Learn about Centmin Mod LEMP Stack today
Become a Member

WebPerf Cloudflare PageSpeed Automatic Signed Exchanges (SXGs) - Signed Exchanges & Google Search Cache

Discussion in 'Web Development & Web Performance' started by adamus007p, Oct 4, 2022.

  1. adamus007p

    adamus007p Member

    361
    18
    18
    Feb 8, 2019
    Ratings:
    +35
    Local Time:
    9:07 PM
    Hello @eva2000 I have followed your post Testing Page Speed With Cloudflare Automatic Signed Exchanges & Google Search Cache - Centmin Mod Blog


    unfortunately it do not works.


    I add CAA, change cache time from respect existing headers to 2min. Domain is in orange. AMP is disabled. Automatic Signed Exchanges (SXGs) is enabled.
    SSL/TLS encryption mode is Full.


    I have received an email:

    but in google search console still I see
    Code (Text):
    Content-Encoding: br



    I was trying to install the tooll to inspect it in CMD:

    Code (Text):
    # install latest Go version for Centmin Mod LEMP stack systems
    /usr/local/src/centminmod/addons/golang.sh install
    
    # disable Centmin Mod default ccache compiler caching
    export CC='gcc'
    
    # install dump-signedexchange
    go install github.com/WICG/webpackage/go/signedexchange/cmd/dump-signedexchange@latest



    but I have error:
    Code (Text):
    golang Version: -n
    /usr/local/src/centminmod/addons/golang.sh: line 190: go: command not found
    ---------------------------
    [14:18][root@ho.com ~]# export CC='gcc'
    [14:19][root@ho.com ~]# go install github.com/WICG/webpackage/go/signedexchange/cmd/dump-signedexchange@latest
    -bash: /usr/bin/go: No such file or directory



    May you advise what I am doing wrong?




    PS.
    My response from google consol
    Code (Text):
    HTTP/1.1 200 OK
    Date: Mon, 03 Oct 2022 14:44:56 GMT
    Content-Type: text/html; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    CF-Ray: 75xxxxxx206-IAD
    Cache-Control: no-store, no-cache, must-revalidate
    Expires: Thu, 19 Nov 1981 08:52:00 GMT
    Set-Cookie: PHPSESSID=ik6xxxxxxxxxxxxxcll; path=/; Secure; HttpOnly; SameSite=lax
    Strict-Transport-Security: max-age=31536000; preload
    Vary: Accept-Encoding
    CF-Cache-Status: DYNAMIC
    pragma: no-cache
    Set-Cookie: Domain-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx25; path=/; domain=www.Domain.com; Secure; HttpOnly; SameSite=lax
    Set-Cookie: Domain-3xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx3; path=/; domain=www.Domain.com; Secure; HttpOnly; SameSite=lax
    x-content-type-options: nosniff
    x-frame-options: SAMEORIGIN
    x-powered-by: centminmod
    x-xss-protection: 1; mode=block
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6im5xxxxxxnPlJ4F9V"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    Content-Encoding: br



    Is is correct?

    esspecially:
    Code (Text):
    Expires: Thu, 19 Nov 1981 08:52:00 GMT
     
    Last edited: Oct 4, 2022
  2. eva2000

    eva2000 Administrator Staff Member

    49,887
    11,487
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,843
    Local Time:
    5:07 AM
    Nginx 1.21.x
    MariaDB 10.x
    What version of Centmin Mod are you using output for command below?
    Code (Text):
    cminfo versions
    

    For folks reading this message and yourself for posting code or output from commands to keep the formatting, you might want to use CODE tags for code How to use forum BBCODE code tags :)

    what doesn't work?

    Unfortunately Cloudflare Automatic Signed Exchanges has a lot of limitations which aren't beneficial in it's current state. I mentioned them in this guide too https://community.cloudflare.com/t/improving-time-to-first-byte-ttfb-with-cloudflare/390367/1

    So unless your site is ranked #1 or #2 in every search term on Google in mobile Android searches, you won't get the benefit of Google prefeteched caching of SXG cached versions.
     
