Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 HTTP Caching & Cache-Busting for Content Publishers Michael J. Radwin ApacheCon 2004 November 17, 2004.

Published byGerard Gilmore Modified over 8 years ago

Similar presentations

Presentation on theme: "1 HTTP Caching & Cache-Busting for Content Publishers Michael J. Radwin ApacheCon 2004 November 17, 2004."— Presentation transcript:

1 1 HTTP Caching & Cache-Busting for Content Publishers Michael J. Radwin http://public.yahoo.com/~radwin/ ApacheCon 2004 November 17, 2004

2 2 Hi, I’m Michael J. Radwin Engineering Manager, Yahoo! Inc. –Internal FAMP dev & support FreeBSD, Apache, MySQL, PHP Also, some C/C++ libs (networking, data storage) –Web Services infrastructure –Developer Tools CVS, Bugzilla, package mgmt, i18n workflow Slides online –http://public.yahoo.com/~radwin/

3 3 Why you’re here today Publishers have a lot of web content –HTML, images, Flash, movies Speed is important part of user experience Bandwidth is expensive –Use what you need, but avoid unnecessary extra Personalization differentiates –Show timely data (stock quotes, news stories) –Get accurate advertising statistics –Protect sensitive info (e-mail, account balances)

4 4 Not covered in this talk Proxy deployment –Configuring proxy cache servers (i.e. Squid) –Configuring browsers to use proxy caches –Transparent/interception proxy caching –Intercache protocols (ICP, HTCP) HTTP acceleration (a k a reverse proxies) Database query results caching

5 5 HTTP Review Server Client Interne t (1) Client connects to www.example.com port 80 Server Client (2) Client sends HTTP GET request Interne t

6 6 HTTP Review (cont’d) Server Client Interne t (3) Client reads HTTP response from server Server Client Interne t (4) Client and Server close connection

7 7 HTTP Example mradwin@machshav:~$ telnet www.example.com 80 Trying 192.168.37.203... Connected to w6.example.com. Escape character is '^]'. GET /foo/index.html HTTP/1.1 Host: www.example.com HTTP/1.1 200 OK Date: Wed, 28 Jul 2004 23:36:12 GMT Last-Modified: Fri, 23 Jul 2004 01:52:37 GMT Content-Length: 3688 Connection: close Content-Type: text/html Hello World...

8 8 Browsers use private caches Server Client Interne t GET /foo/index.html HTTP/1.1 Host: www.example.com HTTP/1.1 200 OK Last-Modified: Fri, 23 Jul 2004 01:52:37 GMT Content-Length: 3688 Content-Type: text/html Client stores copy of http://www.example.com/foo/index.html on its hard disk with timestamp.

9 9 Revalidation (Conditional GET) Server Client Interne t GET /foo/index.html HTTP/1.1 Host: www.example.com If-Modified-Since: Fri, 23 Jul 2004 01:52:37 GMT HTTP/1.1 304 Not Modified

10 10 Non-Caching Proxy Server Client Interne t Proxy GET /foo/index.html HTTP/1.1 Host: www.example.com HTTP/1.1 200 OK Last-Modified: Fri, 23 Jul... Content-Length: 3688 Content-Type: text/html GET /foo/index.html HTTP/1.1 Host: www.example.com HTTP/1.1 200 OK Last-Modified: Fri, 23 Jul... Content-Length: 3688 Content-Type: text/html

11 11 Proxy Cache Miss Server Client Interne t Proxy GET /foo/index.html HTTP/1.1 Host: www.example.com HTTP/1.1 200 OK Last-Modified: Fri, 23 Jul... Content-Length: 3688 Content-Type: text/html GET /foo/index.html HTTP/1.1 Host: www.example.com HTTP/1.1 200 OK Last-Modified: Fri, 23 Jul... Content-Length: 3688 Content-Type: text/html

12 12 Proxy Cache Hit Server Client Interne t Proxy GET /foo/index.html HTTP/1.1 Host: www.example.com HTTP/1.1 200 OK Last-Modified: Fri, 23 Jul... Content-Length: 3688 Content-Type: text/html

