What is the difference between s-maxage and max-age in Cache-Control?

s-maxage sets the TTL for shared caches like CDNs and overrides max-age for them. The browser ignores s-maxage and uses max-age. Setting both lets you control browser and CDN TTLs independently.

What is a surrogate key and why is it useful?

A surrogate key (or cache tag) is a label attached to cached responses via a response header. You can purge all responses sharing a tag in one API call — far faster than enumerating every URL, especially for CMS content.

Why do content-hashed assets not need cache purge?

The filename changes whenever content changes (main.abc123.js). Old URLs remain valid forever; new content gets a new URL. Combined with max-age=31536000, immutable, browsers and CDNs never need to revalidate.

What is stale-while-revalidate at the CDN level?

The CDN serves the stale cached response immediately while fetching a fresh copy from the origin in the background. The next request gets the updated version, with zero added latency to the current one.

What breaks if you set a long s-maxage on HTML documents?

After a deploy, cached HTML references old hashed asset filenames that may have been removed. Users get a broken page until the HTML cache expires. Keep s-maxage short on HTML and purge on deploy.

What is shield (tiered) caching and what does it solve?

A shield PoP sits between edge PoPs and the origin. On a cache miss, edge PoPs fetch from the shield rather than the origin, collapsing many parallel misses into one origin request.

CDN & Edge Caching · fearchitect

Summary

A CDN caches responses at Points of Presence (PoPs) worldwide. Requests hit the nearest PoP instead of the origin, cutting latency and origin load. Cache lifetime at the edge is governed by `Cache-Control: s-maxage`; surrogate keys let you purge by tag rather than URL. Content-hashed assets use `immutable` for forever-caching; mutable resources pair short TTLs with on-demand purge.

Jump to the interview angle

A CDN (Content Delivery Network) places reverse-proxy caches at Points of Presence (PoPs) — data centers distributed close to users. When a response is cached at a PoP, subsequent requests for that URL are served from memory in single-digit milliseconds rather than crossing the globe to the origin. The CDN identifies what to cache and for how long via Cache-Control response headers, specifically s-maxage, which targets shared caches and overrides max-age for them.

Request flow: user → nearest PoP → optional shield PoP → origin. Hits return immediately; misses propagate up the hierarchy.

Cache keys, TTLs, and invalidation

The **cache key** is URL + selected `Vary` headers (e.g. `Accept-Encoding`). Query strings are included by default.
`Cache-Control: s-maxage=N` sets the edge TTL; `max-age` controls the browser TTL independently.
**Surrogate keys** (Fastly) / **cache tags** (Cloudflare) attach logical labels to responses so you purge by tag, not URL.
`stale-while-revalidate=N` at the edge serves stale while fetching fresh in the background — zero-latency deploys.
Content-hashed filenames (`main.abc123.js`) plus `Cache-Control: public, max-age=31536000, immutable` remove the need to purge at all.
**Shield / tiered caching** collapses origin traffic: only one PoP fetches from origin per cache miss worldwide.

Invalidation strategies

	Strategy	Granularity	Latency to take effect
TTL expiry (s-maxage)	URL	Up to full TTL	Slowly changing content
On-demand URL purge	URL	Seconds via API	Known URLs, post-deploy HTML
Surrogate-key / tag purge	Tag group	Seconds via API	CMS pages sharing a tag
Content hashing + immutable	Filename change	Instant (no purge needed)	JS, CSS, image assets

Never cache HTML with long s-maxage

HTML is the entry point. A stale HTML document references hashed asset URLs that may no longer exist post-deploy, breaking the page for every cached user. Set s-maxage to 60 seconds or less on HTML, or use on-demand purge triggered by your deploy pipeline. Reserve long TTLs for content-hashed static assets only.

Interview angle

Interviewers test whether you know that s-maxage targets CDNs and max-age targets browsers. Strong answers explain cache key construction, surrogate-key purge, and why content hashing makes invalidation unnecessary for static assets.

Soundbite: "Hash filenames for immutable caching; use surrogate keys to purge mutable content by tag, not URL."

Key terms

PoP (Point of Presence): A CDN edge data center geographically near users where responses are cached.
s-maxage: Cache-Control directive setting TTL for shared caches (CDNs); overrides max-age for them.
Surrogate key: A tag attached to cached responses (via header) enabling bulk purge by label, not URL.
Cache key: The lookup key — URL plus any selected Vary headers — that identifies a cached entry.
Shield / tiered caching: A designated PoP that absorbs origin traffic; other PoPs fill from it instead of the origin.

Summary

Cache keys, TTLs, and invalidation

Invalidation strategies

Interview angle

Key terms

Related topics

Further reading

Search fearchitect