when a browser sends a request where the time indicated by the value of the max-age directive or expires header is in the past, the correct behavior is to:

• revalidate the clients copy
• if the eTag has changed or last-mod time is different than the client's copy:
  • send a 200 response, including the new version of the content
• if the eTag has not changed or last-mod time is the same as the client's copy:
  • send a 304 response with no body content, and header values that indicate max-age/expires time

currently, when the ttl has elapsed and a request is received for the expired data, no revalidation is performed and a 200 response is always sent that includes the entire response data.