MS
Uploaded byMartins Sipenko
PDF, PPTX432 views

HTTP Caching in Web Application

This document discusses HTTP caching in web applications, emphasizing its benefits such as reduced latency, lower server costs, and improved response times. It outlines how HTTP works including client and origin interactions, request and response headers, and various caching techniques like conditional requests. Additionally, it suggests best practices for implementing caching, such as managing cache headers and considering cache invalidation strategies.

Embed presentation

Download as PDF, PPTX
HTTP CACHING IN WEB APPLICATIONS MARTINS SIPENKO
HTTP CACHING IN WEB APPLICATIONS ABOUT ME ▸ Worked with IT since around 2002 ▸ Lead engineer @KASKO, a fintech startup ▸ Student at University of Latvia ▸ AWS Certified
HTTP CACHING IN WEB APPLICATIONS @MARTINSSIPENKO
HTTP CACHING IN WEB APPLICATIONS WHY HTTP CACHING?
HTTP CACHING IN WEB APPLICATIONS WHY HTTP CACHING? ▸ Decrease latency ▸ Decrease server response times ▸ Decrease the costs of origin servers ▸ Decrease the costs of data transfer ▸ ...
HTTP CACHING IN WEB APPLICATIONS HOW HTTP WORKS?
HTTP CACHING IN WEB APPLICATIONS HOW HTTP WORKS? ▸ Client & Origin CLIENT ORIGIN
HTTP CACHING IN WEB APPLICATIONS HOW HTTP WORKS? ▸ Client & Origin ▸ Request & Response CLIENT ORIGIN Request Response
HTTP CACHING IN WEB APPLICATIONS HOW HTTP WORKS? ▸ Client & Origin ▸ Request & Response ▸ HTTP Headers CLIENT ORIGIN Request Response $ curl -v https://example.com > /dev/null
 > GET / HTTP/1.1
 > Host: example.com
 > Accept: */*
 >
 < HTTP/1.1 200 OK
 < Server: nginx
 < Date: Wed, 25 Feb 2016 16:45:00 GMT
 <
 [1024 bytes data] { { Request headers Response headers Curl command Response data
HTTP CACHING IN WEB APPLICATIONS HTTP HEADERS ▸ Components of the request and response messages ▸ Define the operating parameters of HTTP transaction ▸ Two groups ▸ Defined by RFC standard ▸ Custom (X-*)
HTTP CACHING IN WEB APPLICATIONS HTTP HEADERS Accept, Accept-Charset, Accept-Datetime, Accept-Encoding, Accept-Language, Accept-Ranges, Access-Control-Allow-Origin, Age, Allow, Authorization, Cache- Control, Common, Connection, Content-Disposition, Content-Encoding, Content- Language, Content-Length, Content-Location, Content-MD5, Content-Range, Content-Security-Policy, Content-Type, Cookie, Date, DNT, ETag, Example, Expect, Expires, Field, From, Front-End-Https, Host, If-Match, If-Modified-Since, If-None- Match, If-Range, If-Unmodified-Since, Last-Modified, Link, Location, Max-Forwards, Origin, Permanent, Pragma, Proxy-Authenticate, Proxy-Authorization, Proxy- Connection, Public-Key-Pins, Range, Referer, Refresh, Response, Retry-After, Server, Set-Cookie, Status, Strict-Transport-Security, TE, Trailer, Transfer-Encoding, Upgrade, User-Agent, Vary, Via, Warning, WWW-Authenticate, X-ATT-DeviceId, X-Content- Security-Policy, X-Content-Type-Options, X-Forwarded-For, X-Forwarded-Proto, X- Frame-Options, X-Http-Method-Override, X-Powered-By, X-Requested-With, X-UA- Compatible, X-Wap-Profile, X-WebKit-CSP, X-XSS-Protection, X-*
HTTP CACHING IN WEB APPLICATIONS HTTP HEADERS Accept, Accept-Charset, Accept-Datetime, Accept-Encoding, Accept-Language, Accept-Ranges, Access-Control-Allow-Origin, Age, Allow, Authorization, Cache- Control, Common, Connection, Content-Disposition, Content-Encoding, Content- Language, Content-Length, Content-Location, Content-MD5, Content-Range, Content-Security-Policy, Content-Type, Cookie, Date, DNT, ETag, Example, Expect, Expires, Field, From, Front-End-Https, Host, If-Match, If-Modified-Since, If-None- Match, If-Range, If-Unmodified-Since, Last-Modified, Link, Location, Max-Forwards, Origin, Permanent, Pragma, Proxy-Authenticate, Proxy-Authorization, Proxy- Connection, Public-Key-Pins, Range, Referer, Refresh, Response, Retry-After, Server, Set-Cookie, Status, Strict-Transport-Security, TE, Trailer, Transfer-Encoding, Upgrade, User-Agent, Vary, Via, Warning, WWW-Authenticate, X-ATT-DeviceId, X-Content- Security-Policy, X-Content-Type-Options, X-Forwarded-For, X-Forwarded-Proto, X- Frame-Options, X-Http-Method-Override, X-Powered-By, X-Requested-With, X-UA- Compatible, X-Wap-Profile, X-WebKit-CSP, X-XSS-Protection, X-*
HTTP CACHING IN WEB APPLICATIONS CACHING: CLIENT SIDE ONLY ORIGIN CLIENT 1 CLIENT 2 CLIENT 3 CLIENT N BROWSER CACHE BROWSER CACHE BROWSER CACHE BROWSER CACHE Time
HTTP CACHING IN WEB APPLICATIONS LETS ADD CACHING PROXY
HTTP CACHING IN WEB APPLICATIONS CACHING: WITH CACHING PROXY ORIGIN CLIENT 1 CLIENT 2 CLIENT 3 CLIENT N BROWSER CACHE BROWSER CACHE BROWSER CACHE BROWSER CACHE CACHING PROXIES Time
HTTP CACHING IN WEB APPLICATIONS THE BENEFITS ▸ Less requests over wire if content is available locally ▸ Less origin hits ▸ Content served by cache ▸ No need to regenerate content ▸ Can be distributed globally over regions (CDN)
HTTP CACHING IN WEB APPLICATIONS SOME NUMBERS Cache time (minutes) Hit Ratio Request to Origin / Hr 1 99.8% 60 5 99.96% 12 20 99.99% 3 60 99.997% 1 86400 99.9998% <1 500 Requests per minute
HTTP CACHING IN WEB APPLICATIONS CONDITIONAL REQUESTS
HTTP CACHING IN WEB APPLICATIONS CONDITIONAL REQUESTS ▸ Way to check if content has been updated since ▸ Can be used to reduce response times ▸ Origin returns either: ▸ 200 OK ▸ 304 Not Modified
HTTP CACHING IN WEB APPLICATIONS CONDITIONAL REQUESTS ORIGIN CLIENT 1 CLIENT 2 CLIENT 3 CLIENT N BROWSER CACHE BROWSER CACHE BROWSER CACHE BROWSER CACHE CACHING PROXIES Time 200 304 200 304 200 304 200 304
HTTP CACHING IN WEB APPLICATIONS CONDITIONAL REQUESTS: CODE 
 <?php $ts = 1456419010; // Comes from DB or memory cache
 $last_modified = gmdate('r', $ts);
 