13 13 Proxy Cache Revalidation Hit Server Client Interne t Proxy GET /foo/index.html HTTP/1.1 Host: www.example.com If-Modified-Since: Fri, 23 Jul... HTTP/1.1 304 Not Modified GET /foo/index.html HTTP/1.1 Host: www.example.com HTTP/1.1 200 OK Last-Modified: Fri, 23 Jul... Content-Length: 3688 Content-Type: text/html

14 14 Assumptions about content types Rate of change once published Frequently OccasionallyRarely/Never HTMLCSS JavaScript Images Flash PDF Dynamic Content Static Content Personalized Same for everyone

15 15 Top 5 techniques for publishers 1.Use “Cache-Control: private” for personalized content 2.Implement “Images Never Expire” policy 3.Use a cookie-free TLD for static content 4.Use Apache defaults for CSS & JavaScript 5.Use random strings in URL for accurate hit metering or very sensitive content

16 16 1. Use “Cache-Control: private” for personalized content Rate of change once published Frequently OccasionallyRarely/Never HTMLCSS JavaScript Images Flash PDF Dynamic Content Static Content Personalized Same for everyone

17 17 Shared caching gone awry (1) Webmail Server Client 1 Interne t Proxy GET /msg3.html HTTP/1.1 Host: webmail.example.com Cookie: user=jane Jane’s e-mail message GET /msg3.html HTTP/1.1 Host: webmail.example.com Cookie: user=jane Jane’s e-mail message

18 18 Shared caching gone awry (2) Webmail Server Client 1 msg3.html Interne t Proxy GET /msg3.html HTTP/1.1 Host: webmail.example.com Cookie: user=jane Jane’s e-mail message

19 19 Shared caching gone awry (3) Webmail Server Client 2 msg3.html Interne t Proxy GET /msg3.html HTTP/1.1 Host: webmail.example.com Cookie: user=mary Jane’s e-mail message

20 20 What’s cacheable? HTTP/1.1 allows caching anything by default –Unless explicit Cache-Control header In practice, most caches avoid anything with –Cache-Control/Pragma header –Cookie/Set-Cookie headers –WWW-Authenticate/Authorization header –POST/PUT method –302/307 status code

21 21 Cache-Control: private Shared caches bad for shared content –Mary shouldn’t be able to read Jane’s mail Private caches perfectly OK –Speed up web browsing experience Avoid personalization leakage with single line in httpd.conf or.htaccess Header set Cache-Control private

22 22 2. “Images Never Expire” policy Rate of change once published Frequently OccasionallyRarely/Never HTMLCSS JavaScript Images Flash PDF Dynamic Content Static Content Personalized Same for everyone

23 23 “Images Never Expire” Policy Encourage caching of icons & logos –Forever ≈ 10 years in Internet biz Must change URL when you change img –http://us.yimg.com/i/new.gif –http://us.yimg.com/i/new2.gif Tradeoff –More difficult for designers –Bandwidth savings, faster user experience

24 24 Imgs Never Expire: mod_expires # Works with both HTTP/1.0 and HTTP/1.1 ExpiresActive On ExpiresByType image/gif A315360000 ExpiresByType image/jpeg A315360000 ExpiresByType image/png A315360000

25 25 Imgs Never Expire: mod_headers # Works with HTTP/1.1 only Header set Cache-Control \ "max-age=315360000" # Works with both HTTP/1.0 and HTTP/1.1 Header set Expires \ "Mon, 28 Jul 2014 23:30:00 GMT"

26 26 mod_images_never_expire /* Enforce policy with module that runs at URI translation hook */ static int translate_imgexpire(request_rec *r) { const char *ext; if ((ext = strrchr(r->uri, '.')) != NULL) { if (strcasecmp(ext,".gif") == 0 || strcasecmp(ext,".jpg") == 0 || strcasecmp(ext,".png") == 0 || strcasecmp(ext,".jpeg") == 0) { if (ap_table_get(r->headers_in,"If-Modified-Since") != NULL || ap_table_get(r->headers_in,"If-None-Match") != NULL) { /* Don't bother checking filesystem, just hand back a 304 */ return HTTP_NOT_MODIFIED; } return DECLINED; }