  3. adamus007p

    adamus007p Member

    361
    18
    18
    Feb 8, 2019
    Ratings:
    +35
    Local Time:
    9:07 PM
    Code (Text):
    cminfo versions
    
    1st:
    123.09beta01.b505 #Mon May  4 23:31:01 CEST 2020
    ..
    last 10:
    124.00stable.s40 #Tue Jul  5 14:21:47 UTC 2022
    124.00stable.s40 #Tue Jul  5 14:26:18 UTC 2022
    124.00stable.s40 #Tue Jul  5 14:28:07 UTC 2022
    124.00stable.s40 #Tue Jul  5 14:30:12 UTC 2022
    124.00stable.s40 #Tue Jul  5 14:30:40 UTC 2022
    124.00stable.s40 #Tue Jul  5 14:41:54 UTC 2022
    124.00stable.s51 #Fri Sep 30 12:19:38 UTC 2022
    124.00stable.s51 #Fri Sep 30 12:28:18 UTC 2022
    124.00stable.s51 #Fri Sep 30 12:33:56 UTC 2022
    124.00stable.s51 #Fri Sep 30 12:34:24 UTC 2022
    



    Code (Text):
    curl -I https://domain.com
    HTTP/1.1 301 Moved Permanently
    Date: Mon, 03 Oct 2022 16:04:30 GMT
    Content-Type: text/html
    Connection: keep-alive
    location: https://www.domain.com/
    x-powered-by: centminmod
    x-frame-options: SAMEORIGIN
    x-xss-protection: 1; mode=block
    x-content-type-options: nosniff
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxxx"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Strict-Transport-Security: max-age=31536000; preload
    Server: cloudflare
    CF-RAY: 7546e9faebad910d-FRA
    


    Code (Text):
    curl -I https://www.domain.com
    HTTP/1.1 200 OK
    Date: Mon, 03 Oct 2022 16:05:20 GMT
    Content-Type: text/html; charset=utf-8
    Connection: keep-alive
    vary: Accept-Encoding
    expires: Thu, 19 Nov 1981 08:52:00 GMT
    Cache-Control: no-store, no-cache, must-revalidate
    pragma: no-cache
    set-cookie: domain-31e2xxxx; expires=Sun, 23-Oct-2022 16:05:19 GMT; Max-Age=1727999; path=/; domain=www.domain.com; secure; HttpOnly; SameSite=Lax
    set-cookie: domain-xx; expires=Sun, 23-Oct-2022 16:05:19 GMT; Max-Age=1727999; path=/; domain=www.domain.com; secure; HttpOnly; SameSite=Lax
    x-powered-by: centminmod
    x-frame-options: SAMEORIGIN
    x-xss-protection: 1; mode=block
    x-content-type-options: nosniff
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xx"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Strict-Transport-Security: max-age=31536000; preload
    Server: cloudflare
    CF-RAY: 7546eb2fb8879b7c-FRA
    



    Code (Text):
    curl -I http://domain.com
    HTTP/1.1 301 Moved Permanently
    Date: Mon, 03 Oct 2022 16:06:07 GMT
    Connection: keep-alive
    Cache-Control: max-age=3600
    Expires: Mon, 03 Oct 2022 17:06:07 GMT
    Location: https://domain.com/
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xx"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    X-Content-Type-Options: nosniff
    Server: cloudflare
    CF-RAY: 7546ec57fd0f916e-FRA
    



    Code (Text):
    curl -I http://www.domain.com
    HTTP/1.1 301 Moved Permanently
    Date: Mon, 03 Oct 2022 16:06:43 GMT
    Connection: keep-alive
    Cache-Control: max-age=3600
    Expires: Mon, 03 Oct 2022 17:06:43 GMT
    Location: https://www.domain.com/
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xx"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    X-Content-Type-Options: nosniff
    Server: cloudflare
    CF-RAY: 7546ed37be7290ec-FRA
    



    why there is
    Code (Text):
    expires: Thu, 19 Nov 1981 08:52:00 GMT
     
  4. eva2000

    eva2000 Administrator Staff Member

    49,887
    11,487
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,843
    Local Time:
    5:07 AM
    Nginx 1.21.x
    MariaDB 10.x
    seems https://www.domain.com is your main primary domain and it has Cache-Control: no-store, no-cache, must-revalidate which tells browser and Google to not cache the page
    Code (Text):
    curl -I https://www.domain.com
    HTTP/1.1 200 OK
    Date: Mon, 03 Oct 2022 16:05:20 GMT
    Content-Type: text/html; charset=utf-8
    Connection: keep-alive
    vary: Accept-Encoding
    expires: Thu, 19 Nov 1981 08:52:00 GMT
    Cache-Control: no-store, no-cache, must-revalidate
    
     
  5. adamus007p

    adamus007p Member

    361
    18
    18
    Feb 8, 2019
    Ratings:
    +35
    Local Time:
    9:07 PM
    @eva2000 How and where I can correct it?