 header('Last-Modified: ' . $last_modified); if (
 isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])
 && $ts <= strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE'])
 ) {
 header('HTTP/1.1 304 Not Modified');
 exit(0);
 }
 
 sleep(5); // Do something very hard
HTTP CACHING IN WEB APPLICATIONS CONDITIONAL REQUESTS: FIRST REQUEST 
 $ time curl -v https://example.com > /dev/null
 
 > GET / HTTP/1.1
 > Host: example.com
 >
 < HTTP/1.1 200 OK
 < Server: nginx
 < Date: Thu, 25 Feb 2016 16:50:10 GMT
 < Last-Modified: Thu, 25 Feb 2016 16:50:10 GMT
 <
 [data not shown] real 0m5.020s
 user 0m0.005s
 sys 0m0.006s
HTTP CACHING IN WEB APPLICATIONS CONDITIONAL REQUESTS: SUBSEQUENT REQUEST 
 $ time curl -v https://example.com 
 -H "If-Modified-Since: Thu, 25 Feb 2016 16:50:10 GMT" > /dev/null
 
 > GET / HTTP/1.1
 > Host: example.com
 > If-Modified-Since: Thu, 25 Feb 2016 16:50:10 GMT
 >
 < HTTP/1.1 304 Not Modified
 < Server: nginx
 < Date: Thu, 25 Feb 2016 16:51:10 GMT
 < Last-Modified: Thu, 25 Feb 2016 16:50:10 GMT
 <
 [data not shown] real 0m0.019s
 user 0m0.005s
 sys 0m0.005s
HTTP CACHING IN WEB APPLICATIONS BUT
HTTP CACHING IN WEB APPLICATIONS THERE ARE ONLY TWO HARD THINGS IN COMPUTER SCIENCE: CACHE INVALIDATION AND NAMING THINGS. -- PHIL KARLTON
HTTP CACHING IN WEB APPLICATIONS AN EXAMPLE PROBLEM ▸ A blog post stored in DB table ▸ Tags associated to that blog post ▸ Adding new tags does not update the post itself
HTTP CACHING IN WEB APPLICATIONS AN EXAMPLE PROBLEM ▸ A blog post stored in DB table ▸ Tags associated to that blog post ▸ Adding new tags does not update the post itself LAST MODIFICATION TIME HAS NOT CHANGED
HTTP CACHING IN WEB APPLICATIONS AN EXAMPLE PROBLEM ▸ A blog post stored in DB table ▸ Tags associated to that blog post ▸ Adding new tags does not update the post itself LAST MODIFICATION TIME HAS NOT CHANGED ENTITY TAG CAN BE USED INSTEAD
HTTP CACHING IN WEB APPLICATIONS CONDITIONAL REQUESTS: CODE 
 <?php $last_mod = 1456419010; // Comes from DB or memory cache
 $last_mod_of_linked_resource = 1456419010; // Comes from DB or memory cache
 $etag = md5($last_mod . $last_mod_of_linked_resource);
 
 header('ETag: ' . $etag); if (
 isset($_SERVER['HTTP_IF_NONE_MATCH'])
 && $_SERVER['HTTP_IF_NONE_MATCH'] === $etag
 ) {
 header('HTTP/1.1 304 Not Modified');
 exit(0);
 }
 
 sleep(5); // Do something very hard
HTTP CACHING IN WEB APPLICATIONS CONDITIONAL REQUESTS: FIRST REQUEST 
 $ time curl -v https://example.com > /dev/null
 