27 27 3. Cookie-free static content Rate of change once published Frequently OccasionallyRarely/Never HTMLCSS JavaScript Images Flash PDF Dynamic Content Static Content Personalized Same for everyone

28 28 Use a cookie-free Top Level Domain for static content For maximum efficiency use two domains –www.example.com for HTML –img.example.net for images Some proxies won’t cache Cookie reqs –But: multimedia is never personalized –Cookies irrelevant for images

29 29 Typical GET request w/Cookies GET /i/foo/bar/quux.gif HTTP/1.1 Host: www.example.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7) Gecko/20040707 Firefox/0.8 Accept: application/x-shockwave- flash,text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q =0.8,video/x-mng,image/png,image/jpeg,image/gif;q=0.2,*/*;q=0.1 Cookie: U=mt=vtC1tp2MhYv9RL5BlpxYRFN_P8DpMJoamllEcA--&ux=IIr.AB&un=42vnticvufc8v; brandflash=1; B=amfco1503sgp8&b=2; F=a=NC184LcsvfX96G.JR27qSjCHu7bII3s. tXa44psMLliFtVoJB_m5wecWY_.7&b=K1It; LYC=l_v=2&l_lv=7&l_l=h03m8d50c8bo &l_s=3yu2qxz5zvwquwwuzv22wrwr5t3w1zsr&l_lid=14rsb76&l_r=a8&l_um=1_0_1_0_0; GTSessionID835990899023=83599089902340645635; Y=v=1&n=6eecgejj7012f &l=h03m8d50c8bo/o&p=m012o33013000007&jb=16|47|&r=a8&lg=us&intl=us&np=1; PROMO=SOURCE=fp5; YGCV=d=; T=z=iTu.ABiZD/AB6dPWoqXibIcTzc0BjY3TzI3NTY0MzQ- &a=YAE&sk=DAAwRz5HlDUN2T&d=c2wBT0RBekFURXdPRFV3TWpFek5ETS0BYQFZQUUBb2sBWlcwLQF0aX ABWUhaTVBBAXp6AWlUdS5BQmdXQQ--&af=QUFBQ0FDQURCOUFIQUJBQ0FEQUtBTE FNSDAmdHM9MTA5MDE4NDQxOCZwcz1lOG83MUVYcTYxOVouT2Ftc1ZFZUhBLS0-; LYS=l_fh=0&l_vo=myla; PA=p0=dg13DX4Ndgk-&p1=6L5qmg--&e=xMv.AB; YP.us=v=2&m=addr&d=1525+S+Robertson+Blvd%01Los+Angeles%01CA%0190035- 4231%014480%0134.051590%01-118.384342%019%01a%0190035 Referer: http://www.example.com/foo/bar.php?abc=123&def=456 Accept-Language: en-us,en;q=0.7,he;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive

30 30 Same request, no Cookies GET /i/foo/bar/quux.gif HTTP/1.1 Host: img.example.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7) Gecko/20040707 Firefox/0.8 Accept: application/x-shockwave- flash,text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q =0.8,video/x-mng,image/png,image/jpeg,image/gif;q=0.2,*/*;q=0.1 Referer: http://www.example.com/foo/bar.php?abc=123&def=456 Accept-Language: en-us,en;q=0.7,he;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Added bonus: much smaller GET request –Dial-up MTU size 576 bytes, PPPoE 1492 –1450 bytes reduced to 550

31 31 4. Apache defaults for static, occasionally-changing content Rate of change once published Frequently OccasionallyRarely/Never HTMLCSS JavaScript Images Flash PDF Dynamic Content Static Content Personalized Same for everyone

32 32 Revalidation works pretty well Revalidation default behavior for static content –Browser sends If-Modified-Since request –Server replies with short 304 Not Modified –No fancy Apache config needed Use if you can’t predict when content will change –Page designers can change immediately –No renaming necessary Cost: extra HTTP transaction for 304 –Small with Keep-Alive, but large sites disable

33 33 5. Random URL strings for hit metering, sensitive content Rate of change once published Frequently OccasionallyRarely/Never HTMLCSS JavaScript Images Flash PDF Dynamic Content Static Content Personalized Same for everyone

