Can Fail open mode leak my files?

For Workes & Pages, what is the name of the domain?

example.com

What is the issue or error you’re encountering

See below

What steps have you taken to resolve the issue?

If “Fail open” mode (Pricing | Cloudflare Pages docs) is active, I understand from the documentation that my _worker.js file would not be seen
as a static asset, but what about if my _worker.js file imports some others files? Is _routes.json still respect in this case? Here is an example:

  • _routes.json → content below
  • _worker.js → imports files from server/*.mjs
  • server/*.mjs → some files imported by _workers.js

_routes.json

{
  "version": 1,
  "include": [
    "/*"
  ],
  "exclude": [
    "/assets/*"
  ]
}

In this case, in “fail open” mode, can the content of server folder be visible, or does it still respect _routes.json?