ETag vs Header Expires
Asked Answered
M

8

373

I've looked around but haven't been able to figure out if I should use both an ETag and an Expires Header or one or the other.

What I'm trying to do is make sure that my flash files (and other images and what not only get updated when there is a change to those files.

I don't want to do anything special like changing the filename or putting some weird chars on the end of the url to make it not get cached.

Also, is there anything I need to do programatically on my end in my PHP scripts to support this or is it all Apache?

Melcher answered 1/2, 2009 at 1:12 Comment(1)
developer.mozilla.org/en-US/docs/Web/HTTP/Caching (good in general)Pensile
T
696

They are slightly different - the ETag does not have any information that the client can use to determine whether or not to make a request for that file again in the future. If ETag is all it has, it will always have to make a request. However, when the server reads the ETag from the client request, the server can then determine whether to send the file (HTTP 200) or tell the client to just use their local copy (HTTP 304). An ETag is basically just a checksum for a file that semantically changes when the content of the file changes.

The Expires header is used by the client (and proxies/caches) to determine whether or not it even needs to make a request to the server at all. The closer you are to the Expires date, the more likely it is the client (or proxy) will make an HTTP request for that file from the server.

So really what you want to do is use BOTH headers - set the Expires header to a reasonable value based on how often the content changes. Then configure ETags to be sent so that when clients DO send a request to the server, it can more easily determine whether or not to send the file back.

One last note about ETag - if you are using a load-balanced server setup with multiple machines running Apache you will probably want to turn off ETag generation. This is because inodes are used as part of the ETag hash algorithm which will be different between the servers. You can configure Apache to not use inodes as part of the calculation but then you'd want to make sure the timestamps on the files are exactly the same, to ensure the same ETag gets generated for all servers.

Trivia answered 1/2, 2009 at 3:18 Comment(9)
You should also check out whether you should be using Cache-Control instead of Expires. My understanding is that Cache-Control was introduced after Expires and gives you more control. See #5800406Molder
When using the Expires header it's good practice to change the file name whenever a resource changes, as the client won't request the file again before it's stale. Especially if you're using far future values as expires date.Ardithardme
Lets say we will use the both. What happens when the Expire time has expired, but the file is not changed (The Etag is same)? The server will return 304 and the file will be served from browser cache. My question is, will be regenerated the Expire time at this moment ?Page
Important information for sites living in server clusters: The problem with ETags is that they typically are constructed using attributes that make them unique to a specific server hosting a site. ETags won't match when a browser gets the original component from one server and later tries to validate that component on a different server, a situation that is all too common on Web sites that use a cluster of servers to handle requests. By default, both Apache and IIS embed data in the ETag that dramatically reduces the odds of the validity test succeeding on web sites with multiple servers.Gob
Be careful setting ETAG and the Expires header to a non-zero value. This can lead to race conditions. See jakearchibald.com/2016/caching-best-practicesCassock
Made my day: "An ETag is ...a file...checksum"Graniela
Is it possible to tell the servers not to use inodes or timestamps at all? Also, why are they needed for ETags, if it's used to represent content only?Compurgation
@MarcNovakowski simply awesome... This is the proper use case for a deal with Etag.Isador
"An ETag is basically just a checksum": in theory; in practice (using nginx, or Apache with its default configuration), it depends on only the file modification time and length. The modification time is not really a "checksum" component at all. The length is, but a very poor one (fixing one typo does not change the length in many cases, for example).Checkered
E
115

Etag and Last-modified headers are validators.

They help the browser and/or the cache (reverse proxy) to understand if a file/page, has changed, even if it preserves the same name.

Expires and Cache-control are giving refresh information.

This means that they inform, the browser and the reverse in-between proxies, up to what time or for how long, they may keep the page/file at their cache.

So the question usually is which one validator to use, etag or last-modified, and which refresh infomation header to use, expires or cache-control.

Ethelethelbert answered 14/10, 2011 at 4:13 Comment(0)
B
39

Expires and Cache-Control are "strong caching headers"

Last-Modified and ETag are "weak caching headers"

First the browser check Expires/Cache-Control to determine whether or not to make a request to the server

If have to make a request, it will send Last-Modified/ETag in the HTTP request. If the Etag value of the document matches that, the server will send a 304 code instead of 200, and no content. The browser will load the contents from its cache.

Bibbie answered 4/3, 2014 at 15:45 Comment(4)
do you find any document support the "strong and weak" caching behavior? I couldn't find one, and my client browser now prioritize last-modified over expires actually, which I don't understand why.Erdrich
@GMsoF You may want to take a look at this: tools.ietf.org/html/rfc7232#section-2.1Melodist
So, if I want to make sure that my changes are propagated to the client immediately, but still benefit to some caching, I can only use Last-Modified and ETag right?Dyarchy
This is the most concise and yet the clearest answer to me! Thanks.Strike
E
12

Another summary:

You need to use both. ETags are a "server side" information. Expires are a "Client side" caching.

  • Use ETags except if you have a load-balanced server. They are safe and will let clients know they should get new versions of your server files every time you change something on your side.

  • Expires must be used with caution, as if you set a expiration date far in the future but want to change one of the files immediatelly (a JS file for instance), some users may not get the modified version until a long time!

Ernestinaernestine answered 17/7, 2014 at 17:43 Comment(1)
In case of this Expires situation you basically need to rename your js and change it in your HTML, and hope you didn't set HTML file's expires 1 year as well.Kwapong
A
1

One additional thing I would like to mention that some of the answers may have missed is the downside to having both ETags and Expires/Cache-control in your headers.

Depending on your needs it may just add extra bytes in your headers which may increase packets which means more TCP overhead. Again, you should see if the overhead of having both things in your headers is necessary or will it just add extra weight in your requests which reduces performance.

You can read more about it on this excellent blog post by Kyle Simpson: http://calendar.perfplanet.com/2010/bloated-request-response-headers/

Alben answered 14/10, 2016 at 19:21 Comment(0)
G
1

In my view, With Expire Header, server can tell the client when my data would be stale, while with Etag, server would check the etag value for client' each request.

Girlfriend answered 22/12, 2016 at 8:36 Comment(0)
I
1

Etag is a hash for indicating the version of the resource. When the server returns data, it hashes the data and set this hash value under ETAG. When you send a "PUT" request to the server to update a record, maybe simultaneously another user made the same "PUT" request and its request has been processed. The server will check your "PUT" data and will see that it is the same update so it wont make another update, it will send you the updated data (by another user) and you will update your cache.

when the time for caching expires, the browser automatically makes a new request to get the fresh data. That is why "Expires" header is used. From here

If a response includes both an Expires header and a max-age directive, the max-age directive overrides the Expires header, even if the Expires header is more restrictive. This rule allows an origin server to provide, for a given response, a longer expiration time to an HTTP/1.1 (or later) cache than to an HTTP/1.0 cache. This might be useful if certain HTTP/1.0 caches improperly calculate ages or expiration times, perhaps due to desynchronized clocks.

Illogical answered 10/9, 2022 at 16:0 Comment(1)
Note that ETag can be any string, it doesn't have to be a hash. Calculating the hash can be expensive in some cases.Bicameral
R
0

ETag is used to determine whether a resource should use the copy one. and Expires Header like Cache-Control is told the client that before the cache decades, client should fetch the local resource.

In modern sites, There are often offer a file named hash, like app.98a3cf23.js, so that it's a good practice to use Expires Header. Besides this, it also reduce the cost of network.

Hope it helps ;)

Reprieve answered 11/1, 2019 at 7:0 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.