34 34 Accurate advertising statistics If you trust proxies –Send Cache-Control: must-revalidate –Count 304 Not Modified log entries as hits If you don’t –Ask client to fetch uncacheable image URL –Return 302 to highly cacheable image file –Count 302s as hits –Don’t bother to look at cacheable server log

35 35 Hit-metering for ads (1) var r = Math.random(); var t = new Date(); document.write(" ");

36 36 Hit-metering for ads (2) GET /ad/foo/bar.gif?t=1090538707;r=0.510772917234983 HTTP/1.1 Host: ads.example.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7) Gecko/20040707 Firefox/0.8 Referer: http://www.example.com/foo/bar.php?abc=123&def=456 Cookie: uid=C50DF33E-E202-4206-B1F3-946AEDF9308B HTTP/1.1 302 Moved Temporarily Date: Wed, 28 Jul 2004 23:45:06 GMT Cache-Control: max-age=0,no-cache,no-store Expires: Tue, 11 Oct 1977, 01:23:45 GMT Pragma: no-cache Location: http://img.example.net/i/foo/bar.gif Content-Type: text/html Moved

37 37 Hit-metering for ads (3) GET /i/foo/bar.gif HTTP/1.1 Host: img.example.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7) Gecko/20040707 Firefox/0.8 Referer: http://www.example.com/foo/bar.php?abc=123&def=456 HTTP/1.1 200 OK Date: Wed, 28 Jul 2004 23:45:07 GMT Last-Modified: Mon, 05 Oct 1998 18:32:51 GMT ETag: "69079e-ad91-40212cc8" Cache-Control: public,max-age=315360000 Expires: Mon, 28 Jul 2014 23:45:07 GMT Content-Length: 6096 Content-Type: image/gif GIF89a...

38 38 Defeating proxies: turning public caches into private caches Use distinct tokens in URL –No two users use same token –Defeats shared proxy caches –Works well with private caches Doesn’t break the back button May break visited-link highlighting –e.g. JavaScript timestamps/random numbers –Every link is blue, no purple

39 39 Breaking the Back button When users click browser Back button –Expect to go back one page instantly –Private cache enables this behavior Aggressive cache-busting breaks Back button –Server sends Pragma: no-cache or Expires in past –Browser must re-visit server to re-fetch page –Hitting network much slower than hitting disk Use very sparingly –Compromising user experience is A Bad Thing

40 40 Review: Top 5 techniques 1.Use “Cache-Control: private” for personalized content 2.Implement “Images Never Expire” policy 3.Use a cookie-free TLD for static content 4.Use Apache defaults for CSS & JavaScript 5.Use random strings in URL for accurate hit metering or very sensitive content

41 41 Review: encouraging caching Send explicit Cache-Control or Expires Generate “static content” headers –Last-Modified, ETag –Content-Length Avoid “ cgi-bin ”, “.cgi ” or “ ? ” in URLs –Some proxies (e.g. Squid) won’t cache –Workaround: use PATH_INFO instead

42 42 Review: discouraging caching Use POST instead of GET Use random strings and “?” char in URL Omit Content-Length & Last-Modified Send explicit headers on response –Breaks the back button –Only as a last resort Cache-Control: max-age=0,no-cache,no-store Expires: Thu, 01 Jan 1970 12:34:56 GMT Pragma: no-cache

43 43 Recommended Reading Web Caching and Replication –Michael Rabinovich & Oliver Spatscheck –Addison-Wesley, 2001 Web Caching –Duane Wessels –O'Reilly, 2001

44 44 Wrapping Up Please fill out Session Eval Form –Session: WE16 –Title: HTTP Caching & Cache-busting –Speaker: Michael Radwin Slides online –http://public.yahoo.com/~radwin/

45 45

Download ppt "1 HTTP Caching & Cache-Busting for Content Publishers Michael J. Radwin ApacheCon 2004 November 17, 2004."

Similar presentations

HTTP HyperText Transfer Protocol. HTTP Uses TCP as its underlying transport protocol Uses port 80 Stateless protocol (i.e. HTTP Server maintains no information.

HTTP HyperText Transfer Protocol. HTTP Uses TCP as its underlying transport protocol Uses port 80 Stateless protocol (i.e. HTTP Server maintains no information.
1 Caching in HTTP Representation and Management of Data on the Internet.

