Vary: Origin header breaks CDN

[ztrange]

I am using koa/cors for a REST API I'm developing. I noticed that setting up a CDN didn't reduce the number of requests, so I started checking everything and eventually found that cors adds the Vary: Origin header, which was preventing the CDN from working.

I don't know a lot about http headers and CORS internal workings so I just solved it by adding ctx.remove('Vary') when setting Cache-Control header. Maybe I'm doing something wrong but with that everything seems to work fine. I'd appreciate any guidance.

Thanks

[alsotang]

cors is a feature related to Origin header. Vary: Origin is ok. Otherwise the CDN would cache the response of A.com, and serve it for all other site users. It's not expected.
Above we are talking about dynamic resources. If you want your static resources being served right, then move the static middleware upon cors middleware. So your static resources wouldn't be affected by cors.