 > GET / HTTP/1.1
 > Host: example.com
 >
 < HTTP/1.1 200 OK
 < Server: nginx
 < Date: Thu, 25 Feb 2016 16:50:10 GMT
 < ETag: 228c662b04e31dc303d380ad03c2bc0b
 <
 [data not shown] real 0m5.020s
 user 0m0.005s
 sys 0m0.006s
HTTP CACHING IN WEB APPLICATIONS CONDITIONAL REQUESTS: SUBSEQUENT REQUEST 
 $ time curl -v https://example.com 
 -H "If-None-Match: 228c662b04e31dc303d380ad03c2bc0b" > /dev/null
 
 > GET / HTTP/1.1
 > Host: example.com
 > If-None-Match: 228c662b04e31dc303d380ad03c2bc0b
 >
 < HTTP/1.1 304 Not Modified
 < Server: nginx
 < Date: Thu, 25 Feb 2016 16:51:10 GMT
 < ETag: 228c662b04e31dc303d380ad03c2bc0b
 <
 [data not shown] real 0m0.019s
 user 0m0.005s
 sys 0m0.005s
HTTP CACHING IN WEB APPLICATIONS THE BENEFITS ▸ Revalidation could less expensive ▸ Amount of data transferred decreases ▸ Stale-While-Revalidate can be used on caching proxy level (if supported)
HTTP CACHING IN WEB APPLICATIONS TOOLS FOR CACHING PROXY ▸ Apache Traffic Server ▸ Varnish ▸ Squid ▸ Nginx (would not suggest) ▸ Amazon CloudFront CDN ▸ Other CDNs
HTTP CACHING IN WEB APPLICATIONS HTTP HEADERS Accept, Accept-Charset, Accept-Datetime, Accept-Encoding, Accept-Language, Accept-Ranges, Access-Control-Allow-Origin, Age, Allow, Authorization, Cache- Control, Common, Connection, Content-Disposition, Content-Encoding, Content- Language, Content-Length, Content-Location, Content-MD5, Content-Range, Content-Security-Policy, Content-Type, Cookie, Date, DNT, ETag, Example, Expect, Expires, Field, From, Front-End-Https, Host, If-Match, If-Modified-Since, If-None- Match, If-Range, If-Unmodified-Since, Last-Modified, Link, Location, Max-Forwards, Origin, Permanent, Pragma, Proxy-Authenticate, Proxy-Authorization, Proxy- Connection, Public-Key-Pins, Range, Referer, Refresh, Response, Retry-After, Server, Set-Cookie, Status, Strict-Transport-Security, TE, Trailer, Transfer-Encoding, Upgrade, User-Agent, Vary, Via, Warning, WWW-Authenticate, X-ATT-DeviceId, X-Content- Security-Policy, X-Content-Type-Options, X-Forwarded-For, X-Forwarded-Proto, X- Frame-Options, X-Http-Method-Override, X-Powered-By, X-Requested-With, X-UA- Compatible, X-Wap-Profile, X-WebKit-CSP, X-XSS-Protection, X-*
HTTP CACHING IN WEB APPLICATIONS CACHE CONTROL
HTTP CACHING IN WEB APPLICATIONS CACHE-CONTROL < Cache-Control: private, max-age=0, no-cache public | private no-cache no-store max-age s-max-age must-revalidate no-transform proxy-revalidate DIRECTIVES EXAMPLE
HTTP CACHING IN WEB APPLICATIONS EXPIRES < Expires: Sat, 04 Feb 1989 04:34:00 GMT EXAMPLE
HTTP CACHING IN WEB APPLICATIONS THE "VARY" HEADER
HTTP CACHING IN WEB APPLICATIONS VARY < Vary: Accept-Encoding, User-Agent EXAMPLE THE VARY HEADER LETS THE CACHES KNOW WHICH REQUEST HEADER VALUES TO USE FOR CACHE-KEY.
HTTP CACHING IN WEB APPLICATIONS VARY < Vary: Accept-Encoding, User-Agent EXAMPLE ...
 > Accept-Encoding: gzip
 > User-Agent: curl
 >
 ...
 < Vary: Accept-Encoding, User-Agent
 ... ...
 >
 > User-Agent: curl
 >
 ...
 < Vary: Accept-Encoding, User-Agent
 ... GZIP-CURL CURL WITH Accept-Encoding WITHOUT Accept-Encoding
HTTP CACHING IN WEB APPLICATIONS THAT'S ALMOST IT
HTTP CACHING IN WEB APPLICATIONS FEW SUGGESTIONS ▸ Let your application add caching headers instead of web server ▸ Be smart about what you cache and for how long ▸ Think well about how you will invalidate cache ▸ Keep in mind that errors too can be cached
HTTP CACHING IN WEB APPLICATIONS Q&A?
HTTP CACHING IN WEB APPLICATIONS THANKS! @martinssipenko
 martins.sipenko@gmail.com
HTTP CACHING IN WEB APPLICATIONS J K L PLEASE GIVE FEEDBACK!

