Difference between Pragma and Cache-Control headers?
There is no difference, except that Pragma is only defined as applicable to the requests by the client, whereas Cache-Control may be used by both the requests of the clients and the replies of the servers.
So, as far as standards go, they can only be compared from the perspective of the client making a requests and the server receiving a request from the client. The http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.32 defines the scenario as follows:
HTTP/1.1 caches SHOULD treat "Pragma: no-cache" as if the client had sent "Cache-Control: no-cache". No new Pragma directives will be defined in HTTP.
Note: because the meaning of "Pragma: no-cache as a response header field is not actually specified, it does not provide a reliable replacement for "Cache-Control: no-cache" in a response
The way I would read the above:
if you're writing a client and need
no-cache:- just use
Pragma: no-cachein your requests, since you may not know ifCache-Controlis supported by the server; - but in replies, to decide on whether to cache, check for
Cache-Control
- just use
if you're writing a server:
- in parsing requests from the clients, check for
Cache-Control; if not found, check forPragma: no-cache, and execute theCache-Control: no-cachelogic; - in replies, provide
Cache-Control.
- in parsing requests from the clients, check for
Of course, reality might be different from what's written or implied in the RFC!
Pragma is the HTTP/1.0 implementation and cache-control is the HTTP/1.1 implementation of the same concept. They both are meant to prevent the client from caching the response. Older clients may not support HTTP/1.1 which is why that header is still in use.
| Stop using (HTTP 1.0) | Replaced with (HTTP 1.1 since 1999) |
|---|---|
| Expires: [date] | Cache-Control: max-age=[seconds] |
| Pragma: no-cache | Cache-Control: no-cache |
If it's after 1999, and you're still using Expires or Pragma, you're doing it wrong.
I'm looking at you Stackoverflow:
200 OK Pragma: no-cache Content-Type: application/json X-Frame-Options: SAMEORIGIN X-Request-Guid: a3433194-4a03-4206-91ea-6a40f9bfd824 Strict-Transport-Security: max-age=15552000 Content-Length: 54 Accept-Ranges: bytes Date: Tue, 03 Apr 2018 19:03:12 GMT Via: 1.1 varnish Connection: keep-alive X-Served-By: cache-yyz8333-YYZ X-Cache: MISS X-Cache-Hits: 0 X-Timer: S1522782193.766958,VS0,VE30 Vary: Fastly-SSL X-DNS-Prefetch-Control: off Cache-Control: private
tl;dr: Pragma is a legacy of HTTP/1.0 and hasn't been needed since Internet Explorer 5, or Netscape 4.7. Unless you expect some of your users to be using IE5: it's safe to stop using it.
- Expires:
[date](deprecated - HTTP 1.0) - Pragma: no-cache (deprecated - HTTP 1.0)
- Cache-Control: max-age=
[seconds] - Cache-Control: no-cache (must re-validate the cached copy every time)
And the conditional requests:
- Etag (entity tag) based conditional requests
- Server:
Etag: W/“1d2e7–1648e509289” - Client:
If-None-Match: W/“1d2e7–1648e509289” - Server:
304 Not Modified
- Server:
- Modified date based conditional requests
- Server:
last-modified: Thu, 09 May 2019 19:15:47 GMT - Client:
If-Modified-Since: Fri, 13 Jul 2018 10:49:23 GMT - Server:
304 Not Modified
- Server:
last-modified: Thu, 09 May 2019 19:15:47 GMT