Unwanted Cloudflare caching of invoice previews #51
Loading…
Reference in New Issue
Block a user
No description provided.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
For whatever reason, Cloudflare is caching event invoice previews as non-private, so that an unauthenticated user can see the contents. Unauthenticated user must know the event id, and make the request within the cache ttl after an authenticated user requests the preview. Not sure if this is Cloudflare not respecting cache-control, or Django not setting it correctly.