CD
Cloudflare Developers2w ago
Collin22

Caching & public data exposed

Hi I am trying to migrate my site to cloudflare pages using @Cloudflare/next-on-pages and switching to the nextjs edge runtime. I am having issues with what I assume is nextjs internal caching / cloudflare caching my site. Some users are able to see the wrong data / sensitive data of other users I export the following config on all of my site pages: 
export const runtime = 'edge';
export const dynamic = 'force-dynamic';
export const fetchCache = 'force-no-store';
export const runtime = 'edge';
export const dynamic = 'force-dynamic';
export const fetchCache = 'force-no-store';
and I have middleware.ts setup to disable cache control 
const response = NextResponse.next({
        request: {
            headers: reqHeaders,
        },
    });
    response.headers.set('Cache-Control', 'no-store');
    return response;
const response = NextResponse.next({
        request: {
            headers: reqHeaders,
        },
    });
    response.headers.set('Cache-Control', 'no-store');
    return response;
When the cache hits for a page, it returns this (reference image) instead of actually rendering the page. if you scroll down it returns data that should be locked behind auth but is not. this page should be rendered using react server components but instead gives this. i assume i have configured something wrong.
No description
2 Replies
Collin22
Collin22OP2w ago
No description
Collin22
Collin22OP2w ago
i've got a testing environment on a subdomain that i can't reproduce any of these issues on, only when i deploy to my prod site when i've attempted to deploy on my prod site i've had users say they can see data they shouldn't be able to see for their user, which i believe is due to this caching. i'd like to migrate to cloudflare pages but i can't until i get this sorted out ended up completely disabling cf caching

Did you find this page helpful?