation">[Part2]</cite></a>; a sender <em class="bcp14">MUST</em> use the rfc1123-date format.1484 <p id="rfc.section.7.3.p.3">The field-value is an absolute date and time as defined by HTTP-date in <a href="p2-semantics.html#http.date" title="Date/Time Formats">Section 5.1</a> of <a href="#Part2" id="rfc.xref.Part2.7"><cite title="HTTP/1.1, part 2: Message Semantics, Payload and Content Negotiation">[Part2]</cite></a>; a sender <em class="bcp14">MUST</em> use the rfc1123-date format. 1474 1485 </p> 1475 1486 <div id="rfc.figure.u.11"></div><pre class="inline"><span id="rfc.iref.g.5"></span> <a href="#header.expires" class="smpl">Expires</a> = <a href="#abnf.dependencies" class="smpl">HTTP-date</a> 1476 1487 </pre><div id="rfc.figure.u.12"></div> 1477 1488 <p>For example</p> <pre class="text"> Expires: Thu, 01 Dec 1994 16:00:00 GMT 1478 </pre><p id="rfc.section. 3.3.p.6">A cache <em class="bcp14">MUST</em> treat other invalid date formats, especially including the value "0", as in the past (i.e., "already expired").1479 </p> 1480 <div class="note" id="rfc.section. 3.3.p.7">1481 <p> <b>Note:</b> If a response includes a <a href="#header.cache-control" class="smpl">Cache-Control</a> field with the max-age directive (see <a href="#cache-response-directive" title="Response Cache-Control Directives">Section 3.2.2</a>), that directive overrides the Expires field. Likewise, the s-maxage directive overrides Expires in shared caches.1489 </pre><p id="rfc.section.7.3.p.6">A cache <em class="bcp14">MUST</em> treat other invalid date formats, especially including the value "0", as in the past (i.e., "already expired"). 1490 </p> 1491 <div class="note" id="rfc.section.7.3.p.7"> 1492 <p> <b>Note:</b> If a response includes a <a href="#header.cache-control" class="smpl">Cache-Control</a> field with the max-age directive (see <a href="#cache-response-directive" title="Response Cache-Control Directives">Section 7.2.2</a>), that directive overrides the Expires field. Likewise, the s-maxage directive overrides Expires in shared caches. 1482 1493 </p> 1483 1494 </div> 1484 <p id="rfc.section. 3.3.p.8">Historically, HTTP required the Expires field-value to be no more than a year in the future. While longer freshness lifetimes1495 <p id="rfc.section.7.3.p.8">Historically, HTTP required the Expires field-value to be no more than a year in the future. While longer freshness lifetimes 1485 1496 are no longer prohibited, extremely large values have been demonstrated to cause problems (e.g., clock overflows due to use 1486 1497 of 32-bit integers for time values), and most caches will evict a response far sooner than that. Therefore, senders ought 1487 1498 not produce them. 1488 1499 </p> 1489 <p id="rfc.section. 3.3.p.9">An origin server without a clock <em class="bcp14">MUST NOT</em> assign Expires values to a response unless these values were associated with the resource by a system or user with a reliable1500 <p id="rfc.section.7.3.p.9">An origin server without a clock <em class="bcp14">MUST NOT</em> assign Expires values to a response unless these values were associated with the resource by a system or user with a reliable 1490 1501 clock. It <em class="bcp14">MAY</em> assign an Expires value that is known, at or before server configuration time, to be in the past (this allows "pre-expiration" 1491 1502 of responses without storing separate Expires values for each resource). … … 1493 1504 <div id="rfc.iref.p.5"></div> 1494 1505 <div id="rfc.iref.h.5"></div> 1495 <h2 id="rfc.section. 3.4"><a href="#rfc.section.3.4">3.4</a> <a id="header.pragma" href="#header.pragma">Pragma</a></h2>1496 <p id="rfc.section. 3.4.p.1">The "Pragma" header field allows backwards compatibility with HTTP/1.0 caches, so that clients can specify a "no-cache" request1506 <h2 id="rfc.section.7.4"><a href="#rfc.section.7.4">7.4</a> <a id="header.pragma" href="#header.pragma">Pragma</a></h2> 1507 <p id="rfc.section.7.4.p.1">The "Pragma" header field allows backwards compatibility with HTTP/1.0 caches, so that clients can specify a "no-cache" request 1497 1508 that they will understand (as <a href="#header.cache-control" class="smpl">Cache-Control</a> was not defined until HTTP/1.1). When the Cache-Control header field is also present and understood in a request, Pragma is 1498 1509 ignored. 1499 1510 </p> 1500 <p id="rfc.section. 3.4.p.2">In HTTP/1.0, Pragma was defined as an extensible field for implementation-specified directives for recipients. This specification1511 <p id="rfc.section.7.4.p.2">In HTTP/1.0, Pragma was defined as an extensible field for implementation-specified directives for recipients. This specification 1501 1512 deprecates such extensions to improve interoperability. 1502 1513 </p> … … 1504 1515 <a href="#header.pragma" class="smpl">pragma-directive</a> = "no-cache" / <a href="#header.pragma" class="smpl">extension-pragma</a> 1505 1516 <a href="#header.pragma" class="smpl">extension-pragma</a> = <a href="#core.rules" class="smpl">token</a> [ "=" ( <a href="#core.rules" class="smpl">token</a> / <a href="#core.rules" class="smpl">quoted-string</a> ) ] 1506 </pre><p id="rfc.section. 3.4.p.4">When the <a href="#header.cache-control" class="smpl">Cache-Control</a> header field is not present in a request, the no-cache request pragma-directive <em class="bcp14">MUST</em> have the same effect on caches as if "Cache-Control: no-cache" were present (see <a href="#cache-request-directive" title="Request Cache-Control Directives">Section 3.2.1</a>).1507 </p> 1508 <p id="rfc.section. 3.4.p.5">When sending a no-cache request, a client ought to include both the pragma and cache-control directives, unless Cache-Control:1517 </pre><p id="rfc.section.7.4.p.4">When the <a href="#header.cache-control" class="smpl">Cache-Control</a> header field is not present in a request, the no-cache request pragma-directive <em class="bcp14">MUST</em> have the same effect on caches as if "Cache-Control: no-cache" were present (see <a href="#cache-request-directive" title="Request Cache-Control Directives">Section 7.2.1</a>). 1518 </p> 1519 <p id="rfc.section.7.4.p.5">When sending a no-cache request, a client ought to include both the pragma and cache-control directives, unless Cache-Control: 1509 1520 no-cache is purposefully omitted to target other <a href="#header.cache-control" class="smpl">Cache-Control</a> response directives at HTTP/1.1 caches. For example: 1510 1521 </p> … … 1514 1525 Pragma: no-cache 1515 1526 1516 </pre> <p id="rfc.section. 3.4.p.7">will constrain HTTP/1.1 caches to serve a response no older than 30 seconds, while precluding implementations that do not1527 </pre> <p id="rfc.section.7.4.p.7">will constrain HTTP/1.1 caches to serve a response no older than 30 seconds, while precluding implementations that do not 1517 1528 understand <a href="#header.cache-control" class="smpl">Cache-Control</a> from serving a cached response. 1518 1529 </p> 1519 <div class="note" id="rfc.section. 3.4.p.8">1530 <div class="note" id="rfc.section.7.4.p.8"> 1520 1531 <p> <b>Note:</b> Because the meaning of "Pragma: no-cache" in responses is not specified, it does not provide a reliable replacement for "Cache-Control: 1521 1532 no-cache" in them. … … 1524 1535 <div id="rfc.iref.v.3"></div> 1525 1536 <div id="rfc.iref.h.6"></div> 1526 <h2 id="rfc.section. 3.5"><a href="#rfc.section.3.5">3.5</a> <a id="header.vary" href="#header.vary">Vary</a></h2>1527 <p id="rfc.section. 3.5.p.1">The "Vary" header field conveys the set of header fields that were used to select the representation.</p>1528 <p id="rfc.section. 3.5.p.2">Caches use this information, in part, to determine whether a stored response can be used to satisfy a given request; see <a href="#caching.negotiated.responses" title="Caching Negotiated Responses">Section 2.8</a>. determines, while the response is fresh, whether a cache is permitted to use the response to reply to a subsequent request1529 without validation; see <a href="#caching.negotiated.responses" title=" Caching Negotiated Responses">Section 2.8</a>.1530 </p> 1531 <p id="rfc.section. 3.5.p.3">In uncacheable or stale responses, the Vary field value advises the user agent about the criteria that were used to select1537 <h2 id="rfc.section.7.5"><a href="#rfc.section.7.5">7.5</a> <a id="header.vary" href="#header.vary">Vary</a></h2> 1538 <p id="rfc.section.7.5.p.1">The "Vary" header field conveys the set of header fields that were used to select the representation.</p> 1539 <p id="rfc.section.7.5.p.2">Caches use this information, in part, to determine whether a stored response can be used to satisfy a given request; see <a href="#caching.negotiated.responses" title="Using Negotiated Responses">Section 4.3</a>. determines, while the response is fresh, whether a cache is permitted to use the response to reply to a subsequent request 1540 without validation; see <a href="#caching.negotiated.responses" title="Using Negotiated Responses">Section 4.3</a>. 1541 </p> 1542 <p id="rfc.section.7.5.p.3">In uncacheable or stale responses, the Vary field value advises the user agent about the criteria that were used to select 1532 1543 the representation. 1533 1544 </p> 1534 1545 <div id="rfc.figure.u.15"></div><pre class="inline"><span id="rfc.iref.g.9"></span> <a href="#header.vary" class="smpl">Vary</a> = "*" / 1#<a href="#abnf.dependencies" class="smpl">field-name</a> 1535 </pre><p id="rfc.section. 3.5.p.5">The set of header fields named by the Vary field value is known as the selecting header fields.</p>1536 <p id="rfc.section. 3.5.p.6">A server <em class="bcp14">SHOULD</em> include a Vary header field with any cacheable response that is subject to server-driven negotiation. Doing so allows a cache1546 </pre><p id="rfc.section.7.5.p.5">The set of header fields named by the Vary field value is known as the selecting header fields.</p> 1547 <p id="rfc.section.7.5.p.6">A server <em class="bcp14">SHOULD</em> include a Vary header field with any cacheable response that is subject to server-driven negotiation. Doing so allows a cache 1537 1548 to properly interpret future requests on that resource and informs the user agent about the presence of negotiation on that 1538 1549 resource. A server <em class="bcp14">MAY</em> include a Vary header field with a non-cacheable response that is subject to server-driven negotiation, since this might provide 1539 1550 the user agent with useful information about the dimensions over which the response varies at the time of the response. 