    Do I need to correct it in sever side or in Cloudflare?
    May you advise how to change it?

    I googled but did not find any answer.

    My Cloudflare settings:
    Code (Text):
    In Cloudflare > Configuration
    Caching level > Standard
    Browser Cache TTL > Respect Existing Headers
    Cache rules > none
     
    Last edited: Oct 4, 2022
  6. eva2000

    eva2000 Administrator Staff Member

    49,887
    11,487
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,843
    Local Time:
    5:07 AM
    Nginx 1.21.x
    MariaDB 10.x
    Respect Existing Headers = use origin server headers which isn't what you want.
     
  7. adamus007p

    adamus007p Member

    361
    18
    18
    Feb 8, 2019
    Ratings:
    +35
    Local Time:
    9:07 PM
    What is recommended (nowadays) Browser Cache TTL ?
    I have changed it to 1month.

    Code (Text):
    curl -I https://www.domain.com
    HTTP/1.1 200 OK
    Date: Mon, 03 Oct 2022 16:39:38 GMT
    Content-Type: text/html; charset=utf-8
    Connection: keep-alive
    vary: Accept-Encoding
    expires: Thu, 19 Nov 1981 08:52:00 GMT
    Cache-Control: no-store, no-cache, must-revalidate
    pragma: no-cache
    set-cookie: domain-xx; expires=Sun, 23-Oct-2022 16:39:38 GMT; Max-Age=1728000; path=/; domain=www.domain.com; secure; HttpOnly; SameSite=Lax
    set-cookie: domain-xx; expires=Sun, 23-Oct-2022 16:39:38 GMT; Max-Age=1728000; path=/; domain=www.domain.com; secure; HttpOnly; SameSite=Lax
    x-powered-by: centminmod
    x-frame-options: SAMEORIGIN
    x-xss-protection: 1; mode=block
    x-content-type-options: nosniff
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BCxx3"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Strict-Transport-Security: max-age=31536000; preload
    Server: cloudflare
    CF-RAY: 75471d736d339c0a-FRA
    


    I see that there are two time set-cookie. Why?


    Respond from Google search console:
    Code (Text):
    HTTP/1.1 200 OK
    Date: Mon, 03 Oct 2022 16:42:05 GMT
    Content-Type: text/html; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    CF-Ray: 754721002a865c8e-IAD
    Cache-Control: no-store, no-cache, must-revalidate
    Expires: Thu, 19 Nov 1981 08:52:00 GMT
    Set-Cookie: PHPSESSID=1u672s52ecj4fe4vb8to9m40ik; path=/; Secure; HttpOnly; SameSite=lax
    Strict-Transport-Security: max-age=31536000; preload
    Vary: Accept-Encoding
    CF-Cache-Status: DYNAMIC
    pragma: no-cache
    Set-Cookie: domain-xx; path=/; domain=www.domain.com; Secure; HttpOnly; SameSite=lax
    Set-Cookie: domain-xx; path=/; domain=www.domain.com; Secure; HttpOnly; SameSite=lax
    x-content-type-options: nosniff
    x-frame-options: SAMEORIGIN
    x-powered-by: centminmod
    x-xss-protection: 1; mode=block
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xx"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    Content-Encoding: br




    Which version of centminmode do I have?
    the beta?

    I was using the https://community.centminmod.com/threads/centmin-mod-124-00stable-130-00beta01-releases.22673/ to switch to stable version.
     
    Last edited: Oct 4, 2022
  8. eva2000

    eva2000 Administrator Staff Member

    49,887
    11,487
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,843
    Local Time:
    5:07 AM
    Nginx 1.21.x
    MariaDB 10.x
    entirely dependent on your web app and desired cache duration
    that would be your web app related
     
  9. adamus007p

    adamus007p Member

    361
    18
    18
    Feb 8, 2019
    Ratings:
    +35
    Local Time:
    9:07 PM
    Thank you for your answers.
    What is recommendations for Wordpress or for Ecommerces?


