cloudflare
diff --git a/‎src/content/docs/cache/how-to/cache-response-rules/create-api.mdx‎
Lines changed: 243 additions & 0 deletions b/‎src/content/docs/cache/how-to/cache-response-rules/create-api.mdx‎
Lines changed: 243 additions & 0 deletions
diff --git a/‎src/content/docs/cache/how-to/cache-response-rules/create-dashboard.mdx‎
Lines changed: 33 additions & 0 deletions b/‎src/content/docs/cache/how-to/cache-response-rules/create-dashboard.mdx‎
Lines changed: 33 additions & 0 deletions
diff --git a/‎src/content/docs/cache/how-to/cache-response-rules/index.mdx‎
Lines changed: 58 additions & 0 deletions b/‎src/content/docs/cache/how-to/cache-response-rules/index.mdx‎
Lines changed: 58 additions & 0 deletions
@@ -0,0 +1,243 @@
+---
+title: Create a rule via API
+pcx_content_type: how-to
+sidebar:
+  order: 4
+head:
+  - tag: title
+    content: Create a Cache Response Rule via API
+---
+
+import { Details, APIRequest } from "~/components";
+
+Use the [Rulesets API](/ruleset-engine/rulesets-api/) to create a Cache Response Rule via API. To configure the Cloudflare API, refer to the [API documentation](/fundamentals/api/get-started/).
+
+## Basic rule settings
+
+When creating a Cache Response Rule via API, make sure you:
+
+- Set the rule action to one of the [available actions](/cache/how-to/cache-response-rules/settings/#available-actions).
+- Define the parameters in the `action_parameters` field according to the [settings](/cache/how-to/cache-response-rules/settings/) you wish to configure for matching responses.
+- Deploy the rule to the `http_response_cache_settings` phase entry point ruleset.
+
+## Procedure
+
+1. Use the [List zone rulesets](/api/resources/rulesets/methods/list/) method to check if a ruleset already exists for the `http_response_cache_settings` phase.
+2. If the phase ruleset does not exist, create it using the [Create a zone ruleset](/api/resources/rulesets/methods/create/) operation. In the new ruleset properties, set the following values:
+   - kind: `zone`
+   - phase: `http_response_cache_settings`
+3. Use the [Update a zone ruleset](/api/resources/rulesets/methods/update/) operation to add rules to the ruleset. Alternatively, include the rules in the [Create a zone ruleset](/api/resources/rulesets/methods/create/) request mentioned in the previous step.
+
+## Example requests
+
+These examples set all the Cache Response Rules of a zone to the rules included in the request. Using these examples directly will cause any existing rules in the phase to be replaced.
+
+<Details header="Example: Strip response headers from JS files before caching">
+
+<APIRequest
+  path="/zones/{zone_id}/rulesets/phases/http_response_cache_settings/entrypoint"
+  method="PUT"
+  json={{
+    rules: [
+      {
+        expression: 'http.request.uri.path.extension eq "js"',
+        description: "Strip caching headers from JS files",
+        action: "set_cache_settings",
+        action_parameters: {
+          strip_etags: true,
+          strip_set_cookie: true,
+          strip_last_modified: true
+        }
+      }
+    ]
+  }}
+  roles={false}
+/>
+
+</Details>
+
+<Details header="Example: Set static cache tags on API responses">
+
+<APIRequest
+  path="/zones/{zone_id}/rulesets/phases/http_response_cache_settings/entrypoint"
+  method="PUT"
+  json={{
+    rules: [
+      {
+        expression: 'http.request.uri.path starts_with "/api/"',
+        description: "Tag API responses for targeted purging",
+        action: "set_cache_tags",
+        action_parameters: {
+          operation: "set",
+          values: ["api-response", "dynamic-content"]
+        }
+      }
+    ]
+  }}
+  roles={false}
+/>
+
+</Details>
+
+<Details header="Example: Add cache tags from a response header using an expression">
+
+<APIRequest
+  path="/zones/{zone_id}/rulesets/phases/http_response_cache_settings/entrypoint"
+  method="PUT"
+  json={{
+    rules: [
+      {
+        expression: 'any(http.response.headers.names[*] == "Surrogate-Keys")',
+        description: "Extract cache tags from alternative CDN response header",
+        action: "set_cache_tags",
+        action_parameters: {
+          operation: "add",
+          expression: 'split(http.response.headers["Surrogate-Keys"][0], ",", 1)'
+        }
+      }
+    ]
+  }}
+  roles={false}
+/>
+
+</Details>
+