1540 1551 </p> 1541 <p id="rfc.section. 3.5.p.7">A Vary field value of "*" signals that unspecified parameters not limited to the header fields (e.g., the network address1552 <p id="rfc.section.7.5.p.7">A Vary field value of "*" signals that unspecified parameters not limited to the header fields (e.g., the network address 1542 1553 of the client), play a role in the selection of the response representation; therefore, a cache cannot determine whether this 1543 1554 response is appropriate. A proxy <em class="bcp14">MUST NOT</em> generate the "*" value. 1544 1555 </p> 1545 <p id="rfc.section. 3.5.p.8">The field-names given are not limited to the set of standard header fields defined by this specification. Field names are1556 <p id="rfc.section.7.5.p.8">The field-names given are not limited to the set of standard header fields defined by this specification. Field names are 1546 1557 case-insensitive. 1547 1558 </p> 1548 1559 <div id="rfc.iref.w.1"></div> 1549 1560 <div id="rfc.iref.h.7"></div> 1550 <h2 id="rfc.section. 3.6"><a href="#rfc.section.3.6">3.6</a> <a id="header.warning" href="#header.warning">Warning</a></h2>1551 <p id="rfc.section. 3.6.p.1">The "Warning" header field is used to carry additional information about the status or transformation of a message that might1561 <h2 id="rfc.section.7.6"><a href="#rfc.section.7.6">7.6</a> <a id="header.warning" href="#header.warning">Warning</a></h2> 1562 <p id="rfc.section.7.6.p.1">The "Warning" header field is used to carry additional information about the status or transformation of a message that might 1552 1563 not be reflected in the message. This information is typically used to warn about possible incorrectness introduced by caching 1553 1564 operations or transformations applied to the payload of the message. 1554 1565 </p> 1555 <p id="rfc.section. 3.6.p.2">Warnings can be used for other purposes, both cache-related and otherwise. The use of a warning, rather than an error status1566 <p id="rfc.section.7.6.p.2">Warnings can be used for other purposes, both cache-related and otherwise. The use of a warning, rather than an error status 1556 1567 code, distinguishes these responses from true failures. 1557 1568 </p> 1558 <p id="rfc.section. 3.6.p.3">Warning header fields can in general be applied to any message, however some warn-codes are specific to caches and can only1569 <p id="rfc.section.7.6.p.3">Warning header fields can in general be applied to any message, however some warn-codes are specific to caches and can only 1559 1570 be applied to response messages. 1560 1571 </p> … … 1570 1581 <a href="#header.warning" class="smpl">warn-text</a> = <a href="#core.rules" class="smpl">quoted-string</a> 1571 1582 <a href="#header.warning" class="smpl">warn-date</a> = <a href="#notation" class="smpl">DQUOTE</a> <a href="#abnf.dependencies" class="smpl">HTTP-date</a> <a href="#notation" class="smpl">DQUOTE</a> 1572 </pre><p id="rfc.section. 3.6.p.5">Multiple warnings can be attached to a response (either by the origin server or by a cache), including multiple warnings with1583 </pre><p id="rfc.section.7.6.p.5">Multiple warnings can be attached to a response (either by the origin server or by a cache), including multiple warnings with 1573 1584 the same code number, only differing in warn-text. 1574 1585 </p> 1575 <p id="rfc.section. 3.6.p.6">When this occurs, the user agent <em class="bcp14">SHOULD</em> inform the user of as many of them as possible, in the order that they appear in the response.1576 </p> 1577 <p id="rfc.section. 3.6.p.7">Systems that generate multiple Warning header fields are encouraged to order them with this user agent behavior in mind. New1586 <p id="rfc.section.7.6.p.6">When this occurs, the user agent <em class="bcp14">SHOULD</em> inform the user of as many of them as possible, in the order that they appear in the response. 1587 </p> 1588 <p id="rfc.section.7.6.p.7">Systems that generate multiple Warning header fields are encouraged to order them with this user agent behavior in mind. New 1578 1589 Warning header fields are added after any existing Warning headers fields. 1579 1590 </p> 1580 <p id="rfc.section. 3.6.p.8">Warnings are assigned three digit warn-codes. The first digit indicates whether the Warning is required to be deleted from1591 <p id="rfc.section.7.6.p.8">Warnings are assigned three digit warn-codes. The first digit indicates whether the Warning is required to be deleted from 1581 1592 a stored response after validation: 1582 1593 </p> … … 1588 1599 </li> 1589 1600 </ul> 1590 <p id="rfc.section. 3.6.p.9">If an implementation sends a message with one or more Warning header fields to a receiver whose version is HTTP/1.0 or lower,1601 <p id="rfc.section.7.6.p.9">If an implementation sends a message with one or more Warning header fields to a receiver whose version is HTTP/1.0 or lower, 1591 1602 then the sender <em class="bcp14">MUST</em> include in each warning-value a warn-date that matches the <a href="p2-semantics.html#header.date" class="smpl">Date</a> header field in the message. 1592 1603 </p> 1593 <p id="rfc.section. 3.6.p.10">If a system receives a message with a warning-value that includes a warn-date, and that warn-date is different from the <a href="p2-semantics.html#header.date" class="smpl">Date</a> value in the response, then that warning-value <em class="bcp14">MUST</em> be deleted from the message before storing, forwarding, or using it. (preventing the consequences of naive caching of Warning1604 <p id="rfc.section.7.6.p.10">If a system receives a message with a warning-value that includes a warn-date, and that warn-date is different from the <a href="p2-semantics.html#header.date" class="smpl">Date</a> value in the response, then that warning-value <em class="bcp14">MUST</em> be deleted from the message before storing, forwarding, or using it. (preventing the consequences of naive caching of Warning 1594 1605 header fields.) If all of the warning-values are deleted for this reason, the Warning header field <em class="bcp14">MUST</em> be deleted as well. 1595 1606 </p> 1596 <p id="rfc.section. 3.6.p.11">The following warn-codes are defined by this specification, each with a recommended warn-text in English, and a description1607 <p id="rfc.section.7.6.p.11">The following warn-codes are defined by this specification, each with a recommended warn-text in English, and a description 1597 1608 of its meaning. 1598 1609 </p> 1599 1610 <div id="rfc.iref.76"></div> 1600 1611 <div id="rfc.iref.w.2"></div> 1601 <h3 id="rfc.section. 3.6.1"><a href="#rfc.section.3.6.1">3.6.1</a> <a id="warn.110" href="#warn.110">110 Response is Stale</a></h3>1602 <p id="rfc.section. 3.6.1.p.1">A cache <em class="bcp14">SHOULD</em> include this whenever the returned response is stale.1612 <h3 id="rfc.section.7.6.1"><a href="#rfc.section.7.6.1">7.6.1</a> <a id="warn.110" href="#warn.110">110 Response is Stale</a></h3> 1613 <p id="rfc.section.7.6.1.p.1">A cache <em class="bcp14">SHOULD</em> include this whenever the returned response is stale. 1603 1614 </p> 1604 1615 <div id="rfc.iref.77"></div> 1605 1616 <div id="rfc.iref.w.3"></div> 1606 <h3 id="rfc.section. 3.6.2"><a href="#rfc.section.3.6.2">3.6.2</a> <a id="warn.111" href="#warn.111">111 Revalidation Failed</a></h3>1607 <p id="rfc.section. 3.6.2.p.1">A cache <em class="bcp14">SHOULD</em> include this when returning a stale response because an attempt to validate the response failed, due to an inability to reach1617 <h3 id="rfc.section.7.6.2"><a href="#rfc.section.7.6.2">7.6.2</a> <a id="warn.111" href="#warn.111">111 Revalidation Failed</a></h3> 1618 <p id="rfc.section.7.6.2.p.1">A cache <em class="bcp14">SHOULD</em> include this when returning a stale response because an attempt to validate the response failed, due to an inability to reach 1608 1619 the server. 1609 1620 </p> 1610 1621 <div id="rfc.iref.78"></div> 1611 1622 <div id="rfc.iref.w.4"></div> 1612 <h3 id="rfc.section. 3.6.3"><a href="#rfc.section.3.6.3">3.6.3</a> <a id="warn.112" href="#warn.112">112 Disconnected Operation</a></h3>1613 <p id="rfc.section. 3.6.3.p.1">A cache <em class="bcp14">SHOULD</em> include this if it is intentionally disconnected from the rest of the network for a period of time.1623 <h3 id="rfc.section.7.6.3"><a href="#rfc.section.7.6.3">7.6.3</a> <a id="warn.112" href="#warn.112">112 Disconnected Operation</a></h3> 1624 <p id="rfc.section.7.6.3.p.1">A cache <em class="bcp14">SHOULD</em> include this if it is intentionally disconnected from the rest of the network for a period of time. 1614 1625 </p> 1615 1626 <div id="rfc.iref.79"></div> 1616 1627 <div id="rfc.iref.w.5"></div> 1617 <h3 id="rfc.section. 3.6.4"><a href="#rfc.section.3.6.4">3.6.4</a> <a id="warn.113" href="#warn.113">113 Heuristic Expiration</a></h3>1618 <p id="rfc.section. 3.6.4.p.1">A cache <em class="bcp14">SHOULD</em> include this if it heuristically chose a freshness lifetime greater than 24 hours and the response's age is greater than 241628 <h3 id="rfc.section.7.6.4"><a href="#rfc.section.7.6.4">7.6.4</a> <a id="warn.113" href="#warn.113">113 Heuristic Expiration</a></h3> 1629 <p id="rfc.section.7.6.4.p.1">A cache <em class="bcp14">SHOULD</em> include this if it heuristically chose a freshness lifetime greater than 24 hours and the response's age is greater than 24 1619 1630 hours. 1620 1631 </p> 1621 1632 <div id="rfc.iref.80"></div> 1622 1633 <div id="rfc.iref.w.6"></div> 1623 <h3 id="rfc.section. 3.6.5"><a href="#rfc.section.3.6.5">3.6.5</a> <a id="warn.199" href="#warn.199">199 Miscellaneous Warning</a></h3>1624 <p id="rfc.section. 