问题
I currently use Akamai as a CDN for my app, which is served over multiple subdomains.
I recently realized that Akamai is caching CORS requests the same, regardless of the origin from which they were requested.
This of course causes clients that make requests with a different Origin
than the cached response to fail (since they have a different response header for Access-Control-Allow-Origin
than they should)
Many suggest supplying the Vary: Origin
request header to avoid this issue, but according to Akamai's docs and this Akamai community post, this isn't supported by Akamai.
How can I force Akamai to cache things uniquely by Origin
if an Origin
header is present in the request?
回答1:
I did some research, and it appears this can be done by adding a new Rule
in your Akamai config, like so:
Note that if you do this - REMEMBER - this changes your cache key at Akamai, so anything that was cached before is essentially NOT CACHED anymore! Also, as noted in the yellow warning labels, this can make it harder to force reset your cache using Akamai's url purging tools. You could remove the If
block, and just include Origin
header as a similar Cache ID Modification
rule too, if you were ok with changing the cache key for all your content that this rule would apply to.
So in short, try this out on a small section of your site first!
More details can be found in this related post on Stack Overflow
来源:https://stackoverflow.com/questions/49413031/how-to-ensure-my-cdn-caches-cors-requests-by-origin