More Related Content

PPTX
Http caching basics
byMartin Breest
 
PPTX
Advanced HTTP Caching
byMartin Breest
 
PDF
HTTP/2, SPDY e Otimizações Web - Front In Maceió 2014 - Sérgio Lopes
byCaelum
 
PDF
Developing cacheable PHP applications - PHPLimburgBE 2018
byThijs Feryn
 
PPTX
Altitude San Francisco 2018: Programming the Edge
byFastly
 
PDF
Developing cacheable PHP applications - Confoo 2018
byThijs Feryn
 
PDF
Site Performance Optimization for Joomla #jwc13
byHans Kuijpers
 
PDF
Devoxx Maroc 2015 HTTP 1, HTTP 2 and folks
byNicolas Martignole
 
Http caching basics
byMartin Breest
 
Advanced HTTP Caching
byMartin Breest
 
HTTP/2, SPDY e Otimizações Web - Front In Maceió 2014 - Sérgio Lopes
byCaelum
 
Developing cacheable PHP applications - PHPLimburgBE 2018
byThijs Feryn
 
Altitude San Francisco 2018: Programming the Edge
byFastly
 
Developing cacheable PHP applications - Confoo 2018
byThijs Feryn
 
Site Performance Optimization for Joomla #jwc13
byHans Kuijpers
 
Devoxx Maroc 2015 HTTP 1, HTTP 2 and folks
byNicolas Martignole
 

What's hot

PDF
BIND 9 logging best practices
byMen and Mice
 
PPTX
Nginx Scalable Stack
byBruno Paiuca
 
ODP
HAProxy scale out using open source
byIngo Walz
 
PPT
Web performance - Analysing Heart.co.uk
bygareth53
 
PPTX
Interactive web. O rly?
bytimbc
 
PDF
Efficient HTTP Apis
byAdrian Cole
 
PPTX
Altitude San Francisco 2018: Testing with Fastly Workshop
byFastly
 
PDF
DNS High-Availability Tools - Open-Source Load Balancing Solutions
byMen and Mice
 
PDF
Caching on the Edge
byFabien Potencier
 
KEY
I got 99 problems, but ReST ain't one
byAdrian Cole
 
PDF
Building Scalable Websites with Perl
byPerrin Harkins
 
PPTX
5 steps to faster web sites & HTML5 games - updated for DDDscot
byMichael Ewins
 
PDF
Caching the Uncacheable
bydanrot
 
PDF
Nginx, PHP, Apache and Spelix
byHarald Zeitlhofer
 
PDF
Varnish
byFabien Potencier
 
PDF
Making the Most of HTTP In Your Apps
byBen Ramsey
 
PPTX
Http2 kotlin
byAndrii Bezruchko
 
PDF
What is new in BIND 9.11?
byMen and Mice
 
PDF
HTTP/2: What no one is telling you
byFastly
 
PDF
The CAA-Record for increased encryption security
byMen and Mice
 
BIND 9 logging best practices
byMen and Mice
 
Nginx Scalable Stack
byBruno Paiuca
 
HAProxy scale out using open source
byIngo Walz
 
Web performance - Analysing Heart.co.uk
bygareth53
 
Interactive web. O rly?
bytimbc
 
Efficient HTTP Apis
byAdrian Cole
 
Altitude San Francisco 2018: Testing with Fastly Workshop
byFastly
 
DNS High-Availability Tools - Open-Source Load Balancing Solutions
byMen and Mice
 
Caching on the Edge
byFabien Potencier
 
I got 99 problems, but ReST ain't one
byAdrian Cole
 
Building Scalable Websites with Perl
byPerrin Harkins
 
5 steps to faster web sites & HTML5 games - updated for DDDscot
byMichael Ewins
 
Caching the Uncacheable
bydanrot
 
Nginx, PHP, Apache and Spelix
byHarald Zeitlhofer
 
Varnish
byFabien Potencier
 
Making the Most of HTTP In Your Apps
byBen Ramsey
 
Http2 kotlin
byAndrii Bezruchko
 
What is new in BIND 9.11?
byMen and Mice
 
HTTP/2: What no one is telling you
byFastly
 
The CAA-Record for increased encryption security
byMen and Mice
 

Similar to HTTP Caching in Web Application

PDF
HTTP colon slash slash: the end of the road?
byAlessandro Nadalin
 
PDF
HTTP colon slash slash: end of the road? @ CakeFest 2013 in San Francisco
byAlessandro Nadalin
 
PDF
HTTP headers that will make your website go faster
byThijs Feryn
 
PDF
Caching in HTTP
byAlexander Shopov
 
PPT
Rest services caching
bySperasoft
 
PPTX
Web technologies: HTTP
byPiero Fraternali
 
KEY
Fearless HTTP requests abuse
byLuis Cipriani
 
PPTX
Hypertext Transfer Protocol
byShubham Srivastava
 
PPTX
The Most Frequently Used Caching Headers
byHTS Hosting
 
PDF
Lec 7(HTTP Protocol)
bymaamir farooq
 
PDF
20100918 android cache
byrroijnoigntroie
 
PDF
Clug 2012 March web server optimisation
bygrooverdan
 
PDF
02 - Asassssssspplication Layer (HTTP).pdf
byHasibTurjo
 
PDF
HTTP headers that make your website go faster - devs.gent November 2023
byThijs Feryn
 
