no-cache、max-age=0、must-revalidate區別

以前深刻搜索了屢次，根據stackoverflow的回答進行一些總結（http://stackoverflow.com/questions/18148884/difference-between-no-cache-and-must-revalidate），目前看來這三種值的區別很模糊，但實際上是有區別的（這裏咱們討論的是HTTP /1.1的響應報文），先看看各自的釋義（見: https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9.1）：

no-cache

If the no-cache directive does not specify a field-name, then a cache MUST NOT use the response to satisfy a subsequent request without successful revalidation with the origin server. This allows an origin server to prevent caching even by caches that have been configured to return stale responses to client requests.If the no-cache directive does specify one or more field-names, then a cache MAY use the response to satisfy a subsequent request, subject to any other restrictions on caching. However, the specified field-name(s) MUST NOT be sent in the response to a subsequent request without successful revalidation with the origin server. This allows an origin server to prevent the re-use of certain header fields in a response, while still allowing caching of the rest of the response.

亦即：no-cache的響應實際是能夠存儲在本地緩存中的，只是在與原始服務器進行新鮮度再驗證以前，緩存不能將其提供給客戶端使用。

must-revalidate

Because a cache MAY be configured to ignore a server's specified expiration time, and because a client request MAY include a max- stale directive (which has a similar effect), the protocol also includes a mechanism for the origin server to require revalidation of a cache entry on any subsequent use. When the must-revalidate directive is present in a response received by a cache, that cache MUST NOT use the entry after it becomes stale to respond to asubsequent request without first revalidating it with the origin server. (I.e., the cache MUST do an end-to-end revalidation every time, if, based solely on the origin server's Expires or max-age value, the cached response is stale.)The must-revalidate directive is necessary to support reliable operation for certain protocol features. In all circumstances an HTTP/1.1 cache MUST obey the must-revalidate directive; in particular, if the cache cannot reach the origin server for any reason, it MUST generate a 504 (Gateway Timeout) response.Servers SHOULD send the must-revalidate directive if and only if failure to revalidate a request on the entity could result in incorrect operation, such as a silently unexecuted financial transaction. Recipients MUST NOT take any automated action that violates this directive, and MUST NOT automatically provide an unvalidated copy of the entity if revalidation fails.Although this is not recommended, user agents operating under severe connectivity constraints MAY violate this directive but, if so, MUST explicitly warn the user that an unvalidated response has been provided. The warning MUST be provided on each unvalidated access, and SHOULD require explicit user confirmation.

亦即：含有must-revalidate的響應會被存儲在本地緩存中，在後續請求時，該指令告知緩存：在事先沒有與原始服務器進行再驗證的狀況下，不能提供這個對象的陳舊副本，但緩存仍然能夠隨意提供新鮮的副本。

max-age

When the max-age cache-control directive is present in a cached response, the response is stale if its current age is greater than the age value given (in seconds) at the time of a new request for that resource. The max-age directive on a response implies that the response is cacheable (i.e., "public") unless some other, more restrictive cache directive is also present.

亦即：max-age=xxx標識了該響應從服務器那邊獲取過來時，文檔的處於新鮮狀態的秒數，若max-age=0，則表示是一個當即過時的響應（直接標記爲陳舊狀態）。

 

這裏比較下no-cache和must-revalidate的區別，我的以爲主要在於：

假設一個文檔的緩存時間設置爲10s，若指定no-cache，則它會強制瀏覽器(User Agent)必須先進行新鮮度再驗證（注：無論該緩存是否新鮮），待服務器那邊確認新鮮（304）後，方可以使用緩存。

若指定must-revalidate，則瀏覽器會首先等待文檔過時（超過10s），而後纔去驗證新鮮度（10s以前，都會直接使用緩存，不與服務器交互）。

 

那麼這樣一來，基本能夠將 no-cache 與 must-revalidate, max-age=0 劃等了，但這二者也有些細節上的區別，即：

在執行must-revalidate時，若瀏覽器第二次去請求服務器來作新鮮度驗證，結果服務器掛了，沒法訪問，那麼緩存須要返回一個504 Gateway Timeout的錯誤（這裏應該是像nginx這樣的代理來返回，如果瀏覽器如chrome，將直接是ERR_CONNECTION_REFUSED，即沒法訪問，鏈接被拒絕）。

而若是是no-cache，當驗證新鮮度時，服務器撲街，則會照樣使用本地緩存顯示給用戶（有的總比沒的好，固然有可能顯示的就是舊的文檔了）。

因此must-revalidate用在對事務要求比較嚴苛的狀況下使用（好比支付）。

【測試結果】

在chrome 52.0.2743.116 m下測試時，其實 no-cache 與 must-revalidate, max-age=0 的效果是同樣的，都會返回沒法訪問，應該印證了https://tools.ietf.org/html/rfc7234#section-5.2.2.2這裏對no-cache較新的定義。

另外二者在瀏覽器 Back/Forward 按鍵跳轉時，實際是直接使用本地緩存的（不會訪問服務器）。