Mike, I did a test run about an hour ago. The cookies were handled fine, so I assume the CDN provider has their proxy servers set up to handle this, as you say.
On the other hand, I found out they do not accept https requests. I had taken this to mean they would pass through https requests to the origin server for handling; however, the request simply is halted entirely and the page times out after a long wait. Not exactly a robust solution. So, a little rearchitecting on my part will be needed to account for that. FWIW, the company is called Velocix. They have a free CDN solution for up to 500GB of traffic per month. -- Josh ----- Original Message ----- From: "Mike Chabot" <[EMAIL PROTECTED]> To: "CF-Talk" <[email protected]> Sent: Wednesday, August 06, 2008 3:50 PM Subject: Re: CDN and Cookies > Josh, > I think this would depend on how the proxy server is set up to > communicate with the origin server and whether or not it modifies > cookies. Proxy servers can do anything they are programmed to do, so I > would call up the company to get this information on how cookies are > handled. If the CDN provider is established and experienced, I would > assume that they have programmed their proxy servers to handle the > cookie issues seamlessly, which would mean that a cookie set for > www.mysite.com would be modified and sent to origin.mysite.com in a > way that origin.mysite.com could read it without any security issues. > Clearly I'm speculating here. My experience with these CDNs mainly > comes from caching static files like images or JavaScript files, which > don't have any cookie issues. Someone else on this list might have > more experience with this reverse proxy setup. > > Good luck, > Mike Chabot > > On Wed, Aug 6, 2008 at 5:22 PM, Josh Nathanson <[EMAIL PROTECTED]> > wrote: >> Mike, >> >> All the requests will be going through www.mysite.com and intercepted by >> the >> CDN via a cname directive. There are no requests from the end user to >> origin.mysite.com. The CDN then decides, based on the expires header, >> whether to go get fresh content from origin.mysite.com. It's called >> "reverse proxy acquisition". So, only cookies from www.mysite.com will >> be >> sent in the request, not cookies from origin.mysite.com. >> >> The dns will look like this: >> www.mysite.com CNAME www.CDNsite.com >> origin.mysite.com CNAME mysite.com >> >> As you say, only images and videos will be cached on the CDN, and all >> dynamic content will be fetched by the CDN from origin.mysite.com (no >> dynamic requests are cached). origin.mysite.com is where the sessions >> will >> be living as well. >> >> My question is, given that scenario, if I start a session on the site and >> then open up the cookies panel in Firefox, will the cookie folder say >> www.mysite.com or origin.mysite.com? >> >> There is no information on their site as regards sessions. >> >> Thanks for your help. >> >> -- Josh >> >> >> ----- Original Message ----- >> From: "Mike Chabot" <[EMAIL PROTECTED]> >> To: "CF-Talk" <[email protected]> >> Sent: Wednesday, August 06, 2008 1:42 PM >> Subject: Re: CDN and Cookies >> >> >>> Josh, >>> Your belief might not be correct, although it can depend on what >>> content you are serving, how that CDN is set up, and how your sessions >>> are set up. >>> >>> If a session is established on Server A, then activities on Server B >>> generally won't impact Server A. If you are only serving cached >>> content or images on Server B, then I doubt Server B benefits from >>> session variables at all. Even with domain cookies set, activities on >>> Server B won't prolong the Server A session since the session is >>> maintained on the server, not in the cookie. Setting domain cookies >>> would potentially be a mistake, since you would be adding overhead >>> with no benefit. >>> >>> If a.site.com has all your dynamic content and sessions while >>> b.site.com has all your images, the Web browser can not only load the >>> site faster because this gets around the HTTP simultaneous connection >>> limits, but it is also faster because you don't have to send pointless >>> cookie information to b.site.com with every image request. So for many >>> people looking to optimize network traffic, the goal is to avoid >>> sending cookies to all the servers. >>> >>> The main uncertainty is what type of CDN you are using. Most often >>> these are used to help deliver static Web content or files, as opposed >>> to dynamic Web site content. >>> >>> I would expect that your CDN provider has a FAQ or technical guide >>> that discusses how to handle session variables if you are serving >>> dynamic content. That is where I would look for this information. >>> >>> For your second question, I would assume the answer is "no," but I >>> would certainly test this if it is a concern for you. >>> >>> -Mike Chabot >> >> >> > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:310323 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