+<Details header="Example: Set max-age and remove stale-if-error">
+
+<APIRequest
+  path="/zones/{zone_id}/rulesets/phases/http_response_cache_settings/entrypoint"
+  method="PUT"
+  json={{
+    rules: [
+      {
+        expression: "http.response.code eq 200",
+        description: "Override cache-control for successful responses",
+        action: "set_cache_control",
+        action_parameters: {
+          "max-age": {
+            operation: "set",
+            value: 3600,
+            cloudflare_only: true
+          },
+          "stale-if-error": {
+            operation: "remove"
+          }
+        }
+      }
+    ]
+  }}
+  roles={false}
+/>
+
+</Details>
+
+<Details header="Example: Set private directive with qualifiers">
+
+<APIRequest
+  path="/zones/{zone_id}/rulesets/phases/http_response_cache_settings/entrypoint"
+  method="PUT"
+  json={{
+    rules: [
+      {
+        expression: 'http.request.uri.path starts_with "/user/"',
+        description: "Mark user content as private",
+        action: "set_cache_control",
+        action_parameters: {
+          "private": {
+            operation: "set",
+            qualifiers: ["X-User-Id", "X-Session-Token"]
+          },
+          "no-cache": {
+            operation: "set"
+          }
+        }
+      }
+    ]
+  }}
+  roles={false}
+/>
+
+</Details>
+
+<Details header="Example: Set immutable for static font assets">
+
+<APIRequest
+  path="/zones/{zone_id}/rulesets/phases/http_response_cache_settings/entrypoint"
+  method="PUT"
+  json={{
+    rules: [
+      {
+        expression: 'http.request.uri.path.extension in {"woff2" "woff" "ttf"}',
+        description: "Mark fonts as immutable",
+        action: "set_cache_control",
+        action_parameters: {
+          "immutable": {
+            operation: "set"
+          },
+          "max-age": {
+            operation: "set",
+            value: 31536000
+          }
+        }
+      }
+    ]
+  }}
+  roles={false}
+/>
+
+</Details>
+
+<Details header="Example: Multiple rules — strip headers, tag responses, and set cache control">
+
+<APIRequest
+  path="/zones/{zone_id}/rulesets/phases/http_response_cache_settings/entrypoint"
+  method="PUT"
+  json={{
+    rules: [
+      {
+        expression: 'http.response.code eq 200 and http.request.uri.path.extension eq "html"',
+        description: "Strip tracking headers from HTML responses",
+        action: "set_cache_settings",
+        action_parameters: {
+          strip_etags: true,
+          strip_set_cookie: true
+        }
+      },
+      {
+        expression: 'http.request.uri.path starts_with "/products/"',
+        description: "Tag product pages for purging",
+        action: "set_cache_tags",
+        action_parameters: {
+          operation: "add",
+          values: ["product-catalog", "storefront"]
+        }
+      },
+      {
+        expression: "http.response.code eq 200",
+        description: "Set cache control for all 200 responses",
+        action: "set_cache_control",
+        action_parameters: {
+          "s-maxage": {
+            operation: "set",
+            value: 86400,
+            cloudflare_only: true
+          },
+          "must-revalidate": {
+            operation: "set"
+          }
+        }
+      }
+    ]
+  }}
+  roles={false}
+/>
+
+</Details>
+
+## Required API token permissions
+
+The API token used in API requests to manage Cache Response Rules must have the following permissions:
+
+- *Zone* > *Cache Rules* > *Edit*
+- *Account Rulesets* > *Edit*
+- *Account Filter Lists* > *Edit*
@@ -0,0 +1,33 @@
+---
+pcx_content_type: how-to
+title: Create a rule in the dashboard
+sidebar:
+  order: 3
+head:
+  - tag: title
+    content: Create a Cache Response Rule in the dashboard
+---
+
+import { Render, DashButton } from "~/components";
+
+1. In the Cloudflare dashboard, go to **Cache** > **Cache Rules**.
+
+   <DashButton url="/?to=/:account/:zone/caching/cache-rules" />
+
+2. Select the **Cache Response Rules** tab.
+3. Select **Create rule**.
+
+4. Enter a descriptive name for the rule in **Rule name**.
+5. Under **When incoming requests match**, select **All incoming requests** if you want the rule to apply to all traffic or **Custom filter expression** if you want the rule to only apply to traffic matching the custom expression.
