Cache Headers - andywahr/azure-cdn-guidance GitHub Wiki

CDNs make decisions (and so do clients) on cacheability based on the Response header from the Origin. For more details

The primary header that controls whether or not a CDN, the client, or both will cache a specific resource is called cache-control. It has 2 primary attribute:

• public or private or no-cache or no-store: This is the cache policy
  • public - This is full cacheable, at the CDN and the client
  • private - Only cacheable at the client.
  • no-cache - Validate (see below) with the origin before handing out a cached copy
  • no-store- Don't store anywhere and clear out anything stored
• max-age: The number of seconds until this item is "stale", after which a subsequent hit will go all the way to Origin

Validation Headers

• ETag: Think of this like the MD5 hash of a file. If the origin when asked for the ETag returns the same as currently cached, ETag validation returns true
• Last-Modified: Timestamp of last modified, if the Timestamps match then it can be considered the same

CDNs have the ability to optionally or forcefully set the Cacheability based on rules. It's always best to have the application serving the request or the origin respond with the appropriate headers, but you can control it otherwise.