Disabling Automatic HTTPS Rewrites doesn't disable links rewrite when the domain is proxied by CF


We are hosting a file upload/download service on our api that is proxied by cloudflare. Some of customers upload documents as html files. We discovered recently that some of the files that we return from our api aren’t binary identical from the ones that are stored on our backend. Thoses files had an http:// address that were rewritten by cloudflare to https://. We solved partially the issue with deactivating the Automatic HTTPS Rewrites on our api endpoint. When I say partially I mean, there is still addresses that are automatically changed from http:// to https:// and it seems that those adresses are domains that are proxied by cloudflare…

My question: is there a way to disable any html alteration from CF on my api route?

Could this be a redirect performed by Chrome (and other browsers)?

Please see::

Hmm I don’t think this is related to universal SSL. My endpoint has to be protected by cloudflare Universal SSL, the issue I’m having is related to an HTML file that is proxied by cloudflare. That file, even if I’m fetching it from Postman get changed between my origin server and Postman by CF. Some of the http:// queries that are in the file that is fetched are changed from http to https. Those links are to domain that are proxied by CF.

1 Like