"no-cache" indicates that the returned response can't be used to satisfy a subsequent request to the same URL without first checking with the server if the response has changed.
As a result, if a proper validation token (ETag) is present, no-cache incurs a roundtrip to validate the cached response, but can eliminate the download if the resource has not changed. It simply disallows the browser and all intermediate caches from storing any version of the returned response—for example, one containing private personal or banking data.
Tip: The HTML5 Boilerplate project contains sample configuration files for all the most popular servers with detailed comments for each configuration flag and setting.
Find your favorite server in the list, look for the appropriate settings, and copy/confirm that your server is configured with the recommended settings.
Fetching something over the network is both slow and expensive.Every time the user requests this asset, a request is sent to the server and a full response is downloaded.If the response is marked as "public", then it can be cached, even if it has HTTP authentication associated with it, and even when the response status code isn't normally cacheable.The server generates and returns an arbitrary token, which is typically a hash or some other fingerprint of the contents of the file.The client doesn't need to know how the fingerprint is generated; it only needs to send it to the server on the next request.