cloudflare · angelampcosta · Nov 7, 2024 · Nov 4, 2024 · Nov 4, 2024
@@ -83,18 +83,22 @@ Headers control which headers go into the Cache Key. Similar to Query String, yo
 
 When you include a header, the header value is included in the Cache Key. For example, if an HTTP request contains an HTTP header like `X-Auth-API-key: 12345`, and you include the `X-Auth-API-Key header` in your Cache Key Template, then `12345` appears in the Cache Key.
 
-To check for the presence of a header without including its actual value, use the `check_presence` option.
+In the **Check if header contains** section, you can add header names and their values to the cache key. For custom headers, values are optional, but for the following restricted headers, you must include one to three specific values:
 
-Currently, you can only exclude the `Origin` header. The `Origin` header is always included unless explicitly excluded. Including the [Origin header](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin) in the Cache Key is important to enforce [CORS](https://developer.mozilla.org/en-US/docs/Glossary/CORS). Additionally, you cannot include the following headers:
-
-* Headers that have high cardinality and risk sharding the cache
   * `accept`
   * `accept-charset`
   * `accept-encoding`
   * `accept-datetime`
   * `accept-language`
   * `referer`
   * `user-agent`
+
+To check for the presence of a header without including its actual value, use the **Check presence of** option.
+
+Currently, you can only exclude the `Origin` header. The `Origin` header is always included unless explicitly excluded. Including the [Origin header](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin) in the Cache Key is important to enforce [CORS](https://developer.mozilla.org/en-US/docs/Glossary/CORS). Additionally, you cannot include the following headers:
+
+Additionally, you cannot include the following headers:
+
 * Headers that re-implement cache or proxy features
   * `connection`
   * `content-length`

@@ -178,7 +178,17 @@ Define the request components used to define a [custom cache key](/cache/how-to/
 Enterprise customers have these additional options for custom cache keys:
 
 * In the **Query string** section, you can select **All query string parameters**, **All query string parameters except** and enter an exception, **No query parameters except** and enter the parameters, or **Ignore query string** (also available for pay-as-you-go customers).
-* In the **Headers** section, you can include headers names and their values, check the presence of another header, and **Include origin header**.
+* In the **Headers** section, you can specify header names along with their values. For custom headers, values are optional; however, for the following restricted headers, you must include one to three specific values:
+
+  * `accept`
+  * `accept-charset`
+  * `accept-encoding`
+  * `accept-datetime`
+  * `accept-language`
+  * `referer`
+  * `user-agent`
+
+  To check for a header's presense wihtout including its value, use the **Check presence of** option. You can also choose whether to **Include origin header**.
 * In the **Cookie** section, you can include cookie names and their values, and check for the presence of another cookie.
 * In the **Host** section, you can select **Use original host** and **Resolved host**. In the **User** section, you can select **Device type**, **Country**, and **Language**.