CodeClarityLab / Glossary
Ctrl K
← Home ← Codex ← DEBT
Browse by Category
+ added · updated 7d
Pages
Terms of Use About Contribute 🧠Logic graph Contact
← Back to glossary

How CDNs Work

Networking Intermediate
debt(d7/e3/b5/t5)
d7 Detectability Operational debt — how invisible misuse is to your safety net

Closest to 'only careful code review or runtime testing' (d7). Tools listed are lighthouse, curl, and webpagetest — these are performance/audit tools that can surface missing CDN usage or bad Cache-Control headers, but they require deliberate manual auditing runs rather than catching issues automatically during development. The absence of CDN or misconfigured headers won't fail a build or lint step; it silently degrades performance in production until someone runs a performance audit.

e3 Effort Remediation debt — work required to fix once spotted

Closest to 'simple parameterised fix' (e3). The quick_fix describes serving static assets through a CDN with immutable cache headers, which is a meaningful but bounded change: updating asset URLs/configuration to point through a CDN and adding proper Cache-Control headers. It's more than a single-line patch but doesn't require cross-cutting refactors — it's localised to asset serving configuration and potentially a few HTTP response headers.

b5 Burden Structural debt — long-term weight of choosing wrong

Closest to 'persistent productivity tax' (b5). The choice applies to the web context broadly — decisions about Cache-Control headers, CDN configuration, and what to cache affect many aspects of deployment, content updates (cache invalidation strategies), API design (cacheability), and cookie handling. It's not purely localised to one component but doesn't fully define system shape; however, it persistently influences how developers think about URL design, cache busting, and response headers across the codebase.

t5 Trap Cognitive debt — how counter-intuitive correct behaviour is

Closest to 'notable trap — a documented gotcha most devs eventually learn' (t5). The misconception field directly states it: developers believe CDNs only cache static files, when in reality any HTTP response with correct Cache-Control headers is CDN-cacheable — including JSON API responses and PHP-rendered HTML. The common_mistakes also highlight serious traps like caching Set-Cookie responses (serves another user's cookie) and Vary: * disabling all caching. These are well-documented gotchas that are non-obvious but eventually learned.

About DEBT scoring → scored by claude-sonnet-4-6 · 2026-05-06 · reviewed by human

Also Known As

CDN PoP Anycast edge caching origin pull

TL;DR

CDNs use Anycast routing and distributed edge PoPs to serve content from the nearest location — reducing latency from 300ms to 5ms for cached responses.

Explanation

Anycast routing: multiple edge servers share the same IP address; BGP routes requests to the geographically closest PoP. Cache miss: the edge fetches from origin and caches the response. Cache key: URL + Vary headers. Benefits: latency reduction, throughput offload from origin, reliability when origin is down, DDoS absorption. PHP sends Cache-Control: public, s-maxage=N to enable CDN caching. Dynamic API responses with correct headers are CDN-cacheable too.

Common Misconception

CDN only works for static files — any HTTP response with correct Cache-Control headers is CDN-cacheable, including JSON API responses and PHP-rendered HTML.

Why It Matters

A user in Tokyo requesting content from a London origin experiences 250ms RTT — the same content served from a Tokyo CDN edge delivers in 5ms, a 50x improvement for cached responses.

Common Mistakes

  • No Cache-Control headers — CDN cannot cache
  • Caching Set-Cookie responses — serves another user's cookie
  • Vary: * disables all caching
  • Same URL different content without Vary header

Code Examples

✗ Vulnerable 
// No cache headers — CDN pass-through:
public function products(): JsonResponse {
    return response()->json(Product::all());
    // Every request hits PHP and database — CDN provides no benefit
}
✓ Fixed 
// CDN-cacheable response:
public function products(): JsonResponse {
    $etag = md5($this->productService->getLastModified());
    return response()
        ->json($this->productService->all())
        ->withHeaders([
            'Cache-Control' => 'public, s-maxage=300, stale-while-revalidate=60',
            'ETag'          => $etag,
            'Vary'          => 'Accept-Encoding',
        ]);
    // CDN serves for 5 minutes without touching PHP
}
Added 16 Mar 2026
Edited 22 Mar 2026
Views 47

Curated in Warsaw under one editorial standard. 1,506 terms, single voice.  About this reference →

Rate this term
No ratings yet
🤖 AI Guestbook educational data only
| |
Last 30 days
0 pings T 0 pings W 1 ping T 1 ping F 0 pings S 0 pings S 0 pings M 0 pings T 0 pings W 0 pings T 3 pings F 0 pings S 2 pings S 1 ping M 0 pings T 0 pings W 0 pings T 0 pings F 0 pings S 0 pings S 0 pings M 0 pings T 0 pings W 0 pings T 1 ping F 1 ping S 0 pings S 0 pings M 0 pings T 0 pings W
Agents 0
No pings yet today
No pings yesterday
Amazonbot 9 Perplexity 5 Scrapy 5 Ahrefs 4 SEMrush 3 Unknown AI 2 Google 2 Claude 2 ChatGPT 2 Meta AI 1 PetalBot 1
Also referenced
HTTP Request-Response Cycle 64 Cloud CDN 40 Resource Prefetching 38
How they use it
crawler 33 crawler_json 3
Related categories
performance 3.3k networking 1k cloud 879
DEV INTEL Tools & Severity
🟠 High ⚙ Fix effort: Medium
⚡ Quick Fix
Serve all static assets (CSS, JS, images) through a CDN with immutable cache headers — PHP only handles dynamic requests; CDN handles the 90% that are static files
📦 Applies To
any web
🔗 Prerequisites
🔍 Detection Hints
PHP serving static files directly; no CDN in front of production; static assets without Cache-Control: public max-age headers
Auto-detectable: ✓ Yes lighthouse curl webpagetest
⚠ Related Problems
🤖 AI Agent
Confidence: Low False Positives: High ✗ Manual fix Fix: Medium Context: File
✓ schema.org compliant