Important Note

This tutorial assumes you have already created a Pull Zone.

There are scenarios where cookies can be used on your website and set-cookie is used on origin files used for authentication, session id, etc. By nature, cookies are un-cacheable and therefore files containing them are also un-cacheable, which adds up to a bad experience when loading CDN assets containing set-cookie.

As all other un-cacheable files, a CDN will only work as a simple proxy when end user requests the cookie-file from the CDN – each time the CDN will proxy this request to origin and deliver file via reverse path:

Browser (end user) → CDN → Origin → CDN → Browser (end user). This scenario will greatly increase the load time, and is not the experience you want!

HTTP header containing set-cookie:

HTTP/1.1 200 OK
Content-type: text/html
Set-Cookie: name=value
Set-Cookie: name2=value2; Expires=Fri, 05-Apr-2013 10:11:12 GMT

You can verify the CDN is not caching this file (or these files) by running a “curl” command like:

curl -I http://foo.bar.netdna-cdn.com/file.ext
HTTP/1.1 200 OK
Date: Fri, 05 Apr 2013 14:12:20 GMT
Content-Type: text/css
Connection: keep-alive
Cache-Control: max-age=999999, public
Expires: Thu, 21 May 2014 20:00:00 GMT
Vary: Accept-Encoding
Last-Modified: Thu, 24 Jan 2013 20:00:00 GMT
Set-Cookie: Name=xxxxxxxxxxxxxxxxxxxxxxxxxx; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.domain.com
Server: NetDNA-cache/2.2
X-Cache: MISS  <----------------  FILE NOT CACHED

A solution for this gap would be to simply ignore cookies in requests and force CDN to cache the file(s). We have implemented a useful option you can reach through the control panel — Strip All Cookies:

strip-cookies

Re-run the previous command and you should be able to verify that file is now successfully cached (X-Cache: HIT):

curl -I http://foo.bar.netdna-cdn.com/file.ext
HTTP/1.1 200 OK
Date: Fri, 05 Apr 2013 14:12:20 GMT
Content-Type: text/css
Connection: keep-alive
Cache-Control: max-age=999999, public
Expires: Thu, 21 May 2014 20:00:00 GMT
Vary: Accept-Encoding
Last-Modified: Thu, 24 Jan 2013 20:00:00 GMT
Set-Cookie: Name=xxxxxxxxxxxxxxxxxxxxxxxxxx; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.domain.com
Server: NetDNA-cache/2.2
X-Cache: HIT  <----------------  FILE CACHED

Note:

If you use CloudFlare you will follow same settings, as CF adds set-cookie to origin files preventing the CDN from caching those files. Refer to this page: How to use the CDN with CloudFlare

Flow Scheme