How do Signed Exchanges (SXG) work?

I read the announcement post on Signed Exchanges (SXG) but don’t fully understand how they work. I’ve had AMP Real URL enabled for a long time but SXG appears to work differently. This paragraph is useful but yet lacks some detail:

The search engine also preloads the signed exchange for your content in the background in the meantime, effectively pre-filling the cache in the client’s browser. This exchange was delivered from the search engine, so no signal has gone to the origin yet. Thus, the search intent of the user isn’t leaked to the origin. Since the exchange is signed and validated against your certificate, the browser trusts the contents and can display the content with attribution to the original URL. Now, when the user clicks on the link to view the contents, it magically loads instantaneously from the local cache.


  1. Is this pre-fetched content just HTML or other resources – CSS, JS, Images?
  2. When the person clicks the link and the page “loads instantaneously from the local cache”, is there no server involved? With AMP (and AMP Real URL) I believe the pages are loaded from Google’s server. If there is a server involved with SXG, is it Google’s server or the Origin server?
  3. The announcement says during pre-fetching, “the search intent of the user isn’t leaked to the origin”. But when the person does click the link, is the origin aware the page has been displayed in the browser?
  4. Upon clicking, if the page loads from Google’s server (or from Local Cache with no server), after it has loaded with the origin hostname/URL in the address bar, if the person Refreshes the page (F5, Ctrl-R etc), is the page re-loaded from Google’s server / Local Cache or is it loaded from the Origin server?

Any insight on this is appreciated.


If I may add my opinion on this …

I was curious about CloudFlare Ampersand service back in 2019 (nowadays AMP Real URL -

Could below link help a bit for understanding AMP and SXG?

I am not sure, but I already see there would be some issues with users who aren’t good at managing their SSL certificate even nowadays, nevertheless those working on shared hosting or some I do no know which one, their origin host/server and serving resources via SXG would be limited due to the hosting provider (I think).

  • or the user wouldn’t have to do anything at the origin?, just click “enable” to activate this just as AMP Real URL and possibly from my understanding, provide the “regex” or a list for the URLs (resources) which he wants to be signed and served via SXG?
  • … hopefully, Google would update that SXG cache in their search results as well …

Not even wanting to think about the publishers who have ads, etc.
How would all that work around, with authentication of the resource (hopefully not being MITM one through the wrong domain), even with the score of the Page Speed, who’s who, where, why, and at the end the question about the privacy again.

I also remember:

If all that for 100ms better page load, I am not going to add more complexity to my server.

At least, I would expect to get some report as a feedback information like even the basic warnings and errors to show up at Google Search Console (if not yet available) due to the implementation and usage SXGs on my domains, as far as we can get them when we disable the AMP Real URL option at Cloudflare, to know for sure if it’s working or what it’s not working well with them :slight_smile:

Too much Google everything from my point of view, but I believe it would be nice to try it out at least :wink:

P.S. I just hope Google would not actually make the search results more complicated and harder to get to the top of them - or push the SXGs on better positions just like that.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.