PDF
HTTP headers that make your website go faster
byThijs Feryn
 
PDF
HTTP cache @ PUG Rome 03-29-2011
byAlessandro Nadalin
 
PPTX
application of http.pptx
byssuseraf60311
 
PDF
CommTech Talks: Lightstreamer (A. Alinone)
byAntonio Capone
 
PDF
Caching on the web
byJean Carlo Emer
 
PDF
REST in ( a mobile ) peace @ WHYMCA 05-21-2011
byAlessandro Nadalin
 
HTTP colon slash slash: the end of the road?
byAlessandro Nadalin
 
HTTP colon slash slash: end of the road? @ CakeFest 2013 in San Francisco
byAlessandro Nadalin
 
HTTP headers that will make your website go faster
byThijs Feryn
 
Caching in HTTP
byAlexander Shopov
 
Rest services caching
bySperasoft
 
Web technologies: HTTP
byPiero Fraternali
 
Fearless HTTP requests abuse
byLuis Cipriani
 
Hypertext Transfer Protocol
byShubham Srivastava
 
The Most Frequently Used Caching Headers
byHTS Hosting
 
Lec 7(HTTP Protocol)
bymaamir farooq
 
20100918 android cache
byrroijnoigntroie
 
Clug 2012 March web server optimisation
bygrooverdan
 
02 - Asassssssspplication Layer (HTTP).pdf
byHasibTurjo
 
HTTP headers that make your website go faster - devs.gent November 2023
byThijs Feryn
 
HTTP headers that make your website go faster
byThijs Feryn
 
HTTP cache @ PUG Rome 03-29-2011
byAlessandro Nadalin
 
application of http.pptx
byssuseraf60311
 
CommTech Talks: Lightstreamer (A. Alinone)
byAntonio Capone
 
Caching on the web
byJean Carlo Emer
 
REST in ( a mobile ) peace @ WHYMCA 05-21-2011
byAlessandro Nadalin
 

Recently uploaded

PDF
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
PDF
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
PDF
Transcript: What Thema can do: Leveraging metadata to support the discoverabi...
byBookNet Canada
 
PDF
JCB_3CX_SPECS (24 págs) companywrench.com .pdf
byAquilesOyarzn1
 
PDF
Real-Time AI Masterclass: Vector Search at Scale
byScyllaDB
 
PDF
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
PDF
Chapter 3 Cryptography and encryption techniques.pdf
byGetnet Tigabie Askale -(GM)
 
PPTX
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
PDF
Enterprise Data Services_ A Development Guide with Use Cases, Trends and Impl...
by2601harsh23
 
PPTX
Spacecraft Guidance Quick Research Guide by Arthur Morgan
byArthur Morgan
 
PDF
Real-Time AI at Scale Masterclass: Feature Store at Scale
byScyllaDB
 
PDF
Certified AI-Native Foundations Professional.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
PDF
Web3 - Applications and Architectures - History and Horizons
byGokul Alex
 
PPTX
TechSprint WinterHack — Top 10 Teams Pitching Session we are excited for pit...
bybajpaitusharoffon678
 
PPTX
The Lex Wire Precedent: A Technical Standard for Machine-Mediated Authority ...
byJeff Howell
 
PDF
AI-Powered Alert Analysis with ClickHouse - DB Mastery Jan'26
byAlkin Tezuysal
 
PDF
A Simple Guide to Real Estate Tokenization on XRP Ledger.pdf
byemmajoh2025
 
PDF
What Thema can do: Leveraging metadata to support the discoverability of Firs...
byBookNet Canada
 
PDF
Certified AI-Empowered SAFe Release Train Engineer.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
PDF
7 Essential Types of Penetration Testing Services Every Business Should Under...
bypandeydevika621
 
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
Transcript: What Thema can do: Leveraging metadata to support the discoverabi...
byBookNet Canada
 
JCB_3CX_SPECS (24 págs) companywrench.com .pdf
byAquilesOyarzn1
 
Real-Time AI Masterclass: Vector Search at Scale
byScyllaDB
 
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
Chapter 3 Cryptography and encryption techniques.pdf
byGetnet Tigabie Askale -(GM)
 
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
Enterprise Data Services_ A Development Guide with Use Cases, Trends and Impl...
by2601harsh23
 
Spacecraft Guidance Quick Research Guide by Arthur Morgan
byArthur Morgan
 
Real-Time AI at Scale Masterclass: Feature Store at Scale
byScyllaDB
 
Certified AI-Native Foundations Professional.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
Web3 - Applications and Architectures - History and Horizons
byGokul Alex
 
TechSprint WinterHack — Top 10 Teams Pitching Session we are excited for pit...
bybajpaitusharoffon678
 
The Lex Wire Precedent: A Technical Standard for Machine-Mediated Authority ...
byJeff Howell
 
AI-Powered Alert Analysis with ClickHouse - DB Mastery Jan'26
byAlkin Tezuysal
 
A Simple Guide to Real Estate Tokenization on XRP Ledger.pdf
byemmajoh2025
 
What Thema can do: Leveraging metadata to support the discoverability of Firs...
byBookNet Canada
 
Certified AI-Empowered SAFe Release Train Engineer.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
7 Essential Types of Penetration Testing Services Every Business Should Under...
bypandeydevika621
 

