CDN-Cache-Control

The HTTP CDN-Cache-Control response header provides Caching directives targeted specifically at CDN intermediaries, separate from browser-facing Cache-Control.

Table of Contents

Usage

Origin servers frequently need different cache lifetimes for CDNs and browsers. A page might benefit from a 30-day edge cache but a 5-minute browser cache. CDN-Cache-Control solves this by carrying directives exclusively for CDN nodes. The CDN reads and acts on this header, then serves the response to the client with the original Cache-Control header intact for the browser.

The header is part of the targeted cache-control framework alongside headers like Surrogate-Control and vendor-specific variants. CDNs recognizing this header prioritize its directives over Cache-Control for their own caching decisions. The directive syntax is identical to Cache-Control, making adoption straightforward for teams already familiar with standard cache directives.

Cloudflare also supports Cloudflare-CDN-Cache-Control, a vendor-scoped variant processed identically but consumed only by Cloudflare edge nodes. When both headers are present, the more specific variant takes priority.

Directives

The CDN-Cache-Control header accepts the same directive syntax as Cache-Control. The most commonly observed directives in production follow.

max-age

The max-age directive sets the freshness lifetime in seconds for the CDN cache. The CDN stores the response and serves cached copies until the specified duration expires.

CDN-Cache-Control: max-age=2592000

public

The public directive indicates the response is cacheable by the CDN, even when the request includes authorization credentials.

no-store

The no-store directive instructs the CDN to never cache the response. Each request passes through to the origin.

stale-while-revalidate

The stale-while-revalidate directive allows the CDN to serve a stale cached response while fetching a fresh copy from the origin in the background. The value specifies how many seconds past the max-age window the CDN is permitted to serve stale content during revalidation.

stale-if-error

The stale-if-error directive allows the CDN to serve a stale cached response when the origin returns an error or is unreachable. The value specifies how many seconds past max-age the CDN is allowed to continue serving stale content.

s-maxage

The s-maxage directive sets the freshness lifetime for shared caches, including CDNs. When present in CDN-Cache-Control, the CDN uses this value for its cache duration.

Example

A common pattern sets a 30-day CDN cache lifetime (2,592,000 seconds) for static assets and content pages. The CDN stores and serves the response for the full duration, relying on cache purging rather than time-based expiration for updates.

CDN-Cache-Control: max-age=2592000

Some origins combine public with a shorter max-age to cache dynamic content at the edge for a brief window. This 30-second cache reduces origin load during traffic spikes while keeping content relatively fresh.

CDN-Cache-Control: max-age=30, public

Adding stale-while-revalidate and stale-if-error provides resilience. The CDN serves cached content while revalidating in the background, and continues serving stale responses for up to one hour if the origin fails.

CDN-Cache-Control: public, max-age=2592000, stale-if-error=3600

A tiered setup uses CDN-Cache-Control for the edge and Cache-Control for the browser, each with independent lifetimes.

CDN-Cache-Control: max-age=86400
Cache-Control: max-age=300

Takeaway

The CDN-Cache-Control header delivers cache directives exclusively to CDN intermediaries, enabling independent cache lifetimes for edge nodes and browsers through the targeted cache-control framework.

See also

Last updated: March 6, 2026