3.6.5.p.1">The warning text can include arbitrary information to be presented to a human user, or logged. A system receiving this warning <em class="bcp14">MUST NOT</em> take any automated action, besides presenting the warning to the user.1634 <h3 id="rfc.section.7.6.5"><a href="#rfc.section.7.6.5">7.6.5</a> <a id="warn.199" href="#warn.199">199 Miscellaneous Warning</a></h3> 1635 <p id="rfc.section.7.6.5.p.1">The warning text can include arbitrary information to be presented to a human user, or logged. A system receiving this warning <em class="bcp14">MUST NOT</em> take any automated action, besides presenting the warning to the user. 1625 1636 </p> 1626 1637 <div id="rfc.iref.81"></div> 1627 1638 <div id="rfc.iref.w.7"></div> 1628 <h3 id="rfc.section. 3.6.6"><a href="#rfc.section.3.6.6">3.6.6</a> <a id="warn.214" href="#warn.214">214 Transformation Applied</a></h3>1629 <p id="rfc.section. 3.6.6.p.1"> <em class="bcp14">MUST</em> be added by a proxy if it applies any transformation to the representation, such as changing the content-coding, media-type,1639 <h3 id="rfc.section.7.6.6"><a href="#rfc.section.7.6.6">7.6.6</a> <a id="warn.214" href="#warn.214">214 Transformation Applied</a></h3> 1640 <p id="rfc.section.7.6.6.p.1"> <em class="bcp14">MUST</em> be added by a proxy if it applies any transformation to the representation, such as changing the content-coding, media-type, 1630 1641 or modifying the representation data, unless this Warning code already appears in the response. 1631 1642 </p> 1632 1643 <div id="rfc.iref.82"></div> 1633 1644 <div id="rfc.iref.w.8"></div> 1634 <h3 id="rfc.section. 3.6.7"><a href="#rfc.section.3.6.7">3.6.7</a> <a id="warn.299" href="#warn.299">299 Miscellaneous Persistent Warning</a></h3>1635 <p id="rfc.section. 3.6.7.p.1">The warning text can include arbitrary information to be presented to a human user, or logged. A system receiving this warning <em class="bcp14">MUST NOT</em> take any automated action.1636 </p> 1637 <h3 id="rfc.section. 3.6.8"><a href="#rfc.section.3.6.8">3.6.8</a> <a id="warn.code.extensions" href="#warn.code.extensions">Warn Code Extensions</a></h3>1638 <p id="rfc.section. 3.6.8.p.1">The HTTP Warn Code Registry defines the name space for warn codes.</p>1639 <p id="rfc.section. 3.6.8.p.2">A registration <em class="bcp14">MUST</em> include the following fields:1645 <h3 id="rfc.section.7.6.7"><a href="#rfc.section.7.6.7">7.6.7</a> <a id="warn.299" href="#warn.299">299 Miscellaneous Persistent Warning</a></h3> 1646 <p id="rfc.section.7.6.7.p.1">The warning text can include arbitrary information to be presented to a human user, or logged. A system receiving this warning <em class="bcp14">MUST NOT</em> take any automated action. 1647 </p> 1648 <h3 id="rfc.section.7.6.8"><a href="#rfc.section.7.6.8">7.6.8</a> <a id="warn.code.extensions" href="#warn.code.extensions">Warn Code Extensions</a></h3> 1649 <p id="rfc.section.7.6.8.p.1">The HTTP Warn Code Registry defines the name space for warn codes.</p> 1650 <p id="rfc.section.7.6.8.p.2">A registration <em class="bcp14">MUST</em> include the following fields: 1640 1651 </p> 1641 1652 <ul> … … 1644 1655 <li>Pointer to specification text</li> 1645 1656 </ul> 1646 <p id="rfc.section. 3.6.8.p.3">Values to be added to this name space require IETF Review (see <a href="#RFC5226" id="rfc.xref.RFC5226.2"><cite title="Guidelines for Writing an IANA Considerations Section in RFCs">[RFC5226]</cite></a>, <a href="http://tools.ietf.org/html/rfc5226#section-4.1">Section 4.1</a>).1647 </p> 1648 <p id="rfc.section. 3.6.8.p.4">The registry itself is maintained at <<a href="http://www.iana.org/assignments/http-warn-codes">http://www.iana.org/assignments/http-warn-codes</a>>.1649 </p> 1650 <h1 id="rfc.section. 4"><a href="#rfc.section.4">4.</a> <a id="history.lists" href="#history.lists">History Lists</a></h1>1651 <p id="rfc.section. 4.p.1">User agents often have history mechanisms, such as "Back" buttons and history lists, that can be used to redisplay a representation1657 <p id="rfc.section.7.6.8.p.3">Values to be added to this name space require IETF Review (see <a href="#RFC5226" id="rfc.xref.RFC5226.2"><cite title="Guidelines for Writing an IANA Considerations Section in RFCs">[RFC5226]</cite></a>, <a href="http://tools.ietf.org/html/rfc5226#section-4.1">Section 4.1</a>). 1658 </p> 1659 <p id="rfc.section.7.6.8.p.4">The registry itself is maintained at <<a href="http://www.iana.org/assignments/http-warn-codes">http://www.iana.org/assignments/http-warn-codes</a>>. 1660 </p> 1661 <h1 id="rfc.section.8"><a href="#rfc.section.8">8.</a> <a id="history.lists" href="#history.lists">History Lists</a></h1> 1662 <p id="rfc.section.8.p.1">User agents often have history mechanisms, such as "Back" buttons and history lists, that can be used to redisplay a representation 1652 1663 retrieved earlier in a session. 1653 1664 </p> 1654 <p id="rfc.section. 4.p.2">The freshness model (<a href="#expiration.model" title="Freshness Model">Section 2.3</a>) does not necessarily apply to history mechanisms. I.e., a history mechanism can display a previous representation even if1665 <p id="rfc.section.8.p.2">The freshness model (<a href="#expiration.model" title="Freshness Model">Section 4.1</a>) does not necessarily apply to history mechanisms. I.e., a history mechanism can display a previous representation even if 1655 1666 it has expired. 1656 1667 </p> 1657 <p id="rfc.section. 4.p.3">This does not prohibit the history mechanism from telling the user that a view might be stale, or from honoring cache directives1668 <p id="rfc.section.8.p.3">This does not prohibit the history mechanism from telling the user that a view might be stale, or from honoring cache directives 1658 1669 (e.g., Cache-Control: no-store). 1659 1670 </p> 1660 <h1 id="rfc.section. 5"><a href="#rfc.section.5">5.</a> <a id="IANA.considerations" href="#IANA.considerations">IANA Considerations</a></h1>1661 <h2 id="rfc.section. 5.1"><a href="#rfc.section.5.1">5.1</a> <a id="cache.directive.registration" href="#cache.directive.registration">Cache Directive Registry</a></h2>1662 <p id="rfc.section. 5.1.p.1">The registration procedure for HTTP Cache Directives is defined by <a href="#cache.control.extensions" title="Cache Control Extensions">Section 3.2.3</a> of this document.1663 </p> 1664 <p id="rfc.section. 5.1.p.2">The HTTP Cache Directive Registry shall be created at <<a href="http://www.iana.org/assignments/http-cache-directives">http://www.iana.org/assignments/http-cache-directives</a>> and be populated with the registrations below:1671 <h1 id="rfc.section.9"><a href="#rfc.section.9">9.</a> <a id="IANA.considerations" href="#IANA.considerations">IANA Considerations</a></h1> 1672 <h2 id="rfc.section.9.1"><a href="#rfc.section.9.1">9.1</a> <a id="cache.directive.registration" href="#cache.directive.registration">Cache Directive Registry</a></h2> 1673 <p id="rfc.section.9.1.p.1">The registration procedure for HTTP Cache Directives is defined by <a href="#cache.control.extensions" title="Cache Control Extensions">Section 7.2.3</a> of this document. 1674 </p> 1675 <p id="rfc.section.9.1.p.2">The HTTP Cache Directive Registry shall be created at <<a href="http://www.iana.org/assignments/http-cache-directives">http://www.iana.org/assignments/http-cache-directives</a>> and be populated with the registrations below: 1665 1676 </p> 1666 1677 <div id="rfc.table.1"> … … 1676 1687 <tr> 1677 1688 <td class="left">max-age</td> 1678 <td class="left"> <a href="#cache-request-directive.max-age" title="max-age">Section 3.2.1.3</a>, <a href="#cache-response-directive.max-age" title="max-age">Section 3.2.2.7</a>1689 <td class="left"> <a href="#cache-request-directive.max-age" title="max-age">Section 7.2.1.3</a>, <a href="#cache-response-directive.max-age" title="max-age">Section 7.2.2.7</a> 1679 1690 </td> 1680 1691 </tr> 1681 1692 <tr> 1682 1693 <td class="left">max-stale</td> 1683 <td class="left"> <a href="#cache-request-directive.max-stale" title="max-stale">Section 3.2.1.4</a>1694 <td class="left"> <a href="#cache-request-directive.max-stale" title="max-stale">Section 7.2.1.4</a> 1684 1695 </td> 1685 1696 </tr> 1686 1697 <tr> 1687 1698 <td class="left">min-fresh</td> 1688 <td class="left"> <a href="#cache-request-directive.min-fresh" title="min-fresh">Section 3.2.1.5</a>1699 <td class="left"> <a href="#cache-request-directive.min-fresh" title="min-fresh">Section 7.2.1.5</a> 1689 1700 </td> 1690 1701 </tr> 1691 1702 <tr> 1692 1703 <td class="left">must-revalidate</td> 1693 <td class="left"> <a href="#cache-response-directive.must-revalidate" title="must-revalidate">Section 3.2.2.5</a>1704 <td class="left"> <a href="#cache-response-directive.must-revalidate" title="must-revalidate">Section 7.2.2.5</a> 1694 1705 </td> 1695 1706 </tr> 1696 1707 <tr> 1697 1708 <td class="left">no-cache</td> 1698 <td class="left"> <a href="#cache-request-directive.no-cache" title="no-cache">Section 3.2.1.1</a>, <a href="#cache-response-directive.no-cache" title="no-cache">Section 3.2.2.3</a>1709 <td class="left"> <a href="#cache-request-directive.no-cache" title="no-cache">Section 7.2.1.1</a>, <a href="#cache-response-directive.no-cache" title="no-cache">Section 7.2.2.3</a> 1699 1710 </td> 1700 1711 </tr> 1701 1712 <tr> 1702 1713 <td class="left">no-store</td> 1703 <td class="left"> <a href="#cache-request-directive.no-store" title="no-store">Section 3.2.1.2</a>, <a href="#cache-response-directive.no-store" title="no-store">Section 3.2.2.4</a>1714 <td class="left"> <a href="#cache-request-directive.no-store" title="no-store">Section 7.2.1.2</a>, <a href="#cache-response-directive.no-store" title="no-store">Section 7.2.2.4</a> 1704 1715 </td> 1705 1716 </tr> 1706 1717 <tr> 1707 1718 <td class="left">no-transform</td> 1708 <td class="left"> <a href="#cache-request-directive.no-transform" title="no-transform">Section 3.2.1.6</a>, <a href="#cache-response-directive.no-transform" title="no-transform">Section 3.2.2.9</a>1719 <td class="left"> <a href="#cache-request-directive.no-transform" title="no-transform">Section 7.2.1.6</a>, <a href="#cache-response-directive.no-transform" title="no-transform">Section 7.2.2.9</a> 1709 1720 </td> 1710 1721 </tr> 1711 1722 <tr> 1712 1723 <td class="left">only-if-cached</td> 1713 <td class="left"> <a href="#cache-request-directive.only-if-cached" title="only-if-cached">Section 3.2.1.7</a>1724 <td class="left"> <a href="#cache-request-directive.only-if-cached" title="only-if-cached">Section 7.2.1.7</a> 1714 1725 </td> 1715 1726 </tr> 1716 1727 <tr> 1717 1728 <td class="left">private</td> 1718 <td class="left"> <a href="#cache-response-directive.private" title="private">Section 3.2.2.2</a>1729 <td class="left"> <a href="#cache-response-directive.private" title="private">Section 7.2.2.2</a> 1719 1730 </td> 1720 1731 </tr> 1721 1732 <tr> 1722 1733 <td class="left">proxy-revalidate</td> 1723 <td class="left"> <a href="#cache-response-directive.proxy-revalidate" title="proxy-revalidate">Section 3.2.2.6</a>1734 <td class="left"> <a href="#cache-response-directive.proxy-revalidate" title="proxy-revalidate">Section 7.2.2.6</a> 1724 1735 </td> 1725 1736 </tr> 1726 1737 <tr> 1727 1738 <td class="left">public</td> 1728 <td class="left"> <a href="#cache-response-directive.only-if-cached" title="public">Section 3.2.2.1</a>1739 <td class="left"> <a href="#cache-response-directive.only-if-cached" title="public">Section 7.2.2.1</a> 1729 1740 </td> 1730 1741 </tr> 1731 1742 <tr> 1732 1743 <td class="left">s-maxage</td> 1733 <td class="left"> <a href="#cache-response-directive.s-maxage" title="s-maxage">Section 3.2.2.8</a>1744 <td class="left"> <a href="#cache-response-directive.s-maxage" title="s-maxage">Section 7.2.2.8</a> 1734 1745 </td> 1735 1746 </tr> … … 1747 1758 </table> 1748 1759 </div> 1749 <h2 id="rfc.section. 