Automatic Signed Exchanges (SXGs) Beta Launch

Hi Giri. Looks like your zone has a vary:cookie header.

If the zone has a vary: cookie header, a signed exchange will not be generated to avoid situations where content is not cacheable. We’ll add this our documentation, and hopefully fix it in the coming weeks.

Thank you.

1 Like

Hi Flo,

I just messaged you. Looks like a signed exchange is successfully created for your zone.

@firat do you have an extensive list of what headers etc are stripped when SXGs is enabled? i.e. is last-modified stripped?

Hello Sir!

Query regarding SXGs…

May I know if Google will clear its cache after I purge the Cloudflare or site cache?

I noticed that if I searched via Google, the old website design shows up not the new one (it was served through SXGs).

1 Like

Hey Folks,
I have Cloudflare Pro and using APO integration with my WP Website. I have tried SXGs for my website and totally loved the performance difference while opening the site from the Google search. But my only concern is the cache period of SXGs.

For example, I run a website https://www.apssb.in that mainly focus on the resources for students and employment seekers. Whenever an exam result or an interview result is announced, I will update the existing article with direct links to check the same.

But the problem is Google keeps serving the cached SXG for almost 1 hour and users landing from the Google Search can’t see the updated content of my website.

I noticed the Google Cached SXG (Redirecting) has cache-control:private, max-age=3600 configured automatically.

My origin server doesn’t have any Cache-Control configured for the HTML pages. In Cloudflare’s Browser Cache TTL, I have “Respect Existing Headers” selected.

What would be the best way to have SXG cached for a smaller time or at least purge them for instantly cache invalidation for Google Search?

Hey Folks,
I have Cloudflare Pro and using APO integration with my WP Website. I have tried SXGs for my website and totally loved the performance difference while opening the site from the Google search. But my only concern is the cache period of SXGs.

For example, I run a website that mainly focus on the resources for students and employment seekers. Whenever an exam result or an interview result is announced, I will update the existing article with direct links to check the same.

But the problem is Google keeps serving the cached SXG for almost 1 hour and users landing from the Google Search can’t see the updated content of my website.

I noticed the Google Cached SXG has cache-control:private, max-age=3600 configured automatically.

My origin server doesn’t have any Cache-Control configured for the HTML pages. In Cloudflare’s Browser Cache TTL, I have “Respect Existing Headers” selected.

What would be the best way to have SXG cached for a smaller time or at least purge them for instantly cache invalidation for Google Search?

1 Like

Wonder if Cdn-cache-control header would work https://blog.cloudflare.com/cdn-cache-control/ @firat? i.e. would setting CDN-Cache-Control at CF Worker edge level instruct Google SXGs caches to modify the cache TTL?

from https://web.dev/signed-exchanges/ it suggests expire times is determined by expire header response ?

The expires parameter in the signature indicates a SXG’s expiration date. A SXG may be valid for at most 7 days. If the expiration date of an SXG is more than 7 days in the future, the browser will reject it. Find more information on the signature header in the Signed HTTP Exchanges spec

and Signed HTTP Exchanges

This draft could expire signature validity using the normal HTTP cache control headers ([RFC7234]) instead of embedding an expiration date in the signature itself. This section specifies how that would work, and describes why I haven’t chosen that option.

The signatures in the Signature header field (Section 3.1) would no longer contain “date” or “expires” fields.

The validity-checking algorithm (Section 3.5) would initialize date from the resource’s Date header field (Section 7.1.1.2 of [RFC7231]) and initialize expires from either the Expires header field (Section 5.3 of [RFC7234]) or the Cache-Control header field’s max-age directive (Section 5.2.2.8 of [RFC7234]) (added to date ), whichever is present, preferring max-age (or failing) if both are present.

Validity updates (Section 3.6) would include a list of replacement response header fields. For each header field name in this list, the client would remove matching header fields from the stored exchange’s response header fields. Then the client would append the replacement header fields to the stored exchange’s response header fields.

1 Like

@firat I think that you might find this interesting

1 Like

Thanks for your detailed response @eva2000

My origin doesn’t have expires, cache-control or max-age defined for the HTML pages. I just want to enable the cache-control or max-age for Signed Exchange content only not for the visitors who open the site directly or from the desktop search.

