What's the best way to cache user data?
I want to cache a JSON blob of user data to save latency on multiple-D1-query lookups. Is there a known best option for this?
I was considering the Cache API but I'm unsure if other users would be able to access values in the Cache API outside of my worker explicitly returning it.
5 Replies
The Cache API is tied to your account. As long as you use unique IDs, you should be fine
The Cache API expects a URL, though, right? So I'd be caching an ID like
/user-data/1234. Is there no risk of someone visiting <MY_DOMAIN>/user-data/1234 in order to see the cached value?
I only want the cached response to be accessible from the worker so that the worker can enforce authorization.You could just use
https://google.com/user-data/1234
The Cache API doesn't validate that you own the domain you are caching
And as long as google.com is never proxied through your account, then you will be fineYou are saying that if I did use my own domain for the Cache API request, then the response would become publicly available to anyone by hitting that URL? I just want to be clear what precautions I should be taking and what the side effects of my code are.
I believe so? But, if you use a domain that you don't control(or use a cache generated with
caches.open), then it will not be publicly accessible