5.2"><a href="#rfc.section.5.2">5.2</a> <a id="warn.code.registration" href="#warn.code.registration">Warn Code Registry</a></h2>1750 <p id="rfc.section. 5.2.p.1">The registration procedure for HTTP Warn Codes is defined by <a href="#warn.code.extensions" title="Warn Code Extensions">Section 3.6.8</a> of this document.1751 </p> 1752 <p id="rfc.section. 5.2.p.2">The HTTP Warn Code Registry shall be created at <<a href="http://www.iana.org/assignments/http-cache-directives">http://www.iana.org/assignments/http-cache-directives</a>> and be populated with the registrations below:1760 <h2 id="rfc.section.9.2"><a href="#rfc.section.9.2">9.2</a> <a id="warn.code.registration" href="#warn.code.registration">Warn Code Registry</a></h2> 1761 <p id="rfc.section.9.2.p.1">The registration procedure for HTTP Warn Codes is defined by <a href="#warn.code.extensions" title="Warn Code Extensions">Section 7.6.8</a> of this document. 1762 </p> 1763 <p id="rfc.section.9.2.p.2">The HTTP Warn Code Registry shall be created at <<a href="http://www.iana.org/assignments/http-cache-directives">http://www.iana.org/assignments/http-cache-directives</a>> and be populated with the registrations below: 1753 1764 </p> 1754 1765 <div id="rfc.table.2"> … … 1766 1777 <td class="left">110</td> 1767 1778 <td class="left">Response is Stale</td> 1768 <td class="left"> <a href="#warn.110" id="rfc.xref.warn.110.1" title="110 Response is Stale">Section 3.6.1</a>1779 <td class="left"> <a href="#warn.110" id="rfc.xref.warn.110.1" title="110 Response is Stale">Section 7.6.1</a> 1769 1780 </td> 1770 1781 </tr> … … 1772 1783 <td class="left">111</td> 1773 1784 <td class="left">Revalidation Failed</td> 1774 <td class="left"> <a href="#warn.111" id="rfc.xref.warn.111.1" title="111 Revalidation Failed">Section 3.6.2</a>1785 <td class="left"> <a href="#warn.111" id="rfc.xref.warn.111.1" title="111 Revalidation Failed">Section 7.6.2</a> 1775 1786 </td> 1776 1787 </tr> … … 1778 1789 <td class="left">112</td> 1779 1790 <td class="left">Disconnected Operation</td> 1780 <td class="left"> <a href="#warn.112" id="rfc.xref.warn.112.1" title="112 Disconnected Operation">Section 3.6.3</a>1791 <td class="left"> <a href="#warn.112" id="rfc.xref.warn.112.1" title="112 Disconnected Operation">Section 7.6.3</a> 1781 1792 </td> 1782 1793 </tr> … … 1784 1795 <td class="left">113</td> 1785 1796 <td class="left">Heuristic Expiration</td> 1786 <td class="left"> <a href="#warn.113" id="rfc.xref.warn.113.1" title="113 Heuristic Expiration">Section 3.6.4</a>1797 <td class="left"> <a href="#warn.113" id="rfc.xref.warn.113.1" title="113 Heuristic Expiration">Section 7.6.4</a> 1787 1798 </td> 1788 1799 </tr> … … 1790 1801 <td class="left">199</td> 1791 1802 <td class="left">Miscellaneous Warning</td> 1792 <td class="left"> <a href="#warn.199" id="rfc.xref.warn.199.1" title="199 Miscellaneous Warning">Section 3.6.5</a>1803 <td class="left"> <a href="#warn.199" id="rfc.xref.warn.199.1" title="199 Miscellaneous Warning">Section 7.6.5</a> 1793 1804 </td> 1794 1805 </tr> … … 1796 1807 <td class="left">214</td> 1797 1808 <td class="left">Transformation Applied</td> 1798 <td class="left"> <a href="#warn.214" id="rfc.xref.warn.214.1" title="214 Transformation Applied">Section 3.6.6</a>1809 <td class="left"> <a href="#warn.214" id="rfc.xref.warn.214.1" title="214 Transformation Applied">Section 7.6.6</a> 1799 1810 </td> 1800 1811 </tr> … … 1802 1813 <td class="left">299</td> 1803 1814 <td class="left">Miscellaneous Persistent Warning</td> 1804 <td class="left"> <a href="#warn.299" id="rfc.xref.warn.299.1" title="299 Miscellaneous Persistent Warning">Section 3.6.7</a>1815 <td class="left"> <a href="#warn.299" id="rfc.xref.warn.299.1" title="299 Miscellaneous Persistent Warning">Section 7.6.7</a> 1805 1816 </td> 1806 1817 </tr> … … 1808 1819 </table> 1809 1820 </div> 1810 <h2 id="rfc.section. 5.3"><a href="#rfc.section.5.3">5.3</a> <a id="header.field.registration" href="#header.field.registration">Header Field Registration</a></h2>1811 <p id="rfc.section. 5.3.p.1">The Message Header Field Registry located at <<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>> shall be updated with the permanent registrations below (see <a href="#RFC3864" id="rfc.xref.RFC3864.1"><cite title="Registration Procedures for Message Header Fields">[RFC3864]</cite></a>):1821 <h2 id="rfc.section.9.3"><a href="#rfc.section.9.3">9.3</a> <a id="header.field.registration" href="#header.field.registration">Header Field Registration</a></h2> 1822 <p id="rfc.section.9.3.p.1">The Message Header Field Registry located at <<a href="http://www.iana.org/assignments/message-headers/message-header-index.html">http://www.iana.org/assignments/message-headers/message-header-index.html</a>> shall be updated with the permanent registrations below (see <a href="#RFC3864" id="rfc.xref.RFC3864.1"><cite title="Registration Procedures for Message Header Fields">[RFC3864]</cite></a>): 1812 1823 </p> 1813 1824 <div id="rfc.table.3"> … … 1827 1838 <td class="left">http</td> 1828 1839 <td class="left">standard</td> 1829 <td class="left"> <a href="#header.age" id="rfc.xref.header.age.3" title="Age">Section 3.1</a>1840 <td class="left"> <a href="#header.age" id="rfc.xref.header.age.3" title="Age">Section 7.1</a> 1830 1841 </td> 1831 1842 </tr> … … 1834 1845 <td class="left">http</td> 1835 1846 <td class="left">standard</td> 1836 <td class="left"> <a href="#header.cache-control" id="rfc.xref.header.cache-control.2" title="Cache-Control">Section 3.2</a>1847 <td class="left"> <a href="#header.cache-control" id="rfc.xref.header.cache-control.2" title="Cache-Control">Section 7.2</a> 1837 1848 </td> 1838 1849 </tr> … … 1841 1852 <td class="left">http</td> 1842 1853 <td class="left">standard</td> 1843 <td class="left"> <a href="#header.expires" id="rfc.xref.header.expires.4" title="Expires">Section 3.3</a>1854 <td class="left"> <a href="#header.expires" id="rfc.xref.header.expires.4" title="Expires">Section 7.3</a> 1844 1855 </td> 1845 1856 </tr> … … 1848 1859 <td class="left">http</td> 1849 1860 <td class="left">standard</td> 1850 <td class="left"> <a href="#header.pragma" id="rfc.xref.header.pragma.3" title="Pragma">Section 3.4</a>1861 <td class="left"> <a href="#header.pragma" id="rfc.xref.header.pragma.3" title="Pragma">Section 7.4</a> 1851 1862 </td> 1852 1863 </tr> … … 1855 1866 <td class="left">http</td> 1856 1867 <td class="left">standard</td> 1857 <td class="left"> <a href="#header.vary" id="rfc.xref.header.vary.2" title="Vary">Section 3.5</a>1868 <td class="left"> <a href="#header.vary" id="rfc.xref.header.vary.2" title="Vary">Section 7.5</a> 1858 1869 </td> 1859 1870 </tr> … … 1862 1873 <td class="left">http</td> 1863 1874 <td class="left">standard</td> 1864 <td class="left"> <a href="#header.warning" id="rfc.xref.header.warning.5" title="Warning">Section 3.6</a>1875 <td class="left"> <a href="#header.warning" id="rfc.xref.header.warning.5" title="Warning">Section 7.6</a> 1865 1876 </td> 1866 1877 </tr> … … 1868 1879 </table> 1869 1880 </div> 1870 <p id="rfc.section. 5.3.p.2">The change controller is: "IETF (iesg@ietf.org) - Internet Engineering Task Force".</p>1871 <h1 id="rfc.section. 6"><a href="#rfc.section.6">6.</a> <a id="security.considerations" href="#security.considerations">Security Considerations</a></h1>1872 <p id="rfc.section. 6.p.1">Caches expose additional potential vulnerabilities, since the contents of the cache represent an attractive target for malicious1881 <p id="rfc.section.9.3.p.2">The change controller is: "IETF (iesg@ietf.org) - Internet Engineering Task Force".</p> 1882 <h1 id="rfc.section.10"><a href="#rfc.section.10">10.</a> <a id="security.considerations" href="#security.considerations">Security Considerations</a></h1> 1883 <p id="rfc.section.10.p.1">Caches expose additional potential vulnerabilities, since the contents of the cache represent an attractive target for malicious 1873 1884 exploitation. Because cache contents persist after an HTTP request is complete, an attack on the cache can reveal information 1874 1885 long after a user believes that the information has been removed from the network. Therefore, cache contents need to be protected 1875 1886 as sensitive information. 1876 1887 </p> 1877 <h1 id="rfc.section. 7"><a href="#rfc.section.7">7.</a> <a id="acks" href="#acks">Acknowledgments</a></h1>1878 <p id="rfc.section. 7.p.1">See <a href="p1-messaging.html#acks" title="Acknowledgments">Section 9</a> of <a href="#Part1" id="rfc.xref.Part1.17"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>.1879 </p> 1880 <h1 id="rfc.references"><a id="rfc.section. 8" href="#rfc.section.8">8.</a> References1888 <h1 id="rfc.section.11"><a href="#rfc.section.11">11.