From 179358c481c02d95115e335a30b1aad5dc26fef2 Mon Sep 17 00:00:00 2001 From: Caio Pizzol Date: Tue, 19 May 2026 15:15:21 -0300 Subject: [PATCH] docs(web): note browser_ttl: respect_origin in Cache Rule After PR #12 deployed, live Cache-Control returned max-age=14400 from Cloudflare's zone-level Browser Cache TTL default, overriding origin max-age=300. Patched the existing rule (id b85abcfdb1fa4d07a160e88f7cc4fafd) via API to add browser_ttl.mode: respect_origin. Live now serves origin max-age on HTML/metadata paths while keeping the 4-hour zone default for static assets and content-addressed raw files where it's actually desired. This commit keeps the README accurate; the Cloudflare rule itself was updated out-of-band via API. --- apps/web/README.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/apps/web/README.md b/apps/web/README.md index 37aa5b2..9ecb994 100644 --- a/apps/web/README.md +++ b/apps/web/README.md @@ -33,7 +33,13 @@ The Cache Rule is set outside this repo: - Phase: `http_request_cache_settings` - Expression: `http.host eq "docxcorp.us" and (http.request.uri.path eq "/" or http.request.uri.path in {"/dataset" "/classification" "/quality" "/download" "/types" "/topics" "/sitemap.xml" "/robots.txt" "/llms