    Which version of centminmode do I have?
    the beta?

    Code (Text):
    cminfo versions
    
    1st:
    123.09beta01.b505 #Mon May  4 23:31:01 CEST 2020
    ..
    last 10:
    124.00stable.s40 #Tue Jul  5 14:21:47 UTC 2022
    124.00stable.s40 #Tue Jul  5 14:26:18 UTC 2022
    124.00stable.s40 #Tue Jul  5 14:28:07 UTC 2022
    124.00stable.s40 #Tue Jul  5 14:30:12 UTC 2022
    124.00stable.s40 #Tue Jul  5 14:30:40 UTC 2022
    124.00stable.s40 #Tue Jul  5 14:41:54 UTC 2022
    124.00stable.s51 #Fri Sep 30 12:19:38 UTC 2022
    124.00stable.s51 #Fri Sep 30 12:28:18 UTC 2022
    124.00stable.s51 #Fri Sep 30 12:33:56 UTC 2022
    124.00stable.s51 #Fri Sep 30 12:34:24 UTC 2022
    


    Ok I see the last one :)


    I was using the https://community.centminmod.com/threads/centmin-mod-124-00stable-130-00beta01-releases.22673/ to switch to stable version.


    @eva2000 any idea why Automatic Signed Exchanges (SXGs) is not working?
     
    Last edited: Oct 4, 2022
  10. adamus007p

    adamus007p Member

    361
    18
    18
    Feb 8, 2019
    Ratings:
    +35
    Local Time:
    9:07 PM
    Hello, I have update cmupdate and reinstall everything and not it seems ok, but I have a following error:

    Code (Text):
    2022/10/04 09:19:46 signedexchange: unknown magic bytes: [60 72 84 77 76 62 60 72]
    curl -sH 'Accept: application/signed-exchange;v=b3' https://domain.com/ | dump-signedexchange -payload=false
    2022/10/04 09:24:32 signedexchange: unknown magic bytes: [60 104 116 109 108 62 10 60]
    



    When I used

    Code (Text):
    dump-signedexchange -requestHeader 'amp-cache-transform: google' -uri https://domain.com/url -verify -payload=false
    
    
    2022/10/04 09:27:49 GET "https://domain.com/url" responded with unexpected content type "text/html; charset=utf-8"
     
  11. eva2000

    eva2000 Administrator Staff Member

    49,887
    11,487
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,843
    Local Time:
    5:07 AM
    Nginx 1.21.x
    MariaDB 10.x
    seems latest versions of dump-signedexchange don't require curl and can run themselves. Unknown magic bytes error with curl is same as dump-signedexchange native error message for responded with unexpected content type "text/html; charset=UTF-8
    Code (Text):
    dump-signedexchange -requestHeader 'Accept: application/signed-exchange;v=b3' -uri https://domain.com/ -verify -payload=false
    2022/10/04 16:55:44 GET "https://domain.com/" responded with unexpected content type "text/html; charset=UTF-8"
    

    However, the easiest way to confirm if SXG is working itself (separate from Google prefetch search SXG cache), is to inspect Google Search Console's response headers as outlined at Testing Page Speed With Cloudflare Automatic Signed Exchanges & Google Search Cache - Centmin Mod Blog

    Not really suited for Ecommerce as SXG requires extended caching and removes cookies which most Ecommerce sites would need to function https://developers.cloudflare.com/f...es/signed-exchanges/signed-exchanges-caveats/
    So for some sites like Ecommerce which have Set-Cookie, no-store, no-cache, private etc headers, SXG won't be enabled

    With all that said, seems I tried SXG again and can't get it to work right now, so you'd want to contact Cloudflare support to ask/report. But in all honesty there are only very very limited gains in enabling Cloudflare SXG support right now so not worth the extra effort.
     