</a> <a id="acks" href="#acks">Acknowledgments</a></h1> 1889 <p id="rfc.section.11.p.1">See <a href="p1-messaging.html#acks" title="Acknowledgments">Section 9</a> of <a href="#Part1" id="rfc.xref.Part1.17"><cite title="HTTP/1.1, part 1: URIs, Connections, and Message Parsing">[Part1]</cite></a>. 1890 </p> 1891 <h1 id="rfc.references"><a id="rfc.section.12" href="#rfc.section.12">12.</a> References 1881 1892 </h1> 1882 <h2 id="rfc.references.1"><a href="#rfc.section. 8.1" id="rfc.section.8.1">8.1</a> Normative References1893 <h2 id="rfc.references.1"><a href="#rfc.section.12.1" id="rfc.section.12.1">12.1</a> Normative References 1883 1894 </h2> 1884 1895 <table> … … 1919 1930 </tr> 1920 1931 </table> 1921 <h2 id="rfc.references.2"><a href="#rfc.section. 8.2" id="rfc.section.8.2">8.2</a> Informative References1932 <h2 id="rfc.references.2"><a href="#rfc.section.12.2" id="rfc.section.12.2">12.2</a> Informative References 1922 1933 </h2> 1923 1934 <table> … … 1964 1975 </div> 1965 1976 <h1 id="rfc.section.A" class="np"><a href="#rfc.section.A">A.</a> <a id="changes.from.rfc.2616" href="#changes.from.rfc.2616">Changes from RFC 2616</a></h1> 1966 <p id="rfc.section.A.p.1">Make the specified age calculation algorithm less conservative. (<a href="#age.calculations" title="Calculating Age">Section 2.3.2</a>)1967 </p> 1968 <p id="rfc.section.A.p.2">Remove requirement to consider <a href="p2-semantics.html#header.content-location" class="smpl">Content-Location</a> in successful responses in order to determine the appropriate response to use. (<a href="#validation.model" title="Validation Model">Section 2.4</a>)1969 </p> 1970 <p id="rfc.section.A.p.3">Clarify denial of service attack avoidance requirement. (<a href="#invalidation.after.updates.or.deletions" title="Request Methods that Invalidate">Section 2.6</a>)1971 </p> 1972 <p id="rfc.section.A.p.4">Change ABNF productions for header fields to only define the field value. (<a href="#header.field.definitions" title="Header Field Definitions">Section 3</a>)1973 </p> 1974 <p id="rfc.section.A.p.5">Do not mention RFC 2047 encoding and multiple languages in <a href="#header.warning" class="smpl">Warning</a> header fields anymore, as these aspects never were implemented. (<a href="#header.warning" id="rfc.xref.header.warning.6" title="Warning">Section 3.6</a>)1977 <p id="rfc.section.A.p.1">Make the specified age calculation algorithm less conservative. (<a href="#age.calculations" title="Calculating Age">Section 4.1.3</a>) 1978 </p> 1979 <p id="rfc.section.A.p.2">Remove requirement to consider <a href="p2-semantics.html#header.content-location" class="smpl">Content-Location</a> in successful responses in order to determine the appropriate response to use. (<a href="#validation.model" title="Validation Model">Section 4.2</a>) 1980 </p> 1981 <p id="rfc.section.A.p.3">Clarify denial of service attack avoidance requirement. (<a href="#invalidation.after.updates.or.deletions" title="Request Methods that Invalidate">Section 6</a>) 1982 </p> 1983 <p id="rfc.section.A.p.4">Change ABNF productions for header fields to only define the field value. (<a href="#header.field.definitions" title="Header Field Definitions">Section 7</a>) 1984 </p> 1985 <p id="rfc.section.A.p.5">Do not mention RFC 2047 encoding and multiple languages in <a href="#header.warning" class="smpl">Warning</a> header fields anymore, as these aspects never were implemented. (<a href="#header.warning" id="rfc.xref.header.warning.6" title="Warning">Section 7.6</a>) 1975 1986 </p> 1976 1987 <h1 id="rfc.section.B"><a href="#rfc.section.B">B.</a> <a id="collected.abnf" href="#collected.abnf">Collected ABNF</a></h1> … … 2051 2062 <ul class="ind"> 2052 2063 <li><a id="rfc.index.1" href="#rfc.index.1"><b>1</b></a><ul> 2053 <li>110 Response is Stale (warn code) <a href="#rfc.iref.76"><b> 3.6.1</b></a>, <a href="#rfc.xref.warn.110.1">5.2</a></li>2054 <li>111 Revalidation Failed (warn code) <a href="#rfc.iref.77"><b> 3.6.2</b></a>, <a href="#rfc.xref.warn.111.1">5.2</a></li>2055 <li>112 Disconnected Operation (warn code) <a href="#rfc.iref.78"><b> 3.6.3</b></a>, <a href="#rfc.xref.warn.112.1">5.2</a></li>2056 <li>113 Heuristic Expiration (warn code) <a href="#rfc.iref.79"><b> 3.6.4</b></a>, <a href="#rfc.xref.warn.113.1">5.2</a></li>2057 <li>199 Miscellaneous Warning (warn code) <a href="#rfc.iref.80"><b> 3.6.5</b></a>, <a href="#rfc.xref.warn.199.1">5.2</a></li>2064 <li>110 Response is Stale (warn code) <a href="#rfc.iref.76"><b>7.6.1</b></a>, <a href="#rfc.xref.warn.110.1">9.2</a></li> 2065 <li>111 Revalidation Failed (warn code) <a href="#rfc.iref.77"><b>7.6.2</b></a>, <a href="#rfc.xref.warn.111.1">9.2</a></li> 2066 <li>112 Disconnected Operation (warn code) <a href="#rfc.iref.78"><b>7.6.3</b></a>, <a href="#rfc.xref.warn.112.1">9.2</a></li> 2067 <li>113 Heuristic Expiration (warn code) <a href="#rfc.iref.79"><b>7.6.4</b></a>, <a href="#rfc.xref.warn.113.1">9.2</a></li> 2068 <li>199 Miscellaneous Warning (warn code) <a href="#rfc.iref.80"><b>7.6.5</b></a>, <a href="#rfc.xref.warn.199.1">9.2</a></li> 2058 2069 </ul> 2059 2070 </li> 2060 2071 <li><a id="rfc.index.2" href="#rfc.index.2"><b>2</b></a><ul> 2061 <li>214 Transformation Applied (warn code) <a href="#rfc.iref.81"><b> 3.6.6</b></a>, <a href="#rfc.xref.warn.214.1">5.2</a></li>2062 <li>299 Miscellaneous Persistent Warning (warn code) <a href="#rfc.iref.82"><b> 3.6.7</b></a>, <a href="#rfc.xref.warn.299.1">5.2</a></li>2072 <li>214 Transformation Applied (warn code) <a href="#rfc.iref.81"><b>7.6.6</b></a>, <a href="#rfc.xref.warn.214.1">9.2</a></li> 2073 <li>299 Miscellaneous Persistent Warning (warn code) <a href="#rfc.iref.82"><b>7.6.7</b></a>, <a href="#rfc.xref.warn.299.1">9.2</a></li> 2063 2074 </ul> 2064 2075 </li> 2065 2076 <li><a id="rfc.index.A" href="#rfc.index.A"><b>A</b></a><ul> 2066 2077 <li>age <a href="#rfc.iref.a.1">1.2</a></li> 2067 <li>Age header field <a href="#rfc.xref.header.age.1"> 2.2</a>, <a href="#rfc.xref.header.age.2">2.3.2</a>, <a href="#rfc.iref.a.2"><b>3.1</b></a>, <a href="#rfc.xref.header.age.3">5.3</a></li>2078 <li>Age header field <a href="#rfc.xref.header.age.1">4</a>, <a href="#rfc.xref.header.age.2">4.1.3</a>, <a href="#rfc.iref.a.2"><b>7.1</b></a>, <a href="#rfc.xref.header.age.3">9.3</a></li> 2068 2079 </ul> 2069 2080 </li> … … 2072 2083 <li>Cache Directives 2073 2084 <ul> 2074 <li>max-age <a href="#rfc.iref.c.9"><b> 3.2.1.3</b></a>, <a href="#rfc.iref.c.20"><b>3.2.2.7</b></a></li>2075 <li>max-stale <a href="#rfc.iref.c.10"><b> 3.2.1.4</b></a></li>2076 <li>min-fresh <a href="#rfc.iref.c.11"><b> 3.2.1.5</b></a></li>2077 <li>must-revalidate <a href="#rfc.iref.c.18"><b> 3.2.2.5</b></a></li>2078 <li>no-cache <a href="#rfc.iref.c.7"><b> 3.2.1.1</b></a>, <a href="#rfc.iref.c.16"><b>3.2.2.3</b></a></li>2079 <li>no-store <a href="#rfc.iref.c.8"><b> 3.2.1.2</b></a>, <a href="#rfc.iref.c.17"><b>3.2.2.4</b></a></li>2080 <li>no-transform <a href="#rfc.iref.c.12"><b> 3.2.1.6</b></a>, <a href="#rfc.iref.c.22"><b>3.2.2.9</b></a></li>2081 <li>only-if-cached <a href="#rfc.iref.c.13"><b> 3.2.1.7</b></a></li>2082 <li>private <a href="#rfc.iref.c.15"><b> 3.2.2.2</b></a></li>2083 <li>proxy-revalidate <a href="#rfc.iref.c.19"><b> 3.2.2.6</b></a></li>2084 <li>public <a href="#rfc.iref.c.14"><b> 3.2.2.1</b></a></li>2085 <li>s-maxage <a href="#rfc.iref.c.21"><b> 3.2.2.8</b></a></li>2085 <li>max-age <a href="#rfc.iref.c.9"><b>7.2.1.3</b></a>, <a href="#rfc.iref.c.20"><b>7.2.2.7</b></a></li> 2086 <li>max-stale <a href="#rfc.iref.c.10"><b>7.2.1.4</b></a></li> 2087 <li>min-fresh <a href="#rfc.iref.c.11"><b>7.2.1.5</b></a></li> 2088 <li>must-revalidate <a href="#rfc.iref.c.18"><b>7.2.2.5</b></a></li> 2089 <li>no-cache <a href="#rfc.iref.c.7"><b>7.2.1.1</b></a>, <a href="#rfc.iref.c.16"><b>7.2.2.3</b></a></li> 2090 <li>no-store <a href="#rfc.iref.c.8"><b>7.2.1.2</b></a>, <a href="#rfc.iref.c.17"><b>7.2.2.4</b></a></li> 2091 <li>no-transform <a href="#rfc.iref.c.12"><b>7.2.1.6</b></a>, <a href="#rfc.iref.c.22"><b>7.2.2.9</b></a></li> 2092 <li>only-if-cached <a href="#rfc.iref.c.13"><b>7.2.1.7</b></a></li> 2093 <li>private <a href="#rfc.iref.c.15"><b>7.2.2.2</b></a></li> 2094 <li>proxy-revalidate <a href="#rfc.iref.c.19"><b>7.2.2.6</b></a></li> 2095 <li>public <a href="#rfc.iref.c.14"><b>7.2.2.1</b></a></li> 2096 <li>s-maxage <a href="#rfc.iref.c.21"><b>7.2.2.8</b></a></li> 2086 2097 </ul> 2087 2098 </li> 2088 2099 <li>cache entry <a href="#rfc.iref.c.4">2</a></li> 2089 2100 <li>cache key <a href="#rfc.iref.c.5">2</a></li> 2090 <li>Cache-Control header field <a href="#rfc.xref.header.cache-control.1"> 2.1</a>, <a href="#rfc.iref.c.6"><b>3.2</b></a>, <a href="#rfc.xref.header.cache-control.2">5.3</a></li>2101 <li>Cache-Control header field <a href="#rfc.xref.header.cache-control.1">3</a>, <a href="#rfc.iref.c.6"><b>7.2</b></a>, <a href="#rfc.xref.header.cache-control.2">9.3</a></li> 2091 2102 <li>cacheable <a href="#rfc.iref.c.3">1.2</a></li> 2092 2103 </ul> 2093 2104 </li> 2094 2105 <li><a id="rfc.index.E" href="#rfc.index.E"><b>E</b></a><ul> 2095 <li>Expires header field <a href="#rfc.xref.header.expires.1"> 2.1</a>, <a href="#rfc.xref.header.expires.2">2.3</a>, <a href="#rfc.xref.header.expires.3">2.3.1</a>, <a href="#rfc.iref.e.2"><b>3.3</b></a>, <a href="#rfc.xref.header.expires.4">5.3</a></li>2106 <li>Expires header field <a href="#rfc.xref.header.expires.1">3</a>, <a href="#rfc.xref.header.expires.2">4.1</a>, <a href="#rfc.xref.header.expires.3">4.1.1</a>, <a href="#rfc.iref.e.2"><b>7.3</b></a>, <a href="#rfc.xref.header.expires.4">9.3</a></li> 2096 2107 <li>explicit expiration time <a href="#rfc.iref.e.1">1.2</a></li> 2097 2108 </ul> … … 2106 2117 <li><tt>Grammar</tt> 2107 2118 <ul> 2108 <li><tt>Age</tt> <a href="#rfc.iref.g.2"><b> 3.1</b></a></li>2109 <li><tt>Cache-Control</tt> <a href="#rfc.iref.g.3"><b> 3.2</b></a></li>2110 <li><tt>cache-directive</tt> <a href="#rfc.iref.g.4"><b> 3.2</b></a></li>2119 <li><tt>Age</tt> <a href="#rfc.iref.g.2"><b>7.1</b></a></li> 2120 <li><tt>Cache-Control</tt> <a href="#rfc.iref.g.3"><b>7.2</b></a></li> 2121 <li><tt>cache-directive</tt> <a href="#rfc.iref.g.4"><b>7.2</b></a></li> 2111 2122 <li><tt>delta-seconds</tt> <a href="#rfc.iref.g.1"><b>1.4.3</b></a></li> 2112 <li><tt>Expires</tt> <a href="#rfc.iref.g.5"><b> 