在问了一个关于sending “304 Not Modified” for images stored in the in the Google App Engine datastore的问题后，我现在有一个关于Cache-Control的问题。在

我的应用程序现在发送Last-Modified和Etag，但默认情况下GAE也发送Cache-Control: no-cache。根据this page：

The “no-cache” directive, according to the RFC, tells the browser that it should revalidate with the server before serving the page from the cache. [...] In practice, IE and Firefox have started treating the no-cache directive as if it instructs the browser not to even cache the page.

由于我确实希望浏览器缓存图像，我在代码中添加了以下行：

self.response.headers['Cache-Control'] = "public"

根据同一页：

The “cache-control: public” directive [...] tells the browser and proxies [...] that the page may be cached. This is good for non-sensitive pages, as caching improves performance.

问题是这是否会在某种程度上对应用程序有害？最好发送Cache-Control: must-revalidate来“强制”浏览器重新验证（我想这就是发送Cache-Control: no-cache背后的原因）

This directive insists that the browser must revalidate the page against the server before serving it from cache. Note that it implicitly lets the browser cache the page.