Head Requests and Set-Cookie Headers
In this page, we document how Cloudflare's cache system behaves in interaction with:
HEAD
requestsSet-Cookie
response headers
Cloudflare converts HEAD
requests to GET
requests for cacheable requests.
When you make a HEAD
request for a cacheable resource and Cloudflare does not have that resource in the edge cache, a cache miss happens. Cloudflare will send a GET
request to your origin, cache the full response and return the response headers only. Make sure the origin server is setup to handle GET
requests, even if only HEAD
requests are expected, so that compatibility with this behavior is ensured.
For non-cacheable requests, Set-Cookie
is always preserved. For cacheable requests, there are three possible behaviors:
-
Set-Cookie
is returned from origin and the default cache level is used. If origin cache control is not enabled, Cloudflare removes theSet-Cookie
and caches the asset. If origin cache control is enabled, Cloudflare does not cache the asset and preserves theSet-Cookie
. A cache status ofBYPASS
is returned. -
Set-Cookie
is returned from origin and the cache level is set toCache Everything
in Page Rules, orEligible for cache
in Cache Rules. In this case, Cloudflare preserves theSet-Cookie
but does not cache the asset. A cacheMISS
will be returned every time. -
Set-Cookie
is returned from origin, the cache level is set toCache Everything
in Page Rules, orEligible for cache
in Cache Rules, and edge cache TTL is set. In this case, Cloudflare removes theSet-Cookie
and the asset is cached.