3.3</b></a></li>2113 <li><tt>extension-pragma</tt> <a href="#rfc.iref.g.8"><b> 3.4</b></a></li>2114 <li><tt>Pragma</tt> <a href="#rfc.iref.g.6"><b> 3.4</b></a></li>2115 <li><tt>pragma-directive</tt> <a href="#rfc.iref.g.7"><b> 3.4</b></a></li>2116 <li><tt>Vary</tt> <a href="#rfc.iref.g.9"><b> 3.5</b></a></li>2117 <li><tt>warn-agent</tt> <a href="#rfc.iref.g.13"><b> 3.6</b></a></li>2118 <li><tt>warn-code</tt> <a href="#rfc.iref.g.12"><b> 3.6</b></a></li>2119 <li><tt>warn-date</tt> <a href="#rfc.iref.g.15"><b> 3.6</b></a></li>2120 <li><tt>warn-text</tt> <a href="#rfc.iref.g.14"><b> 3.6</b></a></li>2121 <li><tt>Warning</tt> <a href="#rfc.iref.g.10"><b> 3.6</b></a></li>2122 <li><tt>warning-value</tt> <a href="#rfc.iref.g.11"><b> 3.6</b></a></li>2123 <li><tt>Expires</tt> <a href="#rfc.iref.g.5"><b>7.3</b></a></li> 2124 <li><tt>extension-pragma</tt> <a href="#rfc.iref.g.8"><b>7.4</b></a></li> 2125 <li><tt>Pragma</tt> <a href="#rfc.iref.g.6"><b>7.4</b></a></li> 2126 <li><tt>pragma-directive</tt> <a href="#rfc.iref.g.7"><b>7.4</b></a></li> 2127 <li><tt>Vary</tt> <a href="#rfc.iref.g.9"><b>7.5</b></a></li> 2128 <li><tt>warn-agent</tt> <a href="#rfc.iref.g.13"><b>7.6</b></a></li> 2129 <li><tt>warn-code</tt> <a href="#rfc.iref.g.12"><b>7.6</b></a></li> 2130 <li><tt>warn-date</tt> <a href="#rfc.iref.g.15"><b>7.6</b></a></li> 2131 <li><tt>warn-text</tt> <a href="#rfc.iref.g.14"><b>7.6</b></a></li> 2132 <li><tt>Warning</tt> <a href="#rfc.iref.g.10"><b>7.6</b></a></li> 2133 <li><tt>warning-value</tt> <a href="#rfc.iref.g.11"><b>7.6</b></a></li> 2123 2134 </ul> 2124 2135 </li> … … 2128 2139 <li>Header Fields 2129 2140 <ul> 2130 <li>Age <a href="#rfc.xref.header.age.1"> 2.2</a>, <a href="#rfc.xref.header.age.2">2.3.2</a>, <a href="#rfc.iref.h.2"><b>3.1</b></a>, <a href="#rfc.xref.header.age.3">5.3</a></li>2131 <li>Cache-Control <a href="#rfc.xref.header.cache-control.1"> 2.1</a>, <a href="#rfc.iref.h.3"><b>3.2</b></a>, <a href="#rfc.xref.header.cache-control.2">5.3</a></li>2132 <li>Expires <a href="#rfc.xref.header.expires.1"> 2.1</a>, <a href="#rfc.xref.header.expires.2">2.3</a>, <a href="#rfc.xref.header.expires.3">2.3.1</a>, <a href="#rfc.iref.h.4"><b>3.3</b></a>, <a href="#rfc.xref.header.expires.4">5.3</a></li>2133 <li>Pragma <a href="#rfc.xref.header.pragma.1"> 2.2</a>, <a href="#rfc.xref.header.pragma.2">3.2</a>, <a href="#rfc.iref.h.5"><b>3.4</b></a>, <a href="#rfc.xref.header.pragma.3">5.3</a></li>2134 <li>Vary <a href="#rfc.xref.header.vary.1"> 2.8</a>, <a href="#rfc.iref.h.6"><b>3.5</b></a>, <a href="#rfc.xref.header.vary.2">5.3</a></li>2135 <li>Warning <a href="#rfc.xref.header.warning.1"> 2.3.3</a>, <a href="#rfc.xref.header.warning.2">2.4.1</a>, <a href="#rfc.xref.header.warning.3">2.5</a>, <a href="#rfc.xref.header.warning.4">2.9</a>, <a href="#rfc.iref.h.7"><b>3.6</b></a>, <a href="#rfc.xref.header.warning.5">5.3</a>, <a href="#rfc.xref.header.warning.6">A</a></li>2141 <li>Age <a href="#rfc.xref.header.age.1">4</a>, <a href="#rfc.xref.header.age.2">4.1.3</a>, <a href="#rfc.iref.h.2"><b>7.1</b></a>, <a href="#rfc.xref.header.age.3">9.3</a></li> 2142 <li>Cache-Control <a href="#rfc.xref.header.cache-control.1">3</a>, <a href="#rfc.iref.h.3"><b>7.2</b></a>, <a href="#rfc.xref.header.cache-control.2">9.3</a></li> 2143 <li>Expires <a href="#rfc.xref.header.expires.1">3</a>, <a href="#rfc.xref.header.expires.2">4.1</a>, <a href="#rfc.xref.header.expires.3">4.1.1</a>, <a href="#rfc.iref.h.4"><b>7.3</b></a>, <a href="#rfc.xref.header.expires.4">9.3</a></li> 2144 <li>Pragma <a href="#rfc.xref.header.pragma.1">4</a>, <a href="#rfc.xref.header.pragma.2">7.2</a>, <a href="#rfc.iref.h.5"><b>7.4</b></a>, <a href="#rfc.xref.header.pragma.3">9.3</a></li> 2145 <li>Vary <a href="#rfc.xref.header.vary.1">4.3</a>, <a href="#rfc.iref.h.6"><b>7.5</b></a>, <a href="#rfc.xref.header.vary.2">9.3</a></li> 2146 <li>Warning <a href="#rfc.xref.header.warning.1">4.1.4</a>, <a href="#rfc.xref.header.warning.2">4.2.1</a>, <a href="#rfc.xref.header.warning.3">4.4</a>, <a href="#rfc.xref.header.warning.4">5</a>, <a href="#rfc.iref.h.7"><b>7.6</b></a>, <a href="#rfc.xref.header.warning.5">9.3</a>, <a href="#rfc.xref.header.warning.6">A</a></li> 2136 2147 </ul> 2137 2148 </li> … … 2142 2153 <li>max-age 2143 2154 <ul> 2144 <li>Cache Directive <a href="#rfc.iref.m.1"><b> 3.2.1.3</b></a>, <a href="#rfc.iref.m.5"><b>3.2.2.7</b></a></li>2155 <li>Cache Directive <a href="#rfc.iref.m.1"><b>7.2.1.3</b></a>, <a href="#rfc.iref.m.5"><b>7.2.2.7</b></a></li> 2145 2156 </ul> 2146 2157 </li> 2147 2158 <li>max-stale 2148 2159 <ul> 2149 <li>Cache Directive <a href="#rfc.iref.m.2"><b> 3.2.1.4</b></a></li>2160 <li>Cache Directive <a href="#rfc.iref.m.2"><b>7.2.1.4</b></a></li> 2150 2161 </ul> 2151 2162 </li> 2152 2163 <li>min-fresh 2153 2164 <ul> 2154 <li>Cache Directive <a href="#rfc.iref.m.3"><b> 3.2.1.5</b></a></li>2165 <li>Cache Directive <a href="#rfc.iref.m.3"><b>7.2.1.5</b></a></li> 2155 2166 </ul> 2156 2167 </li> 2157 2168 <li>must-revalidate 2158 2169 <ul> 2159 <li>Cache Directive <a href="#rfc.iref.m.4"><b> 3.2.2.5</b></a></li>2170 <li>Cache Directive <a href="#rfc.iref.m.4"><b>7.2.2.5</b></a></li> 2160 2171 </ul> 2161 2172 </li> … … 2165 2176 <li>no-cache 2166 2177 <ul> 2167 <li>Cache Directive <a href="#rfc.iref.n.1"><b> 3.2.1.1</b></a>, <a href="#rfc.iref.n.4"><b>3.2.2.3</b></a></li>2178 <li>Cache Directive <a href="#rfc.iref.n.1"><b>7.2.1.1</b></a>, <a href="#rfc.iref.n.4"><b>7.2.2.3</b></a></li> 2168 2179 </ul> 2169 2180 </li> 2170 2181 <li>no-store 2171 2182 <ul> 2172 <li>Cache Directive <a href="#rfc.iref.n.2"><b> 3.2.1.2</b></a>, <a href="#rfc.iref.n.5"><b>3.2.2.4</b></a></li>2183 <li>Cache Directive <a href="#rfc.iref.n.2"><b>7.2.1.2</b></a>, <a href="#rfc.iref.n.5"><b>7.2.2.4</b></a></li> 2173 2184 </ul> 2174 2185 </li> 2175 2186 <li>no-transform 2176 2187 <ul> 2177 <li>Cache Directive <a href="#rfc.iref.n.3"><b> 3.2.1.6</b></a>, <a href="#rfc.iref.n.6"><b>3.2.2.9</b></a></li>2188 <li>Cache Directive <a href="#rfc.iref.n.3"><b>7.2.1.6</b></a>, <a href="#rfc.iref.n.6"><b>7.2.2.9</b></a></li> 2178 2189 </ul> 2179 2190 </li> … … 2183 2194 <li>only-if-cached 2184 2195 <ul> 2185 <li>Cache Directive <a href="#rfc.iref.o.1"><b> 3.2.1.7</b></a></li>2196 <li>Cache Directive <a href="#rfc.iref.o.1"><b>7.2.1.7</b></a></li> 2186 2197 </ul> 2187 2198 </li> … … 2189 2200 </li> 2190 2201 <li><a id="rfc.index.P" href="#rfc.index.P"><b>P</b></a><ul> 2191 <li><em>Part1</em> <a href="#rfc.xref.Part1.1">1.3</a>, <a href="#rfc.xref.Part1.2">1.4</a>, <a href="#rfc.xref.Part1.3">1.4.1</a>, <a href="#rfc.xref.Part1.4">1.4.1</a>, <a href="#rfc.xref.Part1.5">1.4.1</a>, <a href="#rfc.xref.Part1.6">1.4.1</a>, <a href="#rfc.xref.Part1.7">1.4.2</a>, <a href="#rfc.xref.Part1.8">1.4.2</a>, <a href="#rfc.xref.Part1.9">1.4.2</a>, <a href="#rfc.xref.Part1.10">1.4.2</a>, <a href="#rfc.xref.Part1.11"> 2.1</a>, <a href="#rfc.xref.Part1.12">2.2</a>, <a href="#rfc.xref.Part1.13">2.6</a>, <a href="#rfc.xref.Part1.14">2.6</a>, <a href="#rfc.xref.Part1.15">2.6</a>, <a href="#rfc.xref.Part1.16">2.8</a>, <a href="#rfc.xref.Part1.17">7</a>, <a href="#Part1"><b>8.1</b></a><ul>2202 <li><em>Part1</em> <a href="#rfc.xref.Part1.1">1.3</a>, <a href="#rfc.xref.Part1.2">1.4</a>, <a href="#rfc.xref.Part1.3">1.4.1</a>, <a href="#rfc.xref.Part1.4">1.4.1</a>, <a href="#rfc.xref.Part1.5">1.4.1</a>, <a href="#rfc.xref.Part1.6">1.4.1</a>, <a href="#rfc.xref.Part1.7">1.4.2</a>, <a href="#rfc.xref.Part1.8">1.4.2</a>, <a href="#rfc.xref.Part1.9">1.4.2</a>, <a href="#rfc.xref.Part1.10">1.4.2</a>, <a href="#rfc.xref.Part1.11">3.1</a>, <a href="#rfc.xref.Part1.12">4</a>, <a href="#rfc.xref.Part1.13">4.3</a>, <a href="#rfc.xref.Part1.14">6</a>, <a href="#rfc.xref.Part1.15">6</a>, <a href="#rfc.xref.Part1.16">6</a>, <a href="#rfc.xref.Part1.17">11</a>, <a href="#Part1"><b>12.1</b></a><ul> 2192 2203 <li><em>Section 1.2</em> <a href="#rfc.xref.Part1.2">1.4</a></li> 2193 2204 <li><em>Section 2</em> <a href="#rfc.xref.Part1.1">1.3</a></li> 2194 2205 <li><em>Section 2.7</em> <a href="#rfc.xref.Part1.8">1.4.2</a>, <a href="#rfc.xref.Part1.10">1.4.2</a></li> 2195 2206 <li><em>Section 3.2.1</em> <a href="#rfc.xref.Part1.4">1.4.1</a></li> 2196 <li><em>Section 3.2</em> <a href="#rfc.xref.Part1.7">1.4.2</a>, <a href="#rfc.xref.Part1.1 6">2.8</a></li>2207 <li><em>Section 3.2</em> <a href="#rfc.xref.Part1.7">1.4.2</a>, <a href="#rfc.xref.Part1.13">4.3</a></li> 2197 2208 <li><em>Section 3.2.4</em> <a href="#rfc.xref.Part1.5">1.4.1</a>, <a href="#rfc.xref.Part1.6">1.4.1</a></li> 2198 <li><em>Section 5.5</em> <a href="#rfc.xref.Part1.12"> 2.2</a>, <a href="#rfc.xref.Part1.13">2.6</a>, <a href="#rfc.xref.Part1.14">2.6</a>, <a href="#rfc.xref.Part1.15">2.6</a></li>2209 <li><em>Section 5.5</em> <a href="#rfc.xref.Part1.12">4</a>, <a href="#rfc.xref.Part1.14">6</a>, <a href="#rfc.xref.Part1.15">6</a>, <a href="#rfc.xref.Part1.16">6</a></li> 2199 2210 <li><em>Section 6.2</em> <a href="#rfc.xref.Part1.9">1.4.2</a></li> 2200 <li><em>Section 9</em> <a href="#rfc.xref.Part1.17"> 7</a></li>2201 </ul> 2202 </li> 2203 <li><em>Part2</em> <a href="#rfc.xref.Part2.1">1.4.2</a>, <a href="#rfc.xref.Part2.2">2</a>, <a href="#rfc.xref.Part2.3"> 2.2</a>, <a href="#rfc.xref.Part2.4">2.3.1.1</a>, <a href="#rfc.xref.Part2.5">2.3.2</a>, <a href="#rfc.xref.Part2.6">2.6</a>, <a href="#rfc.xref.Part2.7">3.3</a>, <a href="#Part2"><b>8.1</b></a><ul>2204 <li><em>Section 2.1.1</em> <a href="#rfc.xref.Part2.3"> 2.2</a>, <a href="#rfc.xref.Part2.6">2.6</a></li>2205 <li><em>Section 4</em> <a href="#rfc.xref.Part2.4"> 2.3.1.1</a></li>2206 <li><em>Section 5.1</em> <a href="#rfc.xref.Part2.1">1.4.2</a>, <a href="#rfc.xref.Part2.7"> 3.3</a></li>2207 <li><em>Section 9.10</em> <a href="#rfc.xref.Part2.5"> 2.3.2</a></li>2208 </ul> 2209 </li> 2210 <li><em>Part4</em> <a href="#rfc.xref.Part4.1">1.2</a>, <a href="#rfc.xref.Part4.2">1.2</a>, <a href="#rfc.xref.Part4.3">1.2</a>, <a href="#rfc.xref.Part4.4"> 2.3.1.1</a>, <a href="#rfc.xref.Part4.5">2.4</a>, <a href="#Part4"><b>8.1</b></a><ul>2211 <li><em>Section 9</em> <a href="#rfc.xref.Part1.17">11</a></li> 2212 </ul> 2213 </li> 2214 <li><em>Part2</em> <a href="#rfc.xref.Part2.1">1.4.2</a>, <a href="#rfc.xref.Part2.2">2</a>, <a