s-maxage for CDN and Proxy Cache Control

What Is s-maxage?

s-maxage (shared max-age) overrides max-age for shared caches — CDNs, reverse proxies, and load balancers. The browser ignores s-maxage and uses max-age for its local cache.

Why Two Different Durations?

Different caches have different invalidation capabilities:

• CDNs support instant purging (Cloudflare purge, Fastly instant purge, AWS CloudFront invalidation). If content changes, you can purge the CDN immediately.
• Browsers cannot be purged remotely. Once cached, the only way to update is to wait for max-age to expire or change the URL.

This asymmetry means you can safely give CDNs a longer cache duration:

Cache-Control: public, max-age=60, s-maxage=86400

• Browser: Caches for 60 seconds, then revalidates
• CDN: Caches for 24 hours, but can be purged instantly if needed

Common Patterns

API with CDN acceleration:

Cache-Control: public, max-age=0, s-maxage=300, stale-while-revalidate=60

Browser always revalidates; CDN serves cached data for 5 minutes with a 60-second stale-while-revalidate window.

Blog post with CDN:

Cache-Control: public, max-age=300, s-maxage=86400

Browser caches for 5 minutes; CDN caches for 24 hours (purge on publish).

HTML page with ISR (Incremental Static Regeneration):

Cache-Control: public, max-age=0, s-maxage=3600, stale-while-revalidate=86400

CDN serves cached page for 1 hour, then revalidates in the background for up to 24 hours.

Important Notes

• s-maxage implies public. You don't strictly need to add public when using s-maxage, but it's good practice for clarity.
• s-maxage only works with shared caches. Private browser caches always use max-age.