100% Free Forever
AI-Powered Learning
Industry Expert Content
Certificates & Badges
Learn At Your Own Pace

What CDN Caching Strategies Should You Know?

Learn CDN caching strategies — hashed asset immutability, stale-while-revalidate, cache keys, and active invalidation.

mediumQ179 of 224 in Web Development Est. time: 6 minsLast updated:
Open Code Lab

Expected Interview Answer

A CDN caches copies of responses at edge nodes geographically close to users, and the key strategy decisions are what to cache (static assets vs API responses), how long (via Cache-Control max-age and stale-while-revalidate), and how to invalidate it correctly (versioned URLs/content hashing vs active purging) so users get fast responses without ever seeing stale content they shouldn’t.

Static assets like JS bundles, CSS, and images are the easiest CDN win: they are content-addressed by a hash in the filename (e.g. app.a1b2c3.js), so they can be cached with an effectively infinite max-age and immutable directive, because a content change produces a new URL rather than mutating the cached one — this sidesteps invalidation entirely. HTML and dynamic API responses are trickier: they change per deploy or per data update, so a short max-age combined with stale-while-revalidate lets the CDN serve a slightly stale cached copy instantly while it revalidates against the origin in the background, giving users fast responses without them ever waiting on a cache miss. For content that must invalidate immediately, like a price update, CDNs offer active purge/invalidation APIs to explicitly evict a specific path from all edge nodes rather than waiting for a TTL to expire. Cache keys also matter: if an API response varies by header (Authorization, Accept-Language) or query string, the CDN’s cache key configuration must include those dimensions, or it risks either serving one user’s personalized response to another (a serious bug) or fragmenting the cache uselessly by including irrelevant variance.

  • Content-hashed static assets can cache near-forever, sidestepping invalidation entirely
  • stale-while-revalidate serves fast cached responses while refreshing in the background
  • Active purge APIs handle time-sensitive invalidation without waiting on TTL expiry
  • Correct cache-key configuration prevents both cache-key collisions and needless fragmentation

AI Mentor Explanation

CDN caching is like regional sports bars each keeping a printed copy of the match scorecard so fans nearby do not need to call the stadium directly for every update. A scorecard tagged with the exact over number never needs changing, since a new over just gets a new tag, but the live “current score” sheet is refreshed on a short timer and shown immediately even while a fresh copy is being fetched from the stadium. If a result needs correcting urgently, like an overturned decision, the league can push an instant update to every bar rather than waiting for the timer. That hash-tagged-permanent-data plus timed-refresh plus instant-override strategy is exactly how CDN caching balances speed and freshness.

Step-by-Step Explanation

  1. Step 1

    Classify content by change frequency

    Separate content-hashed immutable assets from dynamic HTML/API responses that change over time.

  2. Step 2

    Set Cache-Control accordingly

    Use max-age=31536000, immutable for hashed static assets; a short max-age with stale-while-revalidate for dynamic content.

  3. Step 3

    Configure the correct cache key

    Include only the headers/query params that actually vary the response (e.g. Accept-Language), avoiding cache-key collisions or fragmentation.

  4. Step 4

    Handle time-sensitive invalidation actively

    Use the CDN’s purge/invalidation API for content that must update immediately rather than waiting on TTL expiry.

What Interviewer Expects

  • Distinction between content-hashed static assets and dynamic content caching strategies
  • Understanding of stale-while-revalidate and why it improves perceived latency
  • Awareness of cache-key configuration risks (collisions vs fragmentation)
  • Knowledge of active purge/invalidation as a tool for urgent content changes

Common Mistakes

  • Caching personalized or authenticated responses without including the right cache-key dimensions, leaking one user’s data to another
  • Setting long max-age on non-hashed HTML, causing stale deploys to linger for users
  • Relying only on TTL expiry for content that needs instant invalidation, like pricing errors
  • Assuming a CDN cache behaves identically to a browser cache in terms of shared vs private caching

Best Answer (HR Friendly)

A CDN keeps copies of a website’s files on servers around the world so people load them from somewhere nearby instead of the original server every time. Files that never change once published, like a versioned image, can be cached basically forever. Content that updates often gets a short cache time with a background refresh, and if something needs to change instantly, like an urgent price fix, the CDN can be told to clear that specific cached copy right away.

Code Example

Cache-Control strategy by content type
app.get('/static/app.:hash.js', (req, res) => {
  // Content-hashed filename means the URL changes on every build
  res.set('Cache-Control', 'public, max-age=31536000, immutable')
  res.sendFile(bundlePath)
})

app.get('/api/products/:id', async (req, res) => {
  const product = await getProduct(req.params.id)
  // Serve stale instantly, revalidate against origin in the background
  res.set('Cache-Control', 'public, max-age=30, stale-while-revalidate=300')
  res.json(product)
})

// Urgent invalidation via CDN purge API
async function purgePath(path) {
  await fetch('https://api.cdn.example.com/purge', {
    method: 'POST',
    headers: { Authorization: `Bearer ${process.env.CDN_TOKEN}` },
    body: JSON.stringify({ path }),
  })
}

Follow-up Questions

  • What is the difference between stale-while-revalidate and stale-if-error?
  • Why is it risky to cache a response that varies by the Authorization header without including it in the cache key?
  • How would you design a cache invalidation strategy for a rapidly-changing e-commerce inventory count?
  • What is the difference between a CDN edge cache and an origin shield/regional cache layer?

MCQ Practice

1. Why can content-hashed static assets be cached with a near-infinite max-age?

Content-hashed filenames sidestep invalidation entirely: a change produces a new URL, not a mutation of the cached one.

2. What does stale-while-revalidate do?

It gives users a fast response immediately while the cache quietly revalidates against the origin for the next request.

3. What risk arises from misconfiguring a CDN cache key for a personalized API response?

If a varying dimension like Authorization is not part of the cache key, a cached personalized response can leak across users.

Flash Cards

Why cache hashed static assets forever?A content change produces a new URL, so the cached response never actually goes stale.

What does stale-while-revalidate do?Serves a cached response instantly while refreshing it from origin in the background.

How do you handle urgent invalidation?Use the CDN’s active purge/invalidation API instead of waiting on TTL expiry.

What is a cache-key collision risk?Serving one user’s personalized cached response to a different user due to missing cache-key dimensions.

1 / 4

Continue Learning