Script Valley
HTTP & The Web: How It Actually Works
Caching and Performance/Assessment

Practice & Assessment

Test your understanding of Caching and Performance

Multiple Choice Questions

6
1

You set Cache-Control: public, max-age=86400 on a page that shows the logged-in user's name. What security problem does this create?

2

A browser has a cached CSS file with ETag: "v2" and the cache has expired. What does the browser send in its next request?

3

Your static JS bundle is set to Cache-Control: max-age=31536000, immutable. You deploy a bug fix. How do you ensure users get the new file?

4

An API response includes Vary: Cookie. What effect does this have on CDN caching?

5

Which Cache-Control directive should you add when you need a cache to revalidate even during offline/error conditions, refusing to serve stale data?

6

A developer adds Pragma: no-cache to all API responses. What does this actually do in modern browsers?

Coding Challenges

1
1

Cache Policy Analyzer

Write a script that accepts a list of URLs and fetches each one using HTTP. For each URL, extract and analyze the Cache-Control, ETag, Last-Modified, Expires, Vary, and Age headers. Print a summary table showing: the URL, whether it is cacheable (yes/no), the cache duration in seconds (or 'none'), whether ETags are enabled, whether it uses Vary and on what headers. Flag any URLs with Vary: Cookie or Cache-Control: no-store as 'not CDN cacheable'. Estimated time: 25–30 minutes.

Medium

Mini Project

1

Caching HTTP Server with ETag Support

Build a static file server (Node.js or Python) that serves files from a local directory with full HTTP caching support. The server must: (1) compute a strong ETag for each file based on its content hash (MD5 or SHA1); (2) set Cache-Control: public, max-age=3600 for all files; (3) respond with 304 Not Modified when If-None-Match matches the current ETag; (4) respond with 304 when If-Modified-Since is valid and the file has not changed; (5) serve correct Content-Type based on file extension; (6) log each request with a HIT or MISS label depending on whether 304 or 200 was served. Test with curl -v --header 'If-None-Match: <etag>' to verify 304 responses.

Medium