When one wordpress user tries to load our home page signed in, they get a download file of the html document. Opening the file, its basically an html doc with the follwing header inserted at the top (pasted below_)
It seems to be a Cloudflare issue. I cut a couple of long strings and noted it below, and you can see where the html document starts as normal, after which i snipped.
Can anyone think of an issue that is causing this to happen? seems to only happen on Chrome. It seems to not recognize the start as a header or certificate or something, and to think it should be downloaded instead loaded as an html page
sxg1-b3,äxsig;sig=* [ super long signature string cut here ]=*;validity-url=“.msg.validity”;date=1655816596;expires=1655830996≥CageC165DdateXTue, 21 Jun 2022 14:03:16 GMTDvaryX1Accept-Encoding, Accept-Encoding, Accept-EncodingFcf-[another string cut here]=FserverJcloudflareG:statusC200Gx-cacheDMISSIexpect-ctXWmax-age=604800, report-uri="report-uri/Cloudflare/com/cdn-cgi/beacon/expect-ct"Jcf-apo-viaFtcacheKx-cacheableCbotLcontent-typeXtext/html; charset=UTF-8Lx-powered-byIWP EngineMcache-controlXmax-age=10800, must-revalidateMcf-edge-cacheXcache,platform=wordpressMlast-modifiedXTue, 21 Jun 2022 14:00:04 GMTMx-cache-groupCbotOcf-cache-statusCHITPcontent-encodingLmi-sha256-03@<!doctype html>
I’ve had three reports today of the same issue affecting some users of my site. Seems to only affect our homepage in Chrome, tested Chrome 102 & 103 on Android & Windows.
I can’t reproduce it personally. My region also wasn’t affected by last night’s Cloudflare outage. Maybe this is related?
We’re experience the same problems with our websites (non-wordpress). I’m personally not able to reproduce this but a college was able to but after removing all the browser cookies the website behaved normal again. Also purging the Cloudflare cache seems to solve it (at least for a couple of hours).
I came across the following, Automatic-Signed-Exchanges-SXGs. We’ve currently disabled the option hoping this will fix the problem but we’re not sure.
We’re not on Wordpress or PHP or using any caching/compression plugins (just gzip). We’re serving a CGI site from Nginx/cgd. No recent changes in relevant configuration.
Some of our users are able to solve this issue by logging out of our site and others are not. We’ve tried purging cache and logging everyone out of our site, no luck.
We reached out to Cloudflare and they asked us for an HAR file to troubleshoot, but unfortunately we haven’t been able to find a cooperate user that’s experiencing this issue yet.
Thanks for raising this - what is happening here is a browser bug that we’re preparing a fix for on our side. The unusual response you’re seeing is actually a valid Signed Exchange (SXG) response, but the browser isn’t parsing it correctly.
The fix is gradually rolling out, but for now if this is causing you a problem please disable the Automatic Signed Exchanges (SXGs) feature under your website speed settings here:
I can confirm having the same issue on my WP site with CF PRO. Disabling SXG fixed the issue for now, so I hope it will not show up again.
I am only sad that I reported it with all the information and screenshots to the support. But still got an aswer that they need more info…even if I said that I give all I have. Thats not a great support on paid tier of CF
I’ve confirmed that a fix for this has rolled out completely now - if you had previously disabled Automatic Signed Exchanges (SXG) you can now safely re-enable.
