CDN-Loop proxy request
Detects infinite request loops between CDN nodes — each CDN appends its identifier so loops are caught before they spiral.
What it does
CDN-Loop detects infinite request loops between CDN nodes. When a CDN receives a request, it checks for its own identifier in CDN-Loop. If it finds itself, the request is looping — the CDN returns a 508 Loop Detected error and stops. If it doesn't find itself, it appends its identifier and forwards the request.
It's HTTP's Via header concept, but specifically designed for CDN loop detection with cleaner semantics.
Syntax
CDN-Loop: <cdn-identifier>
CDN-Loop: <cdn1-identifier>, <cdn2-identifier>
Identifiers are opaque strings chosen by each CDN vendor:
CDN-Loop: cloudflare
CDN-Loop: Fastly
CDN-Loop: cloudflare, Fastly
How loop detection works
Request arrives at CDN A:
1. Check CDN-Loop for "CDN-A-identifier"
2. Not found → append "CDN-A-identifier" → forward request
CDN-Loop: CDN-A-identifier
Request arrives at CDN B:
1. Check CDN-Loop for "CDN-B-identifier"
2. Not found → append "CDN-B-identifier" → forward request
CDN-Loop: CDN-A-identifier, CDN-B-identifier
Request arrives back at CDN A (loop!):
1. Check CDN-Loop for "CDN-A-identifier"
2. FOUND → return 508 Loop Detected
When loops happen
CDN loops are almost always caused by misconfiguration in multi-CDN setups or origin pull configurations:
Scenario 1: CDN origin points back to itself
CDN edge → CDN origin pull → CDN edge (loop)
The CDN is configured to pull from its own domain.
Scenario 2: Two CDNs pointing at each other
CDN A → origin (which is CDN B) → origin (which is CDN A) → loop
Scenario 3: Cloudflare in front of itself A Cloudflare zone configured with an origin that is itself proxied through Cloudflare. Surprisingly common.
Cloudflare's use of CDN-Loop
Cloudflare uses CDN-Loop: cloudflare specifically. When you see 508 Loop Detected from Cloudflare with this header, your origin is routing back through Cloudflare instead of directly to your server.
Common fix: ensure your Cloudflare origin is set to your server's direct IP, not the domain that resolves to Cloudflare's proxy IP.
CDN-Loop vs Via
Via tracks all proxy hops for general loop detection and debugging. CDN-Loop is specifically for CDN-to-CDN loop detection with a cleaner format designed for automated processing. They complement each other — Via for human debugging, CDN-Loop for automated loop prevention.
Real-world examples
Legitimate multi-CDN chain (no loop):
GET /resource HTTP/1.1
CDN-Loop: primary-cdn
# primary-cdn forwarding to secondary-cdn:
CDN-Loop: primary-cdn, secondary-cdn
Loop detected:
GET /resource HTTP/1.1
CDN-Loop: cloudflare, fastly, cloudflare
HTTP/1.1 508 Loop Detected
CDN-Loop: cloudflare, fastly, cloudflare
FAQ
Can I set CDN-Loop in my application?
You shouldn't. CDN-Loop is set and read by CDN infrastructure, not application code. If your app is setting it, something is very wrong with your request routing.
What's the 508 response look like?
HTTP/1.1 508 Loop Detected
Content-Type: text/html
Loop detected. Please check your CDN origin configuration.
Cloudflare typically returns error 1000 or similar with a description of the loop.
Fun fact
RFC 8586 (CDN-Loop) was published in April 2019, written almost entirely by engineers from Fastly and Cloudflare. The impetus was a specific class of support tickets both companies were fielding: customer misconfiguration creating infinite CDN loops that were expensive to detect and diagnose. The header costs almost nothing to implement (just string append + search) and completely eliminates an entire category of "why is my CDN returning 508s" support escalations. One of those rare standards that exists purely to solve a painful operational problem.