Header Handling
The CDN strips all headers from the user's request before forwarding it to the origin, including any cookies and the user-agent string. This ensures the request is independent of user specific data.
In the opposite direction, the CDN keeps almost every header sent by the origin untouched. The "Via" and "Set-Cookie" headers are the most prominent exceptions, which get stripped out. Some other custom headers containing CDN-generated data are also added or overwritten. Some examples:
- Age - Elapsed seconds since the object was last fetched from the origin (or revalidated);
- X-Cache - Cache access outcome (eg. HIT, MISS, etc.);
- X-Cache-Lookup - Elapsed seconds since receiving the user's request and serving it the first byte (includes the origin access time in case of a cache MISS);
- X-Cache-OID - The cached object's unique identifier;
- X-Cache-RID - The request's unique identifier, required for troubleshooting;
- X-Cache-TTL - Effective object lifetime (in seconds).
Some response headers are subject to special handling by the CDN:
- Cache-Control - The object isn't cached at all if this header happens to contain
no-cache, private or max-age=0; - Content-Length - Objects with unspecified length or larger than 32MB are not stored in cache;
- X-Cache-TTL - CDN lifetime (in seconds) for the object (see Controlling Object Lifetime).
Data Sent to Content Origins
Every request forwarded to the origin includes a set of headers with additional data:
- X-Real-IP - The user's IPv4 (or IPv6) address;
- X-Stratus-For - The actual full path requested by the user;
- X-Stratus-OID - The cached object's unique identifier;
- X-Stratus-Prefix - The object's CDN base address (eg. "/1/c123456/imgs/v1/8417951655dc1a0");
- X-Stratus-RID - The request's unique identifier, required for troubleshooting;
- X-Stratus-Token - Fixed token based on the mapping's secret key.
This data may be used at the origin's discretion to special handle CDN requests, if necessary.