href="#rfc.xref.Part2.3">4</a>, <a href="#rfc.xref.Part2.4">4.1.2</a>, <a href="#rfc.xref.Part2.5">4.1.3</a>, <a href="#rfc.xref.Part2.6">6</a>, <a href="#rfc.xref.Part2.7">7.3</a>, <a href="#Part2"><b>12.1</b></a><ul> 2215 <li><em>Section 2.1.1</em> <a href="#rfc.xref.Part2.3">4</a>, <a href="#rfc.xref.Part2.6">6</a></li> 2216 <li><em>Section 4</em> <a href="#rfc.xref.Part2.4">4.1.2</a></li> 2217 <li><em>Section 5.1</em> <a href="#rfc.xref.Part2.1">1.4.2</a>, <a href="#rfc.xref.Part2.7">7.3</a></li> 2218 <li><em>Section 9.10</em> <a href="#rfc.xref.Part2.5">4.1.3</a></li> 2219 </ul> 2220 </li> 2221 <li><em>Part4</em> <a href="#rfc.xref.Part4.1">1.2</a>, <a href="#rfc.xref.Part4.2">1.2</a>, <a href="#rfc.xref.Part4.3">1.2</a>, <a href="#rfc.xref.Part4.4">4.1.2</a>, <a href="#rfc.xref.Part4.5">4.2</a>, <a href="#Part4"><b>12.1</b></a><ul> 2211 2222 <li><em>Section 2.1</em> <a href="#rfc.xref.Part4.1">1.2</a></li> 2212 <li><em>Section 2.2</em> <a href="#rfc.xref.Part4.4"> 2.3.1.1</a></li>2223 <li><em>Section 2.2</em> <a href="#rfc.xref.Part4.4">4.1.2</a></li> 2213 2224 <li><em>Section 2.2.2</em> <a href="#rfc.xref.Part4.3">1.2</a></li> 2214 2225 <li><em>Section 2.3</em> <a href="#rfc.xref.Part4.2">1.2</a></li> 2215 2226 </ul> 2216 2227 </li> 2217 <li><em>Part5</em> <a href="#rfc.xref.Part5.1"> 2.1</a>, <a href="#rfc.xref.Part5.2">2.9</a>, <a href="#rfc.xref.Part5.3">2.9</a>, <a href="#Part5"><b>8.1</b></a><ul>2218 <li><em>Section 4.2</em> <a href="#rfc.xref.Part5.3"> 2.9</a></li>2219 </ul> 2220 </li> 2221 <li><em>Part7</em> <a href="#rfc.xref.Part7.1"> 2.1</a>, <a href="#rfc.xref.Part7.2">2.7</a>, <a href="#Part7"><b>8.1</b></a><ul>2222 <li><em>Section 4.1</em> <a href="#rfc.xref.Part7.1"> 2.1</a>, <a href="#rfc.xref.Part7.2">2.7</a></li>2223 </ul> 2224 </li> 2225 <li>Pragma header field <a href="#rfc.xref.header.pragma.1"> 2.2</a>, <a href="#rfc.xref.header.pragma.2">3.2</a>, <a href="#rfc.iref.p.5"><b>3.4</b></a>, <a href="#rfc.xref.header.pragma.3">5.3</a></li>2228 <li><em>Part5</em> <a href="#rfc.xref.Part5.1">3.1</a>, <a href="#rfc.xref.Part5.2">4.4</a>, <a href="#rfc.xref.Part5.3">4.4</a>, <a href="#Part5"><b>12.1</b></a><ul> 2229 <li><em>Section 4.2</em> <a href="#rfc.xref.Part5.3">4.4</a></li> 2230 </ul> 2231 </li> 2232 <li><em>Part7</em> <a href="#rfc.xref.Part7.1">3</a>, <a href="#rfc.xref.Part7.2">3.2</a>, <a href="#Part7"><b>12.1</b></a><ul> 2233 <li><em>Section 4.1</em> <a href="#rfc.xref.Part7.1">3</a>, <a href="#rfc.xref.Part7.2">3.2</a></li> 2234 </ul> 2235 </li> 2236 <li>Pragma header field <a href="#rfc.xref.header.pragma.1">4</a>, <a href="#rfc.xref.header.pragma.2">7.2</a>, <a href="#rfc.iref.p.5"><b>7.4</b></a>, <a href="#rfc.xref.header.pragma.3">9.3</a></li> 2226 2237 <li>private 2227 2238 <ul> 2228 <li>Cache Directive <a href="#rfc.iref.p.3"><b> 3.2.2.2</b></a></li>2239 <li>Cache Directive <a href="#rfc.iref.p.3"><b>7.2.2.2</b></a></li> 2229 2240 </ul> 2230 2241 </li> … … 2232 2243 <li>proxy-revalidate 2233 2244 <ul> 2234 <li>Cache Directive <a href="#rfc.iref.p.4"><b> 3.2.2.6</b></a></li>2245 <li>Cache Directive <a href="#rfc.iref.p.4"><b>7.2.2.6</b></a></li> 2235 2246 </ul> 2236 2247 </li> 2237 2248 <li>public 2238 2249 <ul> 2239 <li>Cache Directive <a href="#rfc.iref.p.2"><b> 3.2.2.1</b></a></li>2250 <li>Cache Directive <a href="#rfc.iref.p.2"><b>7.2.2.1</b></a></li> 2240 2251 </ul> 2241 2252 </li> … … 2243 2254 </li> 2244 2255 <li><a id="rfc.index.R" href="#rfc.index.R"><b>R</b></a><ul> 2245 <li><em>RFC1305</em> <a href="#rfc.xref.RFC1305.1"> 2.2</a>, <a href="#rfc.xref.RFC1305.2">2.3.2</a>, <a href="#RFC1305"><b>8.2</b></a></li>2246 <li><em>RFC2119</em> <a href="#rfc.xref.RFC2119.1">1.3</a>, <a href="#RFC2119"><b> 8.1</b></a></li>2247 <li><em>RFC2616</em> <a href="#rfc.xref.RFC2616.1"> 2.3.1.1</a>, <a href="#RFC2616"><b>8.2</b></a><ul>2248 <li><em>Section 13.9</em> <a href="#rfc.xref.RFC2616.1"> 2.3.1.1</a></li>2249 </ul> 2250 </li> 2251 <li><em>RFC3864</em> <a href="#rfc.xref.RFC3864.1"> 5.3</a>, <a href="#RFC3864"><b>8.2</b></a></li>2252 <li><em>RFC5226</em> <a href="#rfc.xref.RFC5226.1"> 3.2.3</a>, <a href="#rfc.xref.RFC5226.2">3.6.8</a>, <a href="#RFC5226"><b>8.2</b></a><ul>2253 <li><em>Section 4.1</em> <a href="#rfc.xref.RFC5226.1"> 3.2.3</a>, <a href="#rfc.xref.RFC5226.2">3.6.8</a></li>2254 </ul> 2255 </li> 2256 <li><em>RFC5234</em> <a href="#rfc.xref.RFC5234.1">1.4</a>, <a href="#rfc.xref.RFC5234.2">1.4</a>, <a href="#RFC5234"><b> 8.1</b></a><ul>2256 <li><em>RFC1305</em> <a href="#rfc.xref.RFC1305.1">4</a>, <a href="#rfc.xref.RFC1305.2">4.1.3</a>, <a href="#RFC1305"><b>12.2</b></a></li> 2257 <li><em>RFC2119</em> <a href="#rfc.xref.RFC2119.1">1.3</a>, <a href="#RFC2119"><b>12.1</b></a></li> 2258 <li><em>RFC2616</em> <a href="#rfc.xref.RFC2616.1">4.1.2</a>, <a href="#RFC2616"><b>12.2</b></a><ul> 2259 <li><em>Section 13.9</em> <a href="#rfc.xref.RFC2616.1">4.1.2</a></li> 2260 </ul> 2261 </li> 2262 <li><em>RFC3864</em> <a href="#rfc.xref.RFC3864.1">9.3</a>, <a href="#RFC3864"><b>12.2</b></a></li> 2263 <li><em>RFC5226</em> <a href="#rfc.xref.RFC5226.1">7.2.3</a>, <a href="#rfc.xref.RFC5226.2">7.6.8</a>, <a href="#RFC5226"><b>12.2</b></a><ul> 2264 <li><em>Section 4.1</em> <a href="#rfc.xref.RFC5226.1">7.2.3</a>, <a href="#rfc.xref.RFC5226.2">7.6.8</a></li> 2265 </ul> 2266 </li> 2267 <li><em>RFC5234</em> <a href="#rfc.xref.RFC5234.1">1.4</a>, <a href="#rfc.xref.RFC5234.2">1.4</a>, <a href="#RFC5234"><b>12.1</b></a><ul> 2257 2268 <li><em>Appendix B.1</em> <a href="#rfc.xref.RFC5234.2">1.4</a></li> 2258 2269 </ul> 2259 2270 </li> 2260 <li><em>RFC5861</em> <a href="#rfc.xref.RFC5861.1"> 5.1</a>, <a href="#rfc.xref.RFC5861.2">5.1</a>, <a href="#RFC5861"><b>8.2</b></a><ul>2261 <li><em>Section 3</em> <a href="#rfc.xref.RFC5861.2"> 5.1</a></li>2262 <li><em>Section 4</em> <a href="#rfc.xref.RFC5861.1"> 5.1</a></li>2271 <li><em>RFC5861</em> <a href="#rfc.xref.RFC5861.1">9.1</a>, <a href="#rfc.xref.RFC5861.2">9.1</a>, <a href="#RFC5861"><b>12.2</b></a><ul> 2272 <li><em>Section 3</em> <a href="#rfc.xref.RFC5861.2">9.1</a></li> 2273 <li><em>Section 4</em> <a href="#rfc.xref.RFC5861.1">9.1</a></li> 2263 2274 </ul> 2264 2275 </li> … … 2268 2279 <li>s-maxage 2269 2280 <ul> 2270 <li>Cache Directive <a href="#rfc.iref.s.4"><b> 3.2.2.8</b></a></li>2281 <li>Cache Directive <a href="#rfc.iref.s.4"><b>7.2.2.8</b></a></li> 2271 2282 </ul> 2272 2283 </li> … … 2281 2292 </ul> 2282 2293 </li> 2283 <li>Vary header field <a href="#rfc.xref.header.vary.1"> 2.8</a>, <a href="#rfc.iref.v.3"><b>3.5</b></a>, <a href="#rfc.xref.header.vary.2">5.3</a></li>2294 <li>Vary header field <a href="#rfc.xref.header.vary.1">4.3</a>, <a href="#rfc.iref.v.3"><b>7.5</b></a>, <a href="#rfc.xref.header.vary.2">9.3</a></li> 2284 2295 </ul> 2285 2296 </li> … … 2287 2298 <li>Warn Codes 2288 2299 <ul> 2289 <li>110 Response is Stale <a href="#rfc.iref.w.2"><b> 3.6.1</b></a>, <a href="#rfc.xref.warn.110.1">5.2</a></li>2290 <li>111 Revalidation Failed <a href="#rfc.iref.w.3"><b> 3.6.2</b></a>, <a href="#rfc.xref.warn.111.1">5.2</a></li>2291 <li>112 Disconnected Operation <a href="#rfc.iref.w.4"><b> 3.6.3</b></a>, <a href="#rfc.xref.warn.112.1">5.2</a></li>2292 <li>113 Heuristic Expiration <a href="#rfc.iref.w.5"><b> 3.6.4</b></a>, <a href="#rfc.xref.warn.113.1">5.2</a></li>2293 <li>199 Miscellaneous Warning <a href="#rfc.iref.w.6"><b> 3.6.5</b></a>, <a href="#rfc.xref.warn.199.1">5.2</a></li>2294 <li>214 Transformation Applied <a href="#rfc.iref.w.7"><b> 3.6.6</b></a>, <a href="#rfc.xref.warn.214.1">5.2</a></li>2295 <li>299 Miscellaneous Persistent Warning <a href="#rfc.iref.w.8"><b> 3.6.7</b></a>, <a href="#rfc.xref.warn.299.1">5.2</a></li>2296 </ul> 2297 </li> 2298 <li>Warning header field <a href="#rfc.xref.header.warning.1"> 2.3.3</a>, <a href="#rfc.xref.header.warning.2">2.4.1</a>, <a href="#rfc.xref.header.warning.3">2.5</a>, <a href="#rfc.xref.header.warning.4">2.9</a>, <a href="#rfc.iref.w.1"><b>3.6</b></a>, <a href="#rfc.xref.header.warning.5">5.3</a>, <a href="#rfc.xref.header.warning.6">A</a></li>2300 <li>110 Response is Stale <a href="#rfc.iref.w.2"><b>7.6.1</b></a>, <a href="#rfc.xref.warn.110.1">9.2</a></li> 2301 <li>111 Revalidation Failed <a href="#rfc.iref.w.3"><b>7.6.2</b></a>, <a href="#rfc.xref.warn.111.1">9.2</a></li> 2302 <li>112 Disconnected Operation <a href="#rfc.iref.w.4"><b>7.6.3</b></a>, <a href="#rfc.xref.warn.112.1">9.2</a></li> 2303 <li>113 Heuristic Expiration <a href="#rfc.iref.w.5"><b>7.6.4</b></a>, <a href="#rfc.xref.warn.113.1">9.2</a></li> 2304 <li>199 Miscellaneous Warning <a href="#rfc.iref.w.6"><b>7.6.5</b></a>, <a href="#rfc.xref.warn.199.1">9.2</a></li> 2305 <li>214 Transformation Applied <a href="#rfc.iref.w.7"><b>7.6.6</b></a>, <a href="#rfc.xref.warn.214.1">9.2</a></li> 2306 <li>299 Miscellaneous Persistent Warning <a href="#rfc.iref.w.8"><b>7.6.7</b></a>, <a href="#rfc.xref.warn.299.1">9.2</a></li> 2307 </ul> 2308 </li> 2309 <li>Warning header field <a href="#rfc.xref.header.warning.1">4.1.4</a>, <a href="#rfc.xref.header.warning.2">4.2.1</a>, <a href="#rfc.xref.header.warning.3">4.4</a>, <a href="#rfc.xref.header.warning.4">5</a>, <a href="#rfc.iref.w.1"><b>7.6</b></a>, <a href="#rfc.xref.header.warning.5">9.3</a>, <a href="#rfc.xref.header.warning.6">A</a></li> 2299 2310 </ul> 2300 2311 </li> -
draft-ietf-httpbis/latest/p6-cache.xml