+6. If you selected **Custom filter expression**, define the [rule expression](/ruleset-engine/rules-language/expressions/edit-expressions/#expression-builder). Use the **Field** drop-down list to choose an HTTP property and select an **Operator**. Both request fields (such as URI path or hostname) and response fields (such as response status code or response headers) are available for matching. Refer to [Available settings](/cache/how-to/cache-response-rules/settings/) for the full list of available fields and operators.
+
+   :::note
+   Rules can be further customized by using the **Edit expression** option. You can find more information in [Edit expressions in the dashboard](/ruleset-engine/rules-language/expressions/edit-expressions/).
+   :::
+
+7. Following the selection of the field and operator, enter the corresponding value that will trigger the Cache Response Rule. For example, if the selected field is `Hostname` and the operator is `equals`, a value of `example.com` would mean the rule matches any request to that hostname.
+8. Under **Then**, select the action you want to apply. Refer to [Available settings](/cache/how-to/cache-response-rules/settings/#available-actions) for the list of available actions and their parameters.
+9. Under **Place at**, from the dropdown, you can select the order of your rule. From the main page, you can also change the order of the rules you have created.
+10. To save and deploy your rule, select **Deploy**. If you are not ready to deploy your rule, select **Save as Draft**.
+
+   <Render file="rules-creation-dash-dns-popup" product="rules" />
@@ -0,0 +1,58 @@
+---
+title: Cache Response Rules
+pcx_content_type: concept
+sidebar:
+  order: 2
+---
+
+import { FeatureTable, InlineBadge, Render } from "~/components";
+
+Cache Response Rules <InlineBadge preset="beta" /> allow you to configure cache settings based on the **response** from the origin server, rather than only the incoming request. These rules execute in the `http_response_cache_settings` phase, which runs after Cloudflare receives the origin response, giving you access to both request and response fields for rule matching.
+
+With Cache Response Rules you can:
+
+- Strip specific headers (ETags, Set-Cookie, Last-Modified) from origin responses before caching.
+- Add, remove, or set cache tags on responses for targeted [cache purging](/cache/how-to/purge-cache/).
+- Modify Cache-Control header directives in the origin response.
+
+Cache Response Rules apply to both cached and non-cached (dynamic) responses from the origin. For example, you can strip Set-Cookie headers from responses that are not eligible for caching.
+
+Cache Response Rules can be created in the [dashboard](/cache/how-to/cache-response-rules/create-dashboard/), via [API](/cache/how-to/cache-response-rules/create-api/), or [Terraform](/cache/how-to/cache-response-rules/terraform-example/).
+
+:::note
+
+Cache Response Rules require that you [proxy the DNS records](/dns/proxy-status/) of your domain (or subdomain) through Cloudflare.
+
+:::
+
+## Availability
+
+The following table describes Cache Response Rules availability per plan.
+
+<FeatureTable id="cache.cache_rules" />
+
+<Render
+	file="troubleshoot-rules-with-trace"
+	product="rules"
+	params={{ rulesFeatureName: "Cache Response Rules" }}
+/>
+
+## Relationship with Cache Rules
+
+Cache Response Rules operate on the origin response, while [Cache Rules](/cache/how-to/cache-rules/) operate on the incoming request. When settings from both rule types conflict, Cache Response Rules take precedence.
+
+Key differences:
+
+- **Cache eligibility** — Cache Rules remain the only mechanism to decide whether content is eligible for caching. However, Cache Response Rules can make a cacheable asset non-cacheable by setting the `no-store` directive using the `set_cache_control` action.
+- **Origin Cache Control (OCC)** — If any rule in the `http_response_cache_settings` phase matches, Cloudflare defaults to Origin Cache Control behavior (`origin_cache_control = true`).
+- **Stacking** — Cache Response Rules stack the same way as Cache Rules. When multiple rules specify the same setting, the last matching rule wins.
+
+### Example: OCC precedence over Edge TTL
+
+Consider the following scenario:
+
+1. A Cache Rule sets **Edge TTL** to `override_origin` with a value of `7200` seconds (2 hours).
+2. A Cache Response Rule uses `set_cache_control` to set `s-maxage` to `3600` seconds (1 hour) with `cloudflare_only` enabled.
+3. The origin responds with `Cache-Control: s-maxage=600`.
+
+In this case, the Cache Response Rule takes precedence. Cloudflare caches the asset for `3600` seconds (1 hour) based on the `s-maxage` directive set by the Cache Response Rule, while visitors still receive the original `s-maxage=600` from the origin because `cloudflare_only` is enabled.