The Now CDN is enabled automatically for both the Free and Unlimited plans. Your deployments will benefit from automatic immutable static caching, upon request in a region, and if supplying Cache-Control headers, all dynamic responses from lambdas will also be cached in all regions.


The Cache-Control header can include a number of directives, separated by comma.

Caching directives break down the caching controls into three categories:


When aliasing, we automatically purge the cache so that no stale content is ever delivered.


  • max-age=<seconds> indicates when response is to be considered stale. It is represented in seconds since it was downloaded from the origin server.
  • s-maxage=<seconds> indicates when the response is to be considered stale by shared caches. It takes precedence over max-age.
  • no-cache indicates the response MUST NOT be used to satisfy a subsequent request without successful validation on the origin server.


  • must-revalidate indicates that once it has become stale, a cache (client or proxy) MUST revalidate the content before using the cached entry.
  • proxy-revalidate has the same definition as the must-revalidate directive, except that it only applies to shared caches.
  • stale-while-revalidate=<seconds> indicates that caches MAY serve the response in which it appears after it becomes stale, up to the indicated number of seconds since the object expired.
  • stale-if-error=<seconds> indicates that when an error is encountered, a cached stale response may be used to satisfy the request, regardless of other freshness information.


  • no-transform indicates that an intermediary proxy and/or cache must not transform the payload.
  • immutable indicates to clients that the response body will not change over time.


We recommend leveraging shared caches over client caches. For example, Cache-Control: max-age=0, s-maxage=86400 may be used to instruct shared caches to cache for 86400 seconds and clients to not cache. Similarly, Cache-Control: max-age=60, s-maxage=86400 instructs shared caches to cache for 86400 seconds and clients to cache for 60 seconds.

Bypassing cache

If no Cache-Control response header is present, the Now routing layer adds Cache-Control: s-maxage=0, to ensure that no shared caches will cache content that wasn't explicitly marked as cacheable.

Any request where the client appends an Authorization or Pragma header will bypass the cache.

The cache is also always skipped when an HTTP cookie named _now_no_cache is present or if a query string parameter named _now_no_cache=1 is present.