1 Caching in HTTP Representation and Management of Data on the Internet.
HTTP – HyperText Transfer Protocol

HTTP – HyperText Transfer Protocol
Web basics HTTP –http://www.ietf.org/rfc/rfc2616.txt –http://www2002.org/CDROM/refereed/444/ URI/L/Ns –http://www.ietf.org/rfc/rfc2396.txt HTML –http://www.w3.org/TR/html401/

Web basics HTTP – – URI/L/Ns – HTML –
Chapter 9 Application Layer, HTTP Professor Rick Han University of Colorado at Boulder

Chapter 9 Application Layer, HTTP Professor Rick Han University of Colorado at Boulder
1 HTTP – HyperText Transfer Protocol Part 1. 2 Common Protocols In order for two remote machines to “ understand ” each other they should –‘‘ speak the.

1 HTTP – HyperText Transfer Protocol Part 1. 2 Common Protocols In order for two remote machines to “ understand ” each other they should –‘‘ speak the.
16-Jun-15 HTTP Hypertext Transfer Protocol. 2 HTTP messages HTTP is the language that web clients and web servers use to talk to each other HTTP is largely.

16-Jun-15 HTTP Hypertext Transfer Protocol. 2 HTTP messages HTTP is the language that web clients and web servers use to talk to each other HTTP is largely.
HTTP Hypertext Transfer Protocol. HTTP messages HTTP is the language that web clients and web servers use to talk to each other –HTTP is largely “under.

HTTP Hypertext Transfer Protocol. HTTP messages HTTP is the language that web clients and web servers use to talk to each other –HTTP is largely “under.
How the web works: HTTP and CGI explained

How the web works: HTTP and CGI explained
What’s a Web Cache? Why do people use them? Web cache location Web cache purpose There are two main reasons that Web cache are used:  to reduce latency.

What’s a Web Cache? Why do people use them? Web cache location Web cache purpose There are two main reasons that Web cache are used:  to reduce latency.
HTTP Exercise 01. Three Internet Protocols IP TCP HTTP Routes messages thru “Inter-network “ 2-way Connection between programs on 2 computers So they.

HTTP Exercise 01. Three Internet Protocols IP TCP HTTP Routes messages thru “Inter-network “ 2-way Connection between programs on 2 computers So they.
Chapter 2 Application Layer Computer Networking: A Top Down Approach Featuring the Internet, 3 rd edition. Jim Kurose, Keith Ross Addison-Wesley, July.

Chapter 2 Application Layer Computer Networking: A Top Down Approach Featuring the Internet, 3 rd edition. Jim Kurose, Keith Ross Addison-Wesley, July.
Web, HTTP and Web Caching

Web, HTTP and Web Caching
Hypertext Transfer Protocol Information Systems 337 Prof. Harry Plantinga.

Hypertext Transfer Protocol Information Systems 337 Prof. Harry Plantinga.
2/9/2004 Web and HTTP February 9, 2004. 2/9/2004 Assignments Due – Reading and Warmup Work on Message of the Day.

2/9/2004 Web and HTTP February 9, /9/2004 Assignments Due – Reading and Warmup Work on Message of the Day.
Hypertext Transport Protocol CS - 328 Dick Steflik.

Hypertext Transport Protocol CS Dick Steflik.
1 Caching  Temporary storage of frequently accessed data (duplicating original data stored somewhere else)  Reduces access time/latency for clients 

1 Caching  Temporary storage of frequently accessed data (duplicating original data stored somewhere else)  Reduces access time/latency for clients 
Basics of the HTTP Protocol and Apache Web Server Brandon Checketts.

Basics of the HTTP Protocol and Apache Web Server Brandon Checketts.
Web technologies and programming cse4461 - hypermedia and multimedia technology Fanis Tsandilas April 3, 2007.

Web technologies and programming cse hypermedia and multimedia technology Fanis Tsandilas April 3, 2007.
Web Hacking 1. Overview Why web HTTP Protocol HTTP Attacks 2.

Web Hacking 1. Overview Why web HTTP Protocol HTTP Attacks 2.

Similar presentations

Ads by Google