# Bad value “Cache-Control” for attribute “http-equiv” on element “meta”.

> Canonical HTML version: https://rocketvalidator.com/html-validation/bad-value-cache-control-for-attribute-http-equiv-on-element-meta
> Attribution: Rocket Validator (https://rocketvalidator.com)
> License: CC BY 4.0 (https://creativecommons.org/licenses/by/4.0/)

The `http-equiv` attribute on the `<meta>` element is designed to simulate certain HTTP response headers when a server isn't configured to send them directly. However, the HTML specification only permits a limited set of values for this attribute. According to the WHATWG HTML living standard, the valid `http-equiv` values are:

- `content-type` — an alternative way to declare character encoding
- `default-style` — sets the preferred stylesheet
- `refresh` — redirects or reloads the page after a delay
- `x-ua-compatible` — specifies document compatibility mode for Internet Explorer
- `content-security-policy` — declares a content security policy

Using `Cache-Control` as an `http-equiv` value is a pattern that originated in early web development, when some browsers attempted to honor cache directives set through `<meta>` tags. In practice, modern browsers ignore `<meta http-equiv="Cache-Control">` entirely. Caching behavior is determined by actual HTTP response headers sent by the server, not by `<meta>` tags in the document body. This means the tag not only triggers a validation error but also has no practical effect — it gives a false sense of control over caching while doing nothing.

This matters for several reasons. Invalid HTML can cause unexpected behavior in browsers, particularly edge cases with older or less common user agents. It also undermines confidence in your markup — if a validator flags issues, it becomes harder to spot genuinely important errors. Additionally, relying on a non-functional tag for caching can lead to real problems if developers assume caching is being handled when it isn't.

The correct approach is to configure cache-control headers on your web server or application layer. Every major web server and framework provides a straightforward way to set `Cache-Control` HTTP headers.

For **Apache**, you can add this to your `.htaccess` or server configuration:

```
Header set Cache-Control "no-cache, no-store, must-revalidate"
```

For **Nginx**, use:

```
add_header Cache-Control "no-cache, no-store, must-revalidate";
```

In a **Node.js/Express** application:

```js
res.set('Cache-Control', 'no-cache, no-store, must-revalidate');
```

## Examples

### Invalid: Using `Cache-Control` as an `http-equiv` value

```html
<!DOCTYPE html>
<html lang="en">
<head>
  <title>My Page</title>
  <meta http-equiv="Cache-Control" content="no-cache">
  <meta http-equiv="Pragma" content="no-cache">
  <meta http-equiv="Expires" content="0">
</head>
<body>
  <p>This page attempts to control caching via meta tags.</p>
</body>
</html>
```

In this example, all three `<meta>` tags are problematic. `Cache-Control` and `Pragma` are not valid `http-equiv` values. While `Expires` was historically used, it is also not in the current list of conforming values in the WHATWG specification.

### Fixed: Removing invalid `<meta>` tags

```html
<!DOCTYPE html>
<html lang="en">
<head>
  <title>My Page</title>
  <!-- Cache-Control should be set via server HTTP headers -->
</head>
<body>
  <p>Caching is now properly handled server-side.</p>
</body>
</html>
```

The invalid `<meta>` tags are removed entirely. Cache behavior is configured on the server, where it actually takes effect.

### Valid: Using a permitted `http-equiv` value

```html
<!DOCTYPE html>
<html lang="en">
<head>
  <title>Redirecting</title>
  <meta http-equiv="refresh" content="5;url=https://example.com">
</head>
<body>
  <p>You will be redirected in 5 seconds.</p>
</body>
</html>
```

This example uses `refresh`, which is a valid `http-equiv` value. It demonstrates what the attribute is actually designed for — a small set of well-defined, browser-supported directives.