48

I tried using this

@app.after_request
def add_header(response):
    response.headers['Cache-Control'] = 'max-age=300'
    return response

But this causes a duplicate Cache-Control header to appear. I only want max-age=300, NOT the max-age=1209600 line!

$ curl -I http://my.url.here/
HTTP/1.1 200 OK
Date: Wed, 16 Apr 2014 14:24:22 GMT
Server: Apache
Cache-Control: max-age=300
Content-Length: 107993
Cache-Control: max-age=1209600
Expires: Wed, 30 Apr 2014 14:24:22 GMT
Content-Type: text/html; charset=utf-8
wuxiekeji
  • 1,772
  • 2
  • 15
  • 22
  • This might be a dirty way but you can always check if the header 'Cache-Control' exists already and delete it if does and then add your header. Something like `if 'Cache-Control' in response.headers: del response.headers['Cache-Control'] – codegeek Apr 16 '14 at 16:08

3 Answers3

80

Use the response.cache_control object; this is a ResponseCacheControl() instance letting you set various cache attributes directly. Moreover, it'll make sure not to add duplicate headers if there is one there already.

@app.after_request
def add_header(response):
    response.cache_control.max_age = 300
    return response
Pablo Fernandez
  • 103,170
  • 56
  • 192
  • 232
Martijn Pieters
  • 1,048,767
  • 296
  • 4,058
  • 3,343
  • 9
    Also `response.cache_control.public = True`. – turdus-merula Jan 19 '17 at 17:29
  • it's still adding no-cache. flask sux – france1 Nov 28 '22 at 12:10
  • @france1: without any context, that's not something I can help with. There is no default value for the header, so if you see `Cache-Control: no-cache` in your responses **something is setting that explicitly**. Could be your Flask code, could be something else. It is **not** the default, however. Sorry, but you really can't blame this on Flask. – Martijn Pieters Nov 28 '22 at 14:53
  • @MartijnPieters yeah I understand; I figured out that it only happens when it's in development mode. I personally think that's very annoying, but... – france1 Nov 28 '22 at 20:44
  • @france1: there is no code in Flask that would do that. – Martijn Pieters Nov 28 '22 at 20:45
  • @MartijnPieters I'm sure there is, else it wouldn't do that :) – france1 Nov 28 '22 at 20:48
  • @france1: not for regular views; for `send_file` routes there are caching headers being set (see [`send_file()`](https://flask.palletsprojects.com/en/2.2.x/api/?highlight=send_file#flask.send_file)). But there is simply no code anywhere in Flask or Werkzeug that sets the cache-control header when in dev mode. I checked the source code and [ran the minimal quick-start app in dev mode](https://flask.palletsprojects.com/en/2.2.x/quickstart/#a-minimal-application) to verify. **Something else is doing this in your specific situation**. – Martijn Pieters Nov 28 '22 at 21:39
  • @MartijnPieters I only can reflect what happened in my situation; There is no "something else", because I solely have Flask and a browser. And just in case you wonder what I do: https://pastebin.com/ZiZj1xYP – france1 Nov 29 '22 at 12:29
  • and flask --version;;;;; Python 3.10.7 Flask 2.1.0 Werkzeug 2.0.1 – france1 Nov 29 '22 at 12:29
  • @france1: that's using `send_file()`, see the documentation in my last comment. The whole point of that method is to handle static files and so sets appropriate caching headers. – Martijn Pieters Nov 29 '22 at 12:30
45

You can set the default value for all static files when you create the Flask application:

app = Flask(__name__)
app.config['SEND_FILE_MAX_AGE_DEFAULT'] = 300

Note that if you modify request.cache_control in after_request, as in the accepted answer, this will also modify the Cache-Control header for static files and may override the behavior you set as I showed above. I'm currently using the following code to completely disable caching for dynamically generated content but not static files:

# No cacheing at all for API endpoints.
@app.after_request
def add_header(response):
    # response.cache_control.no_store = True
    if 'Cache-Control' not in response.headers:
        response.headers['Cache-Control'] = 'no-store'
    return response

Not completely sure this is the best way, but it's working for me so far.

aldel
  • 6,489
  • 1
  • 27
  • 32
  • 4
    Kudos for the `if 'Cache-Control' not in ...` bit, very smart to encourage people to check that! – kevlarr Dec 14 '17 at 22:19
  • @aldel What file would contain `app = Flask(__name__)` ? – TheRealFakeNews Jun 17 '19 at 23:45
  • @AlanH It has to exist somewhere in a Flask app. It would usually be one of the top-level files, i.e., the one that you run as `__main__`, or one that it imports. – aldel Jun 18 '19 at 19:36
  • 1
    `max-age=0` can also be added to force the cache to revalidate because `no-store` will only prevent a new resource from being cached, but not prevent the cache from responding with a resource from a previous request `response.headers["Cache-Control"] = "no-store, max-age=0"` – Mohamed Diaby Sep 27 '21 at 10:36
-1

I am using this in my views.py and auth.py files:

def no_cache(resp):
    resp.headers['Cache-Control'] = 'max-age=1, No-Store'

@views.route('/', METHOD=['GET'])
def home_page():
    resp = make_response(render_template("somepage.html", user=current_user), 200)
    no_cache(resp)
    return resp
bauderr
  • 47
  • 10