Stripping cookies from static files¶

Since cookies can cause your cache to vary, files of the following types managed by Drupal in the modules, themes, files, or libraries directories have incoming cookie headers removed, and receive the HTTP request header X-Static-Asset: True:

• Text: htm, html, css, js, json, yml, xml, txt
• Images: gif, png, jpg, jpeg, pdf, svg, ico, webp
• Media: ogg, ogv, webm, mp3, mp4, mov, f4v
• Publishing: doc, ttf, eot, ppt, xls, otf, woff, woff2
• Archives: tbz, bz2, rar

Any file type smaller than 10MB in size not included in the Common file types excluded from Varnish caching list can have its Cache-Control headers modified in your website’s .htaccess file to make the file type cacheable or uncacheable.

Common file types excluded from Varnish caching¶

The following file types (which are generally large in size) are always excluded from Varnish caching:

• dmg
• exe
• gz
• msi
• pkg
• tgz
• zip

You should use a content delivery network (CDN), such as Edge, or another external storage system for serving larger assets of these types.

Files greater than 10 MB in size¶

HTTP responses with a Content-Length header larger than 10MB (10,000,000 bytes) in size cannot be cached, but will instead be streamed.

To preserve website uptime and availability, either use a content delivery network (such as Edge) or another external storage system for serving large assets.

Creating custom caching policy per file type¶

If you want to set a specific cache policy for certain file types, you can add lines to your .htaccess file to set a custom Cache-Control HTTP header per file type, based on the following example:

# Exclude files of the following types from Varnish caching
<FilesMatch "\.(iso|bmp|psd|flac|avi|mpeg)$">
  Header set Cache-Control "max-age=0, private, no-store, no-cache, must-revalidate"
</FilesMatch>