  12. eva2000

    eva2000 Administrator Staff Member

    49,887
    11,487
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,843
    Local Time:
    5:07 AM
    Nginx 1.21.x
    MariaDB 10.x
    This quote still applies. However, it looks like Cloudflare Configuration Rule enablement of CF SXG on a per hostname basis doesn’t work which is what I used above to enable it for my blog. If I enable CF SXG via the Speed configuration tab for global domain zone CF SXG, it seems to work. So how did you enable Cloudflare Automatic Signed Exchanges? Via Speed configuration tab or via a Cloudflare Configuration Rule?
    Code (Text):
    dump-signedexchange -requestHeader 'Accept: application/signed-exchange;v=b3' -uri https://blog.centminmod.com/ -verify -payload=false
    format version: 1b3
    request:
      method: GET
      uri: https://blog.centminmod.com/
      headers:
    response:
      status: 200
      headers:
        Digest: mi-sha256-03=WjDNkrP5retqyEjxp61BYTOfNqzwE71AmBkjaLaoTrI=
        Expires: Wed, 05 Oct 2022 17:37:10 GMT
        Report-To: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://centminmodcom.report-uri.com/a/d/g"}],"include_subdomains":true}
        Origin-Trial: AsjOFW4CC0+8iw2G/r2Dh6BiD9m52TgR4edDLHzKMcCSwrfoJ86olaKTvmakDL+o42xrn54wVDLpNngjYOtwOQIAAABdeyJvcmlnaW4iOiJodHRwczovL2Jsb2cuY2VudG1pbm1vZC5jb206NDQzIiwiZmVhdHVyZSI6IlByaW9yaXR5SGludHNBUEkiLCJleHBpcnkiOjE2NDc5OTM1OTl9
        Last-Modified: Tue, 04 Oct 2022 17:21:36 GMT
        Cf-Cache-Status: HIT
        X-Ua-Compatible: IE=edge
        Vary: Accept-Encoding
        Cf-Cachetime: 2592000
        Content-Type: text/html; charset=UTF-8
        Cache-Control: public, max-age=86400, s-maxage=86400, stale-while-revalidate=60
        X-Frame-Options: SAMEORIGIN
        Age: 813
        Server: cloudflare
        Cf-Req-Country: CA
        Referrer-Policy: strict-origin-when-cross-origin
        Content-Encoding: mi-sha256-03
        Permissions-Policy: interest-cohort=(), accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
        Cf-Ray: 754faf1980af4bc5-YUL
        Date: Tue, 04 Oct 2022 17:37:10 GMT
        X-Powered-By: centminmod
        Cf-Index-Rule: 1
        X-Xss-Protection: 1; mode=block
        X-Content-Type-Options: nosniff
        Nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
    signature: sig;sig=*MEQCIB+h+keBbUBw0mLxWpWCk04RXB80XQZHmsUkTXh6UoVGAiBkU8qFn2OLvkMsxDhDMiDQ5/Sb4B+jIK2bBCeGlupo7A==*;integrity="digest/mi-sha256-03";cert-url="https://blog.centminmod.com/cdn-fpw/sxg/cert.pem.msg.xroh1qa53ywIys_xWfDAi_da2PcAO1lbiQwvs9cc5Kg";cert-sha256=*xroh1qa53ywIys/xWfDAi/da2PcAO1lbiQwvs9cc5Kg=*;validity-url="https://blog.centminmod.com/cdn-fpw/sxg/valid.msg.validity";date=1664901431;expires=1664991431
    header integrity: sha256-gbgTVTIThuWu8+9DNAkbniXwwr7HwW/ZCSUYd8RRkgM=
    
    The exchange has a valid signature.
    

