A single click will enable Cloudflare customers to generate Signed Exchanges (SXG) for Google Search. Signed Exchanges is an open web platform specification to verify a cached version of a website. The specification is developed by Google with the purpose of enabling a faster delivery of a website from a third party. So, what is the advantage of Signed Exchanges to website owners? The answer is faster loading time and a boost in SEO as load time is an important criteria while displaying a website in search engine results.
Cache is the process of storing multiple copies of files or data in a temporary storage location for faster access later. The file or data is temporarily saved for web browsers, servers and software so that the user doesn’t have to download the information every time while accessing an application or a website.
Understanding Signed Exchange (SXG) and How it Works
A Signed Exchange (SXG) is an open standard delivery mechanism for authenticating the origin of a resource irrespective of how it was delivered. This helps in improving a variety of use cases such as offline Internet experience, prefetching and serving from third-party caches in a secure way.
When search engine bots crawl your website for the newly published content, you choose the delivery of a signed exchange instead of delivering the raw content. This improves the load time and gives your site an SEO advantage. Let’s look at how Cloudflare generates Signed Exchange.
Original content including the response headers that the website owner wants to sign is fetched by Cloudflare.
A header that uses Merkle Integrity Content Encoding is added for the faster and better detection of data modification and corruption.
Headers that do not make sense in the context of Signed Exchanges are also removed. Security sensitive headers such as set-cookie and authentication-info are also striped out.
Original content with headers, signature and fallback URL is packed into a final binary for delivery.
A Signed Exchange is cached and sent to the crawler that stores it. When the content is indexed, it shows up in searches. The search engine keeps the already loaded Signed Exchange in the background to profile the cache in the browser of the client. As the exchange was delivered from a search engine, no signal will be sent to the point of origin, thus the intent of the user/searcher is not known to other sources. As the exchange is validated against your certificate, the browser will trust the content to display it in attribution with the original URL. When the user clicks on the link, content will link immediately from the local cache.
Managing the signing process is pretty complex, as many details are a part of it including:
- CanSignHttpExchanges extension to the certificate
- Delivery of certificates in specific CBOR format
- OCSP stapling for ensuring the validity of the certificates
- Auto-renewal of certificates at a frequent interval
- Caching of generated signed exchanges
All these are present in Cloudflare's warehouse. Through its partnership with Google, Cloudflare has ensured that the technology is integrated simply, with the push of a button.
Signed Exchanges deliver a better user experience with cross-site prefetching. By implementing Signed Exchanges, site owners worldwide have seen significant improvement in user experience, the time they spend on the website, and Largest Contentful Paint, a core web vitals. Also, the content delivered by SXG is easy to distribute by third parties while ensuring safety of the website. The content is highly portable, which improves the offline content access experience of the user. Any website that receives a huge amount of traffic from Google Search must implement SXG to improve the page load time, and offer better experience to users.