Update CDN Config to obey auth-token for secured content routes

Question

Update CDN Config to obey auth-token for secured content routes

Tylopilus opened this issue 3 years ago · 1 comments

Expected Behaviour

when logged in as asmith I want to be able to click on the 'members only' articles and view them

Actual Behaviour

The articles are not clickable as the page is still served from CDN instead of dispatcher while being logged in. Only way is to force a soft purge with
curl -X PURGE -H "Fastly-Soft-Purge:1" https://wknd.site
or to append an uncached parameter.

If a logged in user renews the cache, then the links to the restricted pages are working as expected. Since the new page with links has been cached, logged out users can also see the links.

Reproduce Scenario (including but not limited to)

go to https://wknd.site/us/en/magazine.html
log in with asmith:asmith
Try to click the links to the restricted articles

Platform and Version

Current live site https://wknd.site

Answer 1 · 2022-01-06T19:44:21.000Z

Thanks for reporting @Tylopilus!