HTTP Caching in Web Application

  • 1.
    HTTP CACHING INWEB APPLICATIONS MARTINS SIPENKO
  • 2.
    HTTP CACHING INWEB APPLICATIONS ABOUT ME ▸ Worked with IT since around 2002 ▸ Lead engineer @KASKO, a fintech startup ▸ Student at University of Latvia ▸ AWS Certified
  • 3.
    HTTP CACHING INWEB APPLICATIONS @MARTINSSIPENKO
  • 4.
    HTTP CACHING INWEB APPLICATIONS WHY HTTP CACHING?
  • 5.
    HTTP CACHING INWEB APPLICATIONS WHY HTTP CACHING? ▸ Decrease latency ▸ Decrease server response times ▸ Decrease the costs of origin servers ▸ Decrease the costs of data transfer ▸ ...
  • 6.
    HTTP CACHING INWEB APPLICATIONS HOW HTTP WORKS?
  • 7.
    HTTP CACHING INWEB APPLICATIONS HOW HTTP WORKS? ▸ Client & Origin CLIENT ORIGIN
  • 8.
    HTTP CACHING INWEB APPLICATIONS HOW HTTP WORKS? ▸ Client & Origin ▸ Request & Response CLIENT ORIGIN Request Response
  • 9.
    HTTP CACHING INWEB APPLICATIONS HOW HTTP WORKS? ▸ Client & Origin ▸ Request & Response ▸ HTTP Headers CLIENT ORIGIN Request Response $ curl -v https://example.com > /dev/null
 > GET / HTTP/1.1
 > Host: example.com
 > Accept: */*
 >
 < HTTP/1.1 200 OK
 < Server: nginx
 < Date: Wed, 25 Feb 2016 16:45:00 GMT
 <
 [1024 bytes data] { { Request headers Response headers Curl command Response data
  • 10.
    HTTP CACHING INWEB APPLICATIONS HTTP HEADERS ▸ Components of the request and response messages ▸ Define the operating parameters of HTTP transaction ▸ Two groups ▸ Defined by RFC standard ▸ Custom (X-*)
  • 11.
    HTTP CACHING INWEB APPLICATIONS HTTP HEADERS Accept, Accept-Charset, Accept-Datetime, Accept-Encoding, Accept-Language, Accept-Ranges, Access-Control-Allow-Origin, Age, Allow, Authorization, Cache- Control, Common, Connection, Content-Disposition, Content-Encoding, Content- Language, Content-Length, Content-Location, Content-MD5, Content-Range, Content-Security-Policy, Content-Type, Cookie, Date, DNT, ETag, Example, Expect, Expires, Field, From, Front-End-Https, Host, If-Match, If-Modified-Since, If-None- Match, If-Range, If-Unmodified-Since, Last-Modified, Link, Location, Max-Forwards, Origin, Permanent, Pragma, Proxy-Authenticate, Proxy-Authorization, Proxy- Connection, Public-Key-Pins, Range, Referer, Refresh, Response, Retry-After, Server, Set-Cookie, Status, Strict-Transport-Security, TE, Trailer, Transfer-Encoding, Upgrade, User-Agent, Vary, Via, Warning, WWW-Authenticate, X-ATT-DeviceId, X-Content- Security-Policy, X-Content-Type-Options, X-Forwarded-For, X-Forwarded-Proto, X- Frame-Options, X-Http-Method-Override, X-Powered-By, X-Requested-With, X-UA- Compatible, X-Wap-Profile, X-WebKit-CSP, X-XSS-Protection, X-*
  • 12.
    HTTP CACHING INWEB APPLICATIONS HTTP HEADERS Accept, Accept-Charset, Accept-Datetime, Accept-Encoding, Accept-Language, Accept-Ranges, Access-Control-Allow-Origin, Age, Allow, Authorization, Cache- Control, Common, Connection, Content-Disposition, Content-Encoding, Content- Language, Content-Length, Content-Location, Content-MD5, Content-Range, Content-Security-Policy, Content-Type, Cookie, Date, DNT, ETag, Example, Expect, Expires, Field, From, Front-End-Https, Host, If-Match, If-Modified-Since, If-None- Match, If-Range, If-Unmodified-Since, Last-Modified, Link, Location, Max-Forwards, Origin, Permanent, Pragma, Proxy-Authenticate, Proxy-Authorization, Proxy- Connection, Public-Key-Pins, Range, Referer, Refresh, Response, Retry-After, Server, Set-Cookie, Status, Strict-Transport-Security, TE, Trailer, Transfer-Encoding, Upgrade, User-Agent, Vary, Via, Warning, WWW-Authenticate, X-ATT-DeviceId, X-Content- Security-Policy, X-Content-Type-Options, X-Forwarded-For, X-Forwarded-Proto, X- Frame-Options, X-Http-Method-Override, X-Powered-By, X-Requested-With, X-UA- Compatible, X-Wap-Profile, X-WebKit-CSP, X-XSS-Protection, X-*
  • 13.
    HTTP CACHING INWEB APPLICATIONS CACHING: CLIENT SIDE ONLY ORIGIN CLIENT 1 CLIENT 2 CLIENT 3 CLIENT N BROWSER CACHE BROWSER CACHE BROWSER CACHE BROWSER CACHE Time
  • 14.
    HTTP CACHING INWEB APPLICATIONS LETS ADD CACHING PROXY
  • 15.
    HTTP CACHING INWEB APPLICATIONS CACHING: WITH CACHING PROXY ORIGIN CLIENT 1 CLIENT 2 CLIENT 3 CLIENT N BROWSER CACHE BROWSER CACHE BROWSER CACHE BROWSER CACHE CACHING PROXIES Time
  • 16.
    HTTP CACHING INWEB APPLICATIONS THE BENEFITS ▸ Less requests over wire if content is available locally ▸ Less origin hits ▸ Content served by cache ▸ No need to regenerate content ▸ Can be distributed globally over regions (CDN)
  • 17.
    HTTP CACHING INWEB APPLICATIONS SOME NUMBERS Cache time (minutes) Hit Ratio Request to Origin / Hr 1 99.8% 60 5 99.96% 12 20 99.99% 3 60 99.997% 1 86400 99.9998% <1 500 Requests per minute
  • 18.
    HTTP CACHING INWEB APPLICATIONS CONDITIONAL REQUESTS
  • 19.
    HTTP CACHING INWEB APPLICATIONS CONDITIONAL REQUESTS ▸ Way to check if content has been updated since ▸ Can be used to reduce response times ▸ Origin returns either: ▸ 200 OK ▸ 304 Not Modified
  • 20.
    HTTP CACHING INWEB APPLICATIONS CONDITIONAL REQUESTS ORIGIN CLIENT 1 CLIENT 2 CLIENT 3 CLIENT N BROWSER CACHE BROWSER CACHE BROWSER CACHE BROWSER CACHE CACHING PROXIES Time 200 304 200 304 200 304 200 304
  • 21.
    HTTP CACHING INWEB APPLICATIONS CONDITIONAL REQUESTS: CODE 
 <?php $ts = 1456419010; // Comes from DB or memory cache
 $last_modified = gmdate('r', $ts);
 
