For https://www.drupal.org/project/infrastructure/issues/3586520, the CDN needs to know if you have a valid Drupal session. We can do that with a response header. It should include both login and account “confirmed” states, so we can adjust WAF integrations to match on either.