    or via curl passthrough
    Code (Text):
    curl -sH 'Accept: application/signed-exchange;v=b3' https://blog.centminmod.com/ | dump-signedexchange -payload=false
    format version: 1b3
    request:
      method: GET
      uri: https://blog.centminmod.com/
      headers:
    response:
      status: 200
      headers:
        Date: Tue, 04 Oct 2022 17:43:30 GMT
        Expires: Wed, 05 Oct 2022 17:43:30 GMT
        Cf-Cachetime: 2592000
        X-Powered-By: centminmod
        Last-Modified: Tue, 04 Oct 2022 17:21:36 GMT
        X-Ua-Compatible: IE=edge
        X-Xss-Protection: 1; mode=block
        Permissions-Policy: interest-cohort=(), accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
        X-Content-Type-Options: nosniff
        Age: 1193
        Origin-Trial: AsjOFW4CC0+8iw2G/r2Dh6BiD9m52TgR4edDLHzKMcCSwrfoJ86olaKTvmakDL+o42xrn54wVDLpNngjYOtwOQIAAABdeyJvcmlnaW4iOiJodHRwczovL2Jsb2cuY2VudG1pbm1vZC5jb206NDQzIiwiZmVhdHVyZSI6IlByaW9yaXR5SGludHNBUEkiLCJleHBpcnkiOjE2NDc5OTM1OTl9
        Cf-Req-Country: CA
        Cf-Cache-Status: HIT
        Content-Encoding: mi-sha256-03
        Nel: {"report_to":"default","max_age":31536000,"include_subdomains":true}
        Cf-Ray: 754fb85ee5037150-YUL
        Digest: mi-sha256-03=WjDNkrP5retqyEjxp61BYTOfNqzwE71AmBkjaLaoTrI=
        Server: cloudflare
        Report-To: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://centminmodcom.report-uri.com/a/d/g"}],"include_subdomains":true}
        Referrer-Policy: strict-origin-when-cross-origin
        X-Frame-Options: SAMEORIGIN
        Vary: Accept-Encoding
        Content-Type: text/html; charset=UTF-8
        Cache-Control: public, max-age=86400, s-maxage=86400, stale-while-revalidate=60
        Cf-Index-Rule: 1
    signature: sig;sig=*MEQCIQCHTwU9qZQ0YLK2I+t7uohpna5GOMmnfdBME4J9w7NJmQIfdWb2IaIZhnDWZEkB+CXSqASvZ0RCb1HTTe6KvSsaFQ==*;integrity="digest/mi-sha256-03";cert-url="https://blog.centminmod.com/cdn-fpw/sxg/cert.pem.msg.xroh1qa53ywIys_xWfDAi_da2PcAO1lbiQwvs9cc5Kg";cert-sha256=*xroh1qa53ywIys/xWfDAi/da2PcAO1lbiQwvs9cc5Kg=*;validity-url="https://blog.centminmod.com/cdn-fpw/sxg/valid.msg.validity";date=1664901810;expires=1664991810
    header integrity: sha256-lIL/EmRfUe7n5ik4bCLaSAzZL8P+LUhn6+bey3+kcDI=
    
     
  13. adamus007p

    adamus007p Member

    361
    18
    18
    Feb 8, 2019
    Ratings:
    +35
    Local Time:
    9:07 PM
    @eva2000
    Thank you for your time and respond.

    I have enabled CF SXG via I have selected domain.com then I went to tab speed > optimization and then I have turn on Automatic Signed Exchanges (SXGs)

    whem i type
    Code (Text):
    dump-signedexchange -requestHeader 'Accept: application/signed-exchange;v=b3' -uri https://blog.centminmod.com/ -verify -payload=false
    
    2022/10/04 22:46:08 GET "https://blog.centminmod.com/" responded with unexpected content type "text/html; charset=UTF-8"



    Code (Text):
    curl -sH 'Accept: application/signed-exchange;v=b3' https://blog.centminmod.com/ | dump-signedexchange -payload=false
    2022/10/04 22:47:43 signedexchange: unknown magic bytes: [60 33 68 79 67 84 89 80]
    





    So for some sites like Ecommerce which have Set-Cookie, no-store, no-cache, private etc headers, SXG won't be enabled

    So it is not recommected for ecommerce to use SXG?
     
  14. eva2000

    eva2000 Administrator Staff Member

    49,887
    11,487
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,843
    Local Time:
    5:07 AM
    Nginx 1.21.x
    MariaDB 10.x
    I disabled SXG again on the blog as non-Google prefetch cached SXG is slower than than SXG disabled if your site isn't ranking in to 2 results for each search term as you can see in my benchmarks at Testing Page Speed With Cloudflare Automatic Signed Exchanges & Google Search Cache - Centmin Mod Blog. Same slower TTFB for e-commerce sites if you enable SXG but don't get the Google prefetched cached SXG.

    SXG only beneficially if you have many search terms ranked in top 1 or 2 search results for many of your site's pages. Only then do you get Google prefetched cached SXG - which is what improves TTFB and thus LCP.