 header('Last-Modified: ' . $last_modified); if (
 isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])
 && $ts <= strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE'])
 ) {
 header('HTTP/1.1 304 Not Modified');
 exit(0);
 }
 
 sleep(5); // Do something very hard
  • 22.
    HTTP CACHING INWEB APPLICATIONS CONDITIONAL REQUESTS: FIRST REQUEST 
 $ time curl -v https://example.com > /dev/null
 
 > GET / HTTP/1.1
 > Host: example.com
 >
 < HTTP/1.1 200 OK
 < Server: nginx
 < Date: Thu, 25 Feb 2016 16:50:10 GMT
 < Last-Modified: Thu, 25 Feb 2016 16:50:10 GMT
 <
 [data not shown] real 0m5.020s
 user 0m0.005s
 sys 0m0.006s
  • 23.
    HTTP CACHING INWEB APPLICATIONS CONDITIONAL REQUESTS: SUBSEQUENT REQUEST 
 $ time curl -v https://example.com 
 -H "If-Modified-Since: Thu, 25 Feb 2016 16:50:10 GMT" > /dev/null
 
 > GET / HTTP/1.1
 > Host: example.com
 > If-Modified-Since: Thu, 25 Feb 2016 16:50:10 GMT
 >
 < HTTP/1.1 304 Not Modified
 < Server: nginx
 < Date: Thu, 25 Feb 2016 16:51:10 GMT
 < Last-Modified: Thu, 25 Feb 2016 16:50:10 GMT
 <
 [data not shown] real 0m0.019s
 user 0m0.005s
 sys 0m0.005s
  • 24.
    HTTP CACHING INWEB APPLICATIONS BUT
  • 25.
    HTTP CACHING INWEB APPLICATIONS THERE ARE ONLY TWO HARD THINGS IN COMPUTER SCIENCE: CACHE INVALIDATION AND NAMING THINGS. -- PHIL KARLTON
  • 26.
    HTTP CACHING INWEB APPLICATIONS AN EXAMPLE PROBLEM ▸ A blog post stored in DB table ▸ Tags associated to that blog post ▸ Adding new tags does not update the post itself
  • 27.
    HTTP CACHING INWEB APPLICATIONS AN EXAMPLE PROBLEM ▸ A blog post stored in DB table ▸ Tags associated to that blog post ▸ Adding new tags does not update the post itself LAST MODIFICATION TIME HAS NOT CHANGED
  • 28.
    HTTP CACHING INWEB APPLICATIONS AN EXAMPLE PROBLEM ▸ A blog post stored in DB table ▸ Tags associated to that blog post ▸ Adding new tags does not update the post itself LAST MODIFICATION TIME HAS NOT CHANGED ENTITY TAG CAN BE USED INSTEAD
  • 29.
    HTTP CACHING INWEB APPLICATIONS CONDITIONAL REQUESTS: CODE 
 <?php $last_mod = 1456419010; // Comes from DB or memory cache
 $last_mod_of_linked_resource = 1456419010; // Comes from DB or memory cache
 $etag = md5($last_mod . $last_mod_of_linked_resource);
 
 header('ETag: ' . $etag); if (
 isset($_SERVER['HTTP_IF_NONE_MATCH'])
 && $_SERVER['HTTP_IF_NONE_MATCH'] === $etag
 ) {
 header('HTTP/1.1 304 Not Modified');
 exit(0);
 }
 
 sleep(5); // Do something very hard
  • 30.
    HTTP CACHING INWEB APPLICATIONS CONDITIONAL REQUESTS: FIRST REQUEST 
 $ time curl -v https://example.com > /dev/null
 
