Avoiding 304 (not modified) responses

That Brazilian Guy picture That Brazilian Guy · Mar 13, 2014 · Viewed 22.6k times · Source

Is it an ExpiresDefault Apache directive enough to avoid HTTP Status 304 responses from the server? I have set ExpiresDefault "access plus 10 years" but I'm still seeing log entries with a 304 response for "GET /assets/template/default/css/style.min.css?v=1 HTTP/1.1" whenever I open any page on a local PHPMyFAQ site. Emptying the browser cache doesn't seem to change anything.

Answer

rdlowrey picture rdlowrey · Mar 13, 2014

The Expires: header your server sends out has nothing to do with future 304 responses. It provides only an estimate to clients/proxies for how long they can wait before considering a resource "stale." Clients aren't required to observe this header and are free to continue making new requests for the same resource if they wish. So, to answer your question in short:

No, you'll never be able to explicitly prevent users from making new requests for the same resource regardless of what headers you send.

The 304 response is the result of a matching If-Match or If-Modified-Since header in the client request. What's happening here is your server is sending out either/or/both of the following headers with its original response:

  • ETag
  • Last-Modified

Clients then send back the following headers with their requests to see if the resource has changed from their cached version:

  • If-Match (ETag)
  • If-Modified-Since (Last-Modified)

If either of these conditions is true then the server will send the 304 Not Modified response you've observed and the client will know it can safely serve up its cached version of the resource.

Compliance Note

RFC 2616 Section 14.21 actually prohibits compliant servers from sending Expires headers more than one year in the future, so you shouldn't be using "access plus 10 years" in the first place:

HTTP/1.1 servers SHOULD NOT send Expires dates more than one year in the future.