Ok, so actual question, How useful are CDN endpoints these days with https everywhere? Because most encrypted content is unique to a single web user, caching isn’t super useful. Also you can’t cache live content like video calls or online games. I’d imagine the percentage of cacheable content is actually fairly low these days. But like I said, I don’t actually know the answer to this, i’d be curious to hear your take.
Edit: it’s weird to get down votes for a question.
HTTPS / TLS has little to do with it. Don’t think of the endpoint as a cache between you and the origin. The DNS name given to the endpoint is the origin from your browser’s perspective. How content gets cached on the backend is irrelevant to the browser.
Live video that someone else in your area is also watching is cacheable. Images to load a page, very cacheable. The personal stuff is mostly HTML specific to you but that’s quite small.
Browsers partition the cache by “origin” now though, so while it can cache HTTPS content, it can’t effectively cache shared content (It’ll store multiple independent copies).
So Youtube still works fine, but Google Fonts is pointless now.
Edit: Oh yeah, and any form of shared JavaScript/CSS/etc. CDN is now also useless and should be avoided, but that’s always been the case.
Yeah, this is the point I was getting at, encrypted content tends to be personalized to individual users, not always I guess. But yeah, I’m not sure how much is left.
It was an issue for a long time that browsers just ignored the caching headers on content delivered over HTTPS, a baked in assumption that they must be private individual content. That’s not the case now, so sites have to specifically mark those pages as uncachable (I think Steam got hit by something like this not that long ago, a proxy was serving up other peoples user pages it had cached).
But for something like Google Fonts, the whole point of it was that a site could embed a large font family, and then every other visited site that also used it would simply share the first cached copy. Saving the bandwidth and amortizing the initial cost over the shared domains. Except now that no longer holds, instead of dividing the resources by the amount of sites using it, it’s multiplying it. So while a CDN might put the contents physical closer to the users, it doesn’t actually save any bandwidth (and depending on how it’s configured, it can actually slow page loads down)
Ok, so actual question, How useful are CDN endpoints these days with https everywhere? Because most encrypted content is unique to a single web user, caching isn’t super useful. Also you can’t cache live content like video calls or online games. I’d imagine the percentage of cacheable content is actually fairly low these days. But like I said, I don’t actually know the answer to this, i’d be curious to hear your take.
Edit: it’s weird to get down votes for a question.
HTTPS / TLS has little to do with it. Don’t think of the endpoint as a cache between you and the origin. The DNS name given to the endpoint is the origin from your browser’s perspective. How content gets cached on the backend is irrelevant to the browser. Live video that someone else in your area is also watching is cacheable. Images to load a page, very cacheable. The personal stuff is mostly HTML specific to you but that’s quite small.
HTTPS can in fact be cached, and most modern browsers will do so unless given a header or something to tell it not to.
Source: Devtools network tab + https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Caching
Browsers partition the cache by “origin” now though, so while it can cache HTTPS content, it can’t effectively cache shared content (It’ll store multiple independent copies).
So Youtube still works fine, but Google Fonts is pointless now.
Edit: Oh yeah, and any form of shared JavaScript/CSS/etc. CDN is now also useless and should be avoided, but that’s always been the case.
Yeah, this is the point I was getting at, encrypted content tends to be personalized to individual users, not always I guess. But yeah, I’m not sure how much is left.
It was an issue for a long time that browsers just ignored the caching headers on content delivered over HTTPS, a baked in assumption that they must be private individual content. That’s not the case now, so sites have to specifically mark those pages as uncachable (I think Steam got hit by something like this not that long ago, a proxy was serving up other peoples user pages it had cached).
But for something like Google Fonts, the whole point of it was that a site could embed a large font family, and then every other visited site that also used it would simply share the first cached copy. Saving the bandwidth and amortizing the initial cost over the shared domains. Except now that no longer holds, instead of dividing the resources by the amount of sites using it, it’s multiplying it. So while a CDN might put the contents physical closer to the users, it doesn’t actually save any bandwidth (and depending on how it’s configured, it can actually slow page loads down)
Netflix and Amazon Outpost makes it quite useful.