 > GET / HTTP/1.1
 > Host: example.com
 >
 < HTTP/1.1 200 OK
 < Server: nginx
 < Date: Thu, 25 Feb 2016 16:50:10 GMT
 < ETag: 228c662b04e31dc303d380ad03c2bc0b
 <
 [data not shown] real 0m5.020s
 user 0m0.005s
 sys 0m0.006s
  • 31.
    HTTP CACHING INWEB APPLICATIONS CONDITIONAL REQUESTS: SUBSEQUENT REQUEST 
 $ time curl -v https://example.com 
 -H "If-None-Match: 228c662b04e31dc303d380ad03c2bc0b" > /dev/null
 
 > GET / HTTP/1.1
 > Host: example.com
 > If-None-Match: 228c662b04e31dc303d380ad03c2bc0b
 >
 < HTTP/1.1 304 Not Modified
 < Server: nginx
 < Date: Thu, 25 Feb 2016 16:51:10 GMT
 < ETag: 228c662b04e31dc303d380ad03c2bc0b
 <
 [data not shown] real 0m0.019s
 user 0m0.005s
 sys 0m0.005s
  • 32.
    HTTP CACHING INWEB APPLICATIONS THE BENEFITS ▸ Revalidation could less expensive ▸ Amount of data transferred decreases ▸ Stale-While-Revalidate can be used on caching proxy level (if supported)
  • 33.
    HTTP CACHING INWEB APPLICATIONS TOOLS FOR CACHING PROXY ▸ Apache Traffic Server ▸ Varnish ▸ Squid ▸ Nginx (would not suggest) ▸ Amazon CloudFront CDN ▸ Other CDNs
  • 34.
    HTTP CACHING INWEB APPLICATIONS HTTP HEADERS Accept, Accept-Charset, Accept-Datetime, Accept-Encoding, Accept-Language, Accept-Ranges, Access-Control-Allow-Origin, Age, Allow, Authorization, Cache- Control, Common, Connection, Content-Disposition, Content-Encoding, Content- Language, Content-Length, Content-Location, Content-MD5, Content-Range, Content-Security-Policy, Content-Type, Cookie, Date, DNT, ETag, Example, Expect, Expires, Field, From, Front-End-Https, Host, If-Match, If-Modified-Since, If-None- Match, If-Range, If-Unmodified-Since, Last-Modified, Link, Location, Max-Forwards, Origin, Permanent, Pragma, Proxy-Authenticate, Proxy-Authorization, Proxy- Connection, Public-Key-Pins, Range, Referer, Refresh, Response, Retry-After, Server, Set-Cookie, Status, Strict-Transport-Security, TE, Trailer, Transfer-Encoding, Upgrade, User-Agent, Vary, Via, Warning, WWW-Authenticate, X-ATT-DeviceId, X-Content- Security-Policy, X-Content-Type-Options, X-Forwarded-For, X-Forwarded-Proto, X- Frame-Options, X-Http-Method-Override, X-Powered-By, X-Requested-With, X-UA- Compatible, X-Wap-Profile, X-WebKit-CSP, X-XSS-Protection, X-*
  • 35.
    HTTP CACHING INWEB APPLICATIONS CACHE CONTROL
  • 36.
    HTTP CACHING INWEB APPLICATIONS CACHE-CONTROL < Cache-Control: private, max-age=0, no-cache public | private no-cache no-store max-age s-max-age must-revalidate no-transform proxy-revalidate DIRECTIVES EXAMPLE
  • 37.
    HTTP CACHING INWEB APPLICATIONS EXPIRES < Expires: Sat, 04 Feb 1989 04:34:00 GMT EXAMPLE
  • 38.
    HTTP CACHING INWEB APPLICATIONS THE "VARY" HEADER
  • 39.
    HTTP CACHING INWEB APPLICATIONS VARY < Vary: Accept-Encoding, User-Agent EXAMPLE THE VARY HEADER LETS THE CACHES KNOW WHICH REQUEST HEADER VALUES TO USE FOR CACHE-KEY.
  • 40.
    HTTP CACHING INWEB APPLICATIONS VARY < Vary: Accept-Encoding, User-Agent EXAMPLE ...
 > Accept-Encoding: gzip
 > User-Agent: curl
 >
 ...
 < Vary: Accept-Encoding, User-Agent
 ... ...
 >
 > User-Agent: curl
 >
 ...
 < Vary: Accept-Encoding, User-Agent
 ... GZIP-CURL CURL WITH Accept-Encoding WITHOUT Accept-Encoding
  • 41.
    HTTP CACHING INWEB APPLICATIONS THAT'S ALMOST IT
  • 42.
    HTTP CACHING INWEB APPLICATIONS FEW SUGGESTIONS ▸ Let your application add caching headers instead of web server ▸ Be smart about what you cache and for how long ▸ Think well about how you will invalidate cache ▸ Keep in mind that errors too can be cached
  • 43.
    HTTP CACHING INWEB APPLICATIONS Q&A?
  • 44.
    HTTP CACHING INWEB APPLICATIONS THANKS! @martinssipenko
 martins.sipenko@gmail.com
  • 45.
    HTTP CACHING INWEB APPLICATIONS J K L PLEASE GIVE FEEDBACK!