r1746 r1751 416 416 </section> 417 417 418 <section anchor="caching.overview" title=" Cache Operation">418 <section anchor="caching.overview" title="Overview of Cache Operation"> 419 419 <iref item="cache entry" /> 420 420 <iref item="cache key" /> … … 453 453 fields (<xref target="caching.negotiated.responses"/>). 454 454 </t> 455 456 <section anchor="response.cacheability" title="Response Cacheability"> 455 </section> 456 457 <section anchor="response.cacheability" title="Storing Responses in Caches"> 457 458 <t> 458 459 A cache &MUST-NOT; store a response to any request, unless: … … 503 504 prohibited from storing such responses. 504 505 </t> 506 507 <section anchor="incomplete.responses" title="Storing Incomplete Responses"> 505 508 <t> 506 509 A response message is considered complete when all of the octets indicated … … 526 529 using the <x:ref>206 (Partial Content)</x:ref> status code. 527 530 </t> 531 </section> 532 533 534 <section anchor="caching.authenticated.responses" 535 title="Storing Responses to Authenticated Requests"> 536 <t> 537 A shared cache &MUST-NOT; use a cached response to a request with an 538 <x:ref>Authorization</x:ref> header field (&header-authorization;) to 539 satisfy any subsequent request unless a cache directive that allows such 540 responses to be stored is present in the response. 541 </t> 542 543 <t> 544 In this specification, the following <x:ref>Cache-Control</x:ref> response 545 directives (<xref target="cache-response-directive"/>) have such an effect: 546 must-revalidate, public, s-maxage. 547 </t> 548 549 <t> 550 Note that cached responses that contain the "must-revalidate" and/or 551 "s-maxage" response directives are not allowed to be served stale (<xref 552 target="serving.stale.responses"/>) by shared caches. In particular, a 553 response with either "max-age=0, must-revalidate" or "s-maxage=0" cannot be 554 used to satisfy a subsequent request without revalidating it on the origin 555 server. 556 </t> 557 </section> 528 558 </section> 529 559 … … 594 624 </t> 595 625 596 </section>597 626 598 627 <section anchor="expiration.model" title="Freshness Model"> … … 682 711 responses that have invalid freshness information to be stale. 683 712 </t> 713 </section> 684 714 685 715 <section anchor="heuristic.freshness" title="Calculating Heuristic Freshness"> … … 717 747 </t> 718 748 </x:note> 719 </section>720 749 </section> 721 750 … … 987 1016 </section> 988 1017 989 <section anchor="head.effects" title="Updating Caches with HEAD Responses">990 <t>991 A response to the HEAD method is identical to what an equivalent request992 made with a GET would have been, except it lacks a body. This property993 of HEAD responses is used to both invalidate and update cached GET994 responses.995 </t>996 <t>997 If one or more stored GET responses can be selected (as per <xref998 target="caching.negotiated.responses"/>) for a HEAD request, and the999 <x:ref>Content-Length</x:ref>, <x:ref>ETag</x:ref> or1000 <x:ref>Last-Modified</x:ref> value of a HEAD response differs from that in a1001 selected GET response, the cache &MUST; consider that selected response to1002 be stale.1003 </t>1004 <t>1005 If the <x:ref>Content-Length</x:ref>, <x:ref>ETag</x:ref> and1006 <x:ref>Last-Modified</x:ref> values of a HEAD response (when present) are1007 the same as that in a selected GET response (as per1008 <xref target="caching.negotiated.responses"/>), the cache &SHOULD; update1009 the remaining headers in the stored response using the following rules:1010 <list style="symbols">1011 <t>delete any <x:ref>Warning</x:ref> header fields in the stored response1012 with warn-code 1xx (see <xref target="header.warning" />);</t>1013 <t>retain any <x:ref>Warning</x:ref> header fields in the stored response1014 with warn-code 2xx; and,</t>1015 <t>use other header fields provided in the response to replace1016 all instances of the corresponding header fields in the stored1017 response.</t>1018 </list>1019 </t>1020 1021 </section>1022 1023 <section anchor="invalidation.after.updates.or.deletions"1024 title="Request Methods that Invalidate">1025 <t>1026 Because unsafe request methods (&safe-methods;) such as PUT, POST or DELETE1027 have the potential for changing state on the origin server, intervening1028 caches can use them to keep their contents up-to-date.1029 </t>1030 <t>1031 A cache &MUST; invalidate the effective Request URI1032 (&effective-request-uri;) as well as the URI(s) in the1033 <x:ref>Location</x:ref> and <x:ref>Content-Location</x:ref> response header1034 fields (if present) when a non-error response to a request with an unsafe1035 method is received.1036 </t>1037 <t>1038 However, a cache &MUST-NOT; invalidate a URI from a <x:ref>Location</x:ref>1039 or <x:ref>Content-Location</x:ref> response header field if the host part of1040 that URI differs from the host part in the effective request URI1041 (&effective-request-uri;). This helps prevent denial of service attacks.1042 </t>1043 <t>1044 A cache &MUST; invalidate the effective request URI1045 (&effective-request-uri;) when it receives a non-error response1046 to a request with a method whose safety is unknown.1047 </t>1048 <t>1049 Here, a "non-error response" is one with a <x:ref>2xx (Successful)</x:ref>1050 or <x:ref>3xx (Redirection)</x:ref> status code. "Invalidate" means that1051 the cache will either remove all stored responses related to the effective1052 request URI, or will mark these as "invalid" and in need of a mandatory1053 validation before they can be returned in response to a subsequent request.1054 </t>1055 <t>1056 Note that this does not guarantee that all appropriate responses are1057 invalidated. For example, the request that caused the change at the origin1058 server might not have gone through the cache where a response is stored.1059 </t>1060 </section>1061 1062 <section anchor="caching.authenticated.responses"1063 title="Shared Caching of Authenticated Responses">1064 <t>1065 A shared cache &MUST-NOT; use a cached response to a request with an1066 <x:ref>Authorization</x:ref> header field (&header-authorization;) to1067 satisfy any subsequent request unless a cache directive that allows such1068 responses to be stored is present in the response.1069 </t>1070 1071 <t>1072 In this specification, the following <x:ref>Cache-Control</x:ref> response1073 directives (<xref target="cache-response-directive"/>) have such an effect:1074 must-revalidate, public, s-maxage.1075 </t>1076 1077 <t>1078 Note that cached responses that contain the "must-revalidate" and/or1079 "s-maxage" response directives are not allowed to be served stale (<xref1080 target="serving.stale.responses"/>) by shared caches. In particular, a1081 response with either "max-age=0, must-revalidate" or "s-maxage=0" cannot be1082 used to satisfy a subsequent request without revalidating it on the origin1083 server.1084 </t>1085 </section>1086 1087 1018 <section anchor="caching.negotiated.responses" 1088 title=" Caching Negotiated Responses">1019 title="Using Negotiated Responses"> 1089 1020 <t> 1090 1021 When a cache receives a request that can be satisfied by a stored response … … 1142 1073 </section> 1143 1074 1075 1144 1076 <section anchor="combining.responses" title="Combining Partial Content"> 1145 1077 <t> … … 1166 1098 </t> 1167 1099 </section> 1168 1169 1170 </section> 1100 </section> 1101 1102 1103 <section anchor="head.effects" title="Updating Caches with HEAD Responses"> 1104 <t> 1105 A response to the HEAD method is identical to what an equivalent request 1106 made with a GET would have been, except it lacks a body. This property 1107 of HEAD responses is used to both invalidate and update cached GET 1108 responses. 1109 </t> 1110 <t> 1111 If one or more stored GET responses can be selected (as per <xref 1112 target="caching.negotiated.responses"/>) for a HEAD request, and the 1113 <x:ref>Content-Length</x:ref>, <x:ref>ETag</x:ref> or 1114 <x:ref>Last-Modified</x:ref> value of a HEAD response differs from that in a 1115 selected GET response, the cache &MUST; consider that selected response to 1116 be stale. 1117 </t> 1118 <t> 1119 If the <x:ref>Content-Length</x:ref>, <x:ref>ETag</x:ref> and 1120 <x:ref>Last-Modified</x:ref> values of a HEAD response (when present) are 1121 the same as that in a selected GET response (as per 1122 <xref target="caching.negotiated.responses"/>), the cache &SHOULD; update 1123 the remaining headers in the stored response using the following rules: 1124 <list style="symbols"> 1125 <t>delete any <x:ref>Warning</x:ref> header fields in the stored response 1126 with warn-code 1xx (see <xref target="header.warning" />);</t> 1127 <t>retain any <x:ref>Warning</x:ref> header fields in the stored response 1128 with warn-code 2xx; and,</t> 1129 <t>use other header fields provided in the response to replace 1130 all instances of the corresponding header fields in the stored 1131 response.</t> 1132 </list> 1133 </t> 1134 1135 </section> 1136 1137 1138 <section anchor="invalidation.after.updates.or.deletions" 1139 title="Request Methods that Invalidate"> 1140 <t> 1141 Because unsafe request methods (&safe-methods;) such as PUT, POST or DELETE 1142 have the potential for changing state on the origin server, intervening 1143 caches can use them to keep their contents up-to-date. 1144 </t> 1145 <t> 1146 A cache &MUST; invalidate the effective Request URI 1147 (&effective-request-uri;) as well as the URI(s) in the 1148 <x:ref>Location</x:ref> and <x:ref>Content-Location</x:ref> response header 1149 fields (if present) when a non-error response to a request with an unsafe 1150 method is received. 1151 </t> 1152 <t> 1153 However, a cache &MUST-NOT; invalidate a URI from a <x:ref>Location</x:ref> 1154 or <x:ref>Content-Location</x:ref> response header field if the host part of 1155 that URI differs from the host part in the effective request URI 1156 (&effective-request-uri;). This helps prevent denial of service attacks. 1157 </t> 1158 <t> 1159 A cache &MUST; invalidate the effective request URI 1160 (&effective-request-uri;) when it receives a non-error response 1161 to a request with a method whose safety is unknown. 1162 </t> 1163 <t> 1164 Here, a "non-error response" is one with a <x:ref>2xx (Successful)</x:ref> 1165 or <x:ref>3xx (Redirection)</x:ref> status code. "Invalidate" means that 1166 the cache will either remove all stored responses related to the effective 1167 request URI, or will mark these as "invalid" and in need of a mandatory 1168 validation before they can be returned in response to a subsequent request. 1169 </t> 1170 <t> 1171 Note that this does not guarantee that all appropriate responses are 1172 invalidated. For example, the request that caused the change at the origin 1173 server might not have gone through the cache where a response is stored. 1174 </t> 1175 </section> 1176 1177 1178 1171 1179 1172 1180 <section anchor="header.field.definitions" title="Header Field Definitions">
Note: See TracChangeset
for help on using the changeset viewer.