HTTP Cache Expiration

Edit this page

The expiration model is the most efficient and straightforward of the two caching models and should be used whenever possible. When a response is cached with an expiration, the cache returns it directly without hitting the application until the cached response expires.

The expiration model can be accomplished using one of two, nearly identical, HTTP headers: Expires or Cache-Control.

Expiration and Validation

You can use both validation and expiration within the same Response. As expiration wins over validation, you can benefit from the best of both worlds. In other words, by using both expiration and validation, you can instruct the cache to serve the cached content, while checking back at some interval (the expiration) to verify that the content is still valid.

Expiration with the Cache-Control Header

Most of the time, you will use the Cache-Control header, which is used to specify many different cache directives:

1
2
3
4
5
6
7
8
use Symfony\Component\HttpKernel\Attribute\Cache;
// ...

#[Cache(public: true, maxage: 600)]
public function index(): Response
{
    // ...
}

The Cache-Control header would take on the following format (it may have additional directives):

1
Cache-Control: public, max-age=600

Note

Using the setSharedMaxAge() method is not equivalent to using both setPublic() and setMaxAge() methods. According to the Serving Stale Responses section of RFC 7234, the s-maxage setting (added by setSharedMaxAge() method) prohibits a cache to use a stale response in stale-if-error scenarios. That's why it's recommended to use both public and max-age directives.

Expiration with the Expires Header

An alternative to the Cache-Control header is Expires. There's no advantage or disadvantage to either.

According to the HTTP specification, "the Expires header field gives the date/time after which the response is considered stale." The Expires header can be set with the expires option of the #[Cache] attribute or the setExpires() Response method:

1
2
3
4
5
6
7
8
use Symfony\Component\HttpKernel\Attribute\Cache;
// ...

#[Cache(expires: '+600 seconds')]
public function index(): Response
{
    // ...
}

The resulting HTTP header will look like this:

1
Expires: Thu, 01 Mar 2011 16:00:00 GMT

Note

The expires option and the setExpires() method automatically convert the date to the GMT timezone as required by the specification.

Note that in HTTP versions before 1.1 the origin server wasn't required to send the Date header. Consequently, the cache (e.g. the browser) might need to rely on the local clock to evaluate the Expires header making the lifetime calculation vulnerable to clock skew. Another limitation of the Expires header is that the specification states that "HTTP/1.1 servers should not send Expires dates more than one year in the future."

Note

According to the Calculating Freshness Lifetime section of RFC 7234, the Expires header value is ignored when the s-maxage or max-age directive of the Cache-Control header is defined.

Applying Cache Conditionally

8.1

The if option of the #[Cache] attribute was introduced in Symfony 8.1.

Use the if option to apply the #[Cache] attribute only when a given condition is met. This option accepts a closure or an ExpressionLanguage expression that receives the Request object and the controller arguments and must return a boolean value:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Attribute\Cache;
// ...

// Using a closure
#[Cache(
    public: true,
    maxage: 3600,
    if: static fn (Request $request): bool => $request->query->has('cache')
)]
public function index(Request $request): Response
{
    // ...
}

// Using an expression
#[Cache(
    public: true,
    maxage: 3600,
    if: "request.query.has('cache')"
)]
public function show(Request $request): Response
{
    // ...
}

When the condition evaluates to true, the cache headers are applied; when it evaluates to false, they are not.

This is useful when you need to enable caching based on runtime conditions such as user authentication state, feature flags, or request parameters. It is also helpful when the controller does not return a Response object directly (e.g. when using FOSRestBundle or other libraries that handle view rendering).

Note

The #[Cache] attribute is repeatable. When multiple attributes are defined on the same controller, they are evaluated in order and the first one whose condition returns true is applied. If no condition matches, no cache headers are set by the attribute.

This work, including the code samples, is licensed under a Creative Commons BY-SA 3.0 license.
TOC
    Version