Cache Set-Cookie
What is cookie
The HTTP protocol is stateless by default, with each request being an independent event. Cookies are small pieces of data sent from a website and stored in the client browser, supporting the website to remember stateful information (such as items added to a shopping cart) and/or record client browsing activity (such as login).
What is Set-Cookie
Set-Cookie is a segment of the header field in the HTTP protocol used to transmit HTTP cookie information between web servers and clients. Some attribute values can be set, and the syntax of the Set Cookie header is as follows:
Set-Cookie: name=value; expires=date; path=path; domian-domain; secure
| Value | Description |
|---|---|
| name | Necessary. Specify the name of the cookie. |
| value | Necessary. Specify the value of cookies. |
| expire | Optional. Specify the validity period of cookies. |
| path | Optional. Specify the server path for cookies. |
| domain | Optional. Specify the domain name for cookies. |
| secure | Optional. Specify whether cookies are transmitted through a secure HTTPS connection. |
Principle
When applying the 'cache Set-Cookie' function to CDN, we first need to understand the principle of the use of Set-Cookie. Let's take the process of logging into a website as an example.
When we log in to the website
●Enter account password, etc., and these data will be sent along with the request.
Server receives search requests
●Extract user information.
●Complete user authentication and redirect to the login page.
●At this point, the input data will also be filled into the Set Cookie field and sent back to the client.
When the browser receives a response from the server
●The browser will save the data in the fields in the internal cookie file, and the role of Set Cookie is equivalent to commanding the client to write the carried fields into the cookie.
When visiting the website again
●Automatically fill the data in the cookie file into the request without the need for manual input again.
CDN Cache Set-Cookie Enable or Disable Options
As mentioned above, in some cases, it makes sense to add the Set Cookie header to certain responses when providing HTML files. Usually, adding the Set-Cookie header to the response doesn't make much sense when providing static resources such as images, CSS, and JavaScript. Therefore, if you want to use them as a source for CDN services, you need to instruct the CDN cache to include responses with Set-Cookie headers.
The cache Set-Cookie function is usually not enabled, that is, Set-Cookie are not cached; If the cache Set Cookie is enabled, it means that the response from the CDN service will contain the Set Cookie header, which will reuse the same response. Taking the login site as an example, this may result in different customers accessing your same account.