I wish Cloudflare had an option to set cache-control for the particular content type like Signed Exchange.

why not set a cache-control, cdn-cache-control, cloudflare-cdn-cache-control headers at origin ? That’s best way for you to tell various caching layers what you want to cache and for how long. Set browser level cache via cache-control and CDN cache level via cdn-cache-control and cloudflare-cdn-cache-control

You could possible do that via CF Worker level as that would be at CF edge server level.

Only thing I am not sure on is cdn-cache-control and cloudflare-cdn-cache-control are a group effort by Akamai, Fastly and Cloudflare, so not sure if Google CDN cache would use those headers.

Can we instead have a page rule configured like this?

I can also add the following configuration to my webserver configuration:

location ~* \.(sxg)$ {
    more_set_headers  "Cache-Control : max-age=180";
}

But editing Cloudflare Worker or adding a cache-control for HTML pages sound too technical for me :frowning:

Try and see :slight_smile:

One thing though is SXG don’t necessarily have the extension .sxg it’s a mime type not extension type

2 Likes

Just tried by publishing a new post and doing the Google Mobile search. No Difference.

https://www-apssb-in.webpkgcache.com/doc/-/s/www.apssb.in/jkpsc-kas-admit-card/

It still has the cache-control:private, max-age=3600

Seems, we need to figure out how to set the cache period for the content-type: application/signed-exchange;v=b3

One thing though is SXG don’t necessarily have the extension .sxg it’s a mime type not extension type

Probably need to do it at Nginx level via GeoIP nginx module to map and track Google ASN = 15169 and request accept header application/signed-exchange;v=b3;q=0.9 and conditionally change cache control header set at Nginx level. Edit: can also use the referrer field as a criteria i.e. from Google search and user agent = Android

Or you can use CF Transform rules to rewrite or set a new custom request header that indicates Google Android search request and that is passed onto your origin server for criteria used by Nginx to set a conditional cache-control value when that custom request header is detected?

But why make it so difficult and just set cache-control on origin ? Unless you’re updating your content every 2 or 3 seconds, setting any cache-control header is better than none and you can then control how long SXGs expire as well as other browser caches.

1 Like

Hi @firat

Is there any browser compatibility requirement for SXGs? I have enabled SXGs and then try to open my website using some browsers on my mobile phone. Using (mobile version of) Chrome, Firefox, and Opera, the website is accessible. But when using my mobile phone’s default browser (OPPO browser), the website is not accessible, and the browser just download a file (24 KB of size) instead, with page title as its name and unreadable content (some ASCII code). Please advise.

1 Like

Interesting about OPPO browser. From what I read, unsupported SXG browsers should just fall back to normal browser served response?

Any idea how can we set a cache period for SXGs?


Tried this but not seeing anything for my website.

Is it ok if the content type meta on my page is set to this?

<meta http-equiv="content-type" content="text/html; charset=utf-8" />

AFAIK it’s controlled via cache-control/expires headers Automatic Signed Exchanges (SXGs) Beta Launch - #27 by eva2000

no need.

SXG only works on Android devices where visit to your site is from Google search referral i.e. google search link clicked and you need to have cache time of at least 2 minutes

I just retested Cloudflare Automatic Signed Exchanges on my Wordpress blog, this time logging a real Android 11 Chrome session via Android developer tools USB debugging. The 6 URL requests in my mobile Chrome device in below screenshot

request 1. Google search for a term I know that will list my site at the top and click the Google search link to my site - this resulted in Google returning 2x prefetch cached SXGs requests - 1st a 303 redirect to cached document which took 24ms and 2nd prefetched request took 3ms. Total time = 27ms

request 2-5. which starts at 3 through 5th request line on below screenshot - are just normal non-SXG Chrome F5 refresh page requests to compare which took between 65-69ms total time (upper value) or 37-49ms network component time (lower value)

request 6. I copy and pasted the *.webpkgcache.com SXG request URL from 1st time and visited that directly showing up as last request in below screenshot with 12ms total response time

Question:

Does SXGs works with Vary: Accept-Encoding,Cookie?