ToS and non-HTML content
So... because the conversation around the ToS has come up again when it comes to images/videos and other "non-HTML" content, I have contacted legal, and as long as you use any of the Cloudflare Development platform products to either store or process them, you are not bound by 2.8 of the general Terms of Service, but by the supplemental terms, which does allow serving of non-HTML content.
So it is possible to use KV to store images and workers to serve them.
What isn’t 100% clear right now is if you can use the Cache API to cache such content.
I am following up with legal to hopefully make that more clear in the next
37 Replies
So its possible to cache images but not video? Because as multiple people have shown caching video results in being shown a link to questions about TOS can try to find the exact link.
And storing is good for both.
Well, it is entirely possible that our technical implementation does not line up with our legal guidance.. which would be a bug. I am sitting down with someone from legal soon. So if you have that link, that would be amazing 🙂
Yea someone in the R2 channel was stating they were using R2 + Worker (w/ no caching) and their videos were still getting restricted: https://discord.com/channels/595317990191398933/940663374377783388/1003439298726600704
Don't think it ever got resolved
Theres a few links I have seen one of them is this: https://www.cloudflare-terms-of-service-abuse.com/ (which even shows video redirection site as if its not allowed to even store video period) looking for the other link now
Yup that was the one that Chaika linked specifically: http://cfl.re/tos
Oh great @chaika.me.. that is perfect. Yeah, let me verify the legality first (which I am pretty certain should be). And once that is done we can talk to the Cache team to see what would need to change to make it possible.
Right now it is probably a blanket "no video for you unless you are an enterprise customer" check.. but we would need to figure out where the video is coming from.
Probably won't be the easiest thing to fix, so it might take a while, but I'll get the ball rolling
It'd be really nice to have the TOS Updated and automatic restriction of videos fixed. There has been a lot of confusion about this, from the CEO of Cloudflare claiming it was allowed on hackernews and saying the TOS would be updated ~1 year ago, to the R2 team saying it would be fine to serve video but not cache it, and videos still being blocked.
Three layers: What the TOS says, what Cloudflare employees say what is actually restricted, and what automatic video restriction service does, seem to be in disagreement. It would be extremely helpful to get it updated in TOS and finally end the confusion on it, and make a lot of different ideas possible for devs. 
Just curious are you able to find that post on HN of the CEO saying it would be updated? Curious to see that
Parent comment was: https://news.ycombinator.com/item?id=28682885
Strom
Yes but you can only use B2 via CloudFlare for web pages. Using it as a data storage platform isn't allowed. Unless of course you're willing to pay handsomely via an enterprise contract, but then the pricing changes.Use of the Services for serving video or a disproportionate percentage of pictures, audio files, or other non-HTML content is prohi...
Hacker News
thanks I was trying to figure out how to get that HN is so confusing to me 😅
The TOS has been updated, it says you can use the Developer Platform to serve non-HTML content.
It might not be too clear how that involves non-dev platform components like Cache. I hope to get that clarified in the terms either way.
And yes, there is the technical implementation which might be too restrictive at this time.
But like I said, I am working on figuring it out and potentially getting the TOS updated to make it more clear.
It is certainly possible to store + serve content with just Dev Platform things like KV, R2, Workers etc.
Ah ok, my bad, I misunderstood a bit. Thanks for working on that, eager to see when you get that figured out and the TOS/auto restrictions updated
Btw, I edited my original message to make it clearer that the Cache API status isn’t entirely sure.
That is in the context of images, not video. Pretty sure that Matthew is across ToS updates anyway. And it isn't just what Matthew wants to be allowed, but also what is very much possible to be allowed 😄
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
I'm not capable of saying anything with certainty but the way I see it, the way videos are loaded by a client is much more unique, using multiple range requests to "buffer" the content, and a CDN would be expected to save all of those individual small range pieces which might be more of a strain than simply storing a file. And rather than forbidding range requests, it's easier to distinguish video because it's the leading source of them.
Just my theory though
Good question, I'm not 100% sure. it's possible there's some extra overhead for the cache infra dealing with range requests, especially since each browser seems to pick different length ranges so whats cached for one might not work for another unless the ranges are stored in a more intelligent method
from my side the question is whether I can enable cache in front of a public bucket containing UGC (of any/all kinds, so it might contain json files, binary files, images, small videos, etc, but cf should not be interpreting the content as anything other than "binary blob to be delivered to the application")This is honestly a really valid concern, I'd like to see some kind of verdict on that is the HN answer the one from matthew a few years ago?
We will eventually figure out the correct answer because it will be from legal the people who actually make the rules 😛
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
What does "free" accounts mean in this context?
for example if I have a free zone but paid workers plan is this "free"
or paid zone but free workers is this "free"
or only free on both considered "free"
They should reach out as instructed by alycabral and see if anything can be done
I don't work there so I can't guarantee anything, but this is the impression I get from my understanding and from seeing it happen
Typically cf things that classify users as free accounts or not only look at the zone plan
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
fixed 😛
rip 4 cats, sorry
Wait how'd you get rid of a reaction?
Oh woah, didn't know you can do that.
Theres no generic here... Regular ToS says that you can share HTML content, and the Supplementary ToS for Developer Platform can share Non-HTML content, that is everything else... What are you expect here? They are basic saying that you can distribute anything. Except of course things that are ilegal.
Make no diference if JSON are considered non-html content (tip: it is), because they are allowed on the developer platform.
Yeah ToS 2.8 is being overridden by the supplemental terms when using workers/r2/kv. 2.8 still applies for everything else (unless a specific something else happens to have a supplemental term that overrides it also).
But if you want to be sure for a specific use case that you arent clear on might be better to get a lawyer involved or try and talk with CF about it 🤷
There is nothing on the bucket but it still shows 94MB, and it is not letting me delete the bucket too.
This is a case of unfinished multipart uploads. You can either use a tool such as
rclone to delete them manually, or they will be deleted automatically in a few days.
Also this is KV... I think you want the #r2 channelSorry selected wrong channel
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
I can confirm the second at least. It's completely allowed (been stated several times here by employees so certain).
Not sure about the first.
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
The comments on this thread are accurate. It's just that the automated detection sometimes picks up R2 as non-legitimate. Once they manage to contact support it'll get straightened out.
Unknown User•3y ago
Message Not Public
Sign In & Join Server To View
is it possible to be allowedlisted before encountering a potential restriction, or is this perhaps no longer an issue?
we have a major news agency using our service, who might go live with a story using our system in the next couple of days. it would be amazing if it was possible to be allowedlisted before rather than after the traffic spike
Can you raise this as a support ticket so I can see what we can do for you?
thank you for the follow-up! I've created a ticket - #2715618 🙂
Looks like the bot got upset and wants you to reply to reopen it - I reopened it manually though
ah, thank you! 🙏
our client went live today! so far so good 🙂