Bypass Cloudflare cache when request has authorization header

It’s possible to create a Page Rule to bypass the cache when the request contains a certain cookie. Is there a way to also bypass the cache if the request contains an Authorization header? As token-based authorization becomes more common, it feels like this feature would be useful to many.

Include Vary: Authorization in responses.

On Business plans there is, lower plans do not have that feature.

Unfortunately not really. You could try to play with a Worker, but even there you can’t really skip the cache. You could only try to either purge the resource or change the URL so it is not a hit.

This page says “Cloudflare doesn’t consider vary values when making caching decisions.”

1 Like

Exactly, hence what I wrote :wink:

Hmm… that might explain a number of odd bugs on my site. :confused:

This topic was automatically closed after 30 days. New replies are no longer allowed.