diff --git a/src/content/docs/cache/how-to/cache-keys.mdx b/src/content/docs/cache/how-to/cache-keys.mdx index 95f757e5b79a3c..d8c13121cbceb6 100644 --- a/src/content/docs/cache/how-to/cache-keys.mdx +++ b/src/content/docs/cache/how-to/cache-keys.mdx @@ -83,11 +83,8 @@ Headers control which headers go into the Cache Key. Similar to Query String, yo When you include a header, the header value is included in the Cache Key. For example, if an HTTP request contains an HTTP header like `X-Auth-API-key: 12345`, and you include the `X-Auth-API-Key header` in your Cache Key Template, then `12345` appears in the Cache Key. -To check for the presence of a header without including its actual value, use the `check_presence` option. +In the **Check if header contains** section, you can add header names and their values to the cache key. For custom headers, values are optional, but for the following restricted headers, you must include one to three specific values: -Currently, you can only exclude the `Origin` header. The `Origin` header is always included unless explicitly excluded. Including the [Origin header](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin) in the Cache Key is important to enforce [CORS](https://developer.mozilla.org/en-US/docs/Glossary/CORS). Additionally, you cannot include the following headers: - -* Headers that have high cardinality and risk sharding the cache * `accept` * `accept-charset` * `accept-encoding` @@ -95,6 +92,13 @@ Currently, you can only exclude the `Origin` header. The `Origin` header is alwa * `accept-language` * `referer` * `user-agent` + +To check for the presence of a header without including its actual value, use the **Check presence of** option. + +Currently, you can only exclude the `Origin` header. The `Origin` header is always included unless explicitly excluded. Including the [Origin header](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin) in the Cache Key is important to enforce [CORS](https://developer.mozilla.org/en-US/docs/Glossary/CORS). + +Additionally, you cannot include the following headers: + * Headers that re-implement cache or proxy features * `connection` * `content-length` diff --git a/src/content/docs/cache/how-to/cache-rules/settings.mdx b/src/content/docs/cache/how-to/cache-rules/settings.mdx index 024bc2dedcece0..aa1c8c3bfe4786 100644 --- a/src/content/docs/cache/how-to/cache-rules/settings.mdx +++ b/src/content/docs/cache/how-to/cache-rules/settings.mdx @@ -178,7 +178,17 @@ Define the request components used to define a [custom cache key](/cache/how-to/ Enterprise customers have these additional options for custom cache keys: * In the **Query string** section, you can select **All query string parameters**, **All query string parameters except** and enter an exception, **No query parameters except** and enter the parameters, or **Ignore query string** (also available for pay-as-you-go customers). -* In the **Headers** section, you can include headers names and their values, check the presence of another header, and **Include origin header**. +* In the **Headers** section, you can specify header names along with their values. For custom headers, values are optional; however, for the following restricted headers, you must include one to three specific values: + + * `accept` + * `accept-charset` + * `accept-encoding` + * `accept-datetime` + * `accept-language` + * `referer` + * `user-agent` + + To check for a header's presense wihtout including its value, use the **Check presence of** option. You can also choose whether to **Include origin header**. * In the **Cookie** section, you can include cookie names and their values, and check for the presence of another cookie. * In the **Host** section, you can select **Use original host** and **Resolved host**. In the **User** section, you can select **Device type**, **Country**, and **Language**.