Absolute rather than relative times in expires directives

Ryan Malayter malayter at gmail.com
Mon Aug 2 17:13:56 MSD 2010

2010/8/1 Igor Sysoev <igor at sysoev.ru>:

>> It's not in the English or Russian documentation, but is it possible
>> to add any other Cache-Control directives along with expires?
>> For example, if you want "Cache-Control: private,max-age=300" you need
>> to do it manually with add_header instead of expires. But then you
>> lose the ability to use the other "calculation" features of expires
>> (like modified or @). You also don't get an actual "Expires" header
>> for HTTP/1.0 clients and proxies if you have to use add_header
>> instead.
>> Obviously, adding any RFC-compliant Cache-Control directive would be
>> desirable. The "public" keyword in particular is needed to allow
>> Firefox to cache images and the like which are delivered over SSL, and
>> "private" is clearly desirable for caching per-user information.
>> Others like "must-revalidate" are less useful in the general sense.
>> If this isn't possible with the current implementation, please let me
>> know and I will take a look at trying to make a simple patch (my first
>> foray into nginx source instructed me that my C skills are way too
>> rusty for deep modification or module-writing with nginx).
> These directives
> expires     @24h00m;
> add_header  Cache-Control  private;
> return
> Expires: Sun, 01 Aug 2010 20:00:00 GMT
> Cache-Control: max-age=14809
> Cache-Control: private

Hmm... multiple Cache-Control header lines appear to be valid
according to RFC 2616, but my fear would be that many popular browsers
and caches would not behave sensibly with them.

Is anybody out there using multiple Cache-Control header lines for a
public site in production?

I did some research looking at the HTTP headers used by the "major"
web companies (Google, MSFT, Yahoo, etc.). I haven't ever seen
multiple Cache-Control header lines in a response, which makes me
think that such a scenario is probably not well-supported by common
browsers and proxies. In my past experience, Firefox treats just about
anything except "public","private", or "max-age" as "no-cache". IE8
seems to do the same, which I suppose is a safe default behavior if
you don't want to fully implement all the logic necessary to support
all the allowable  header combinations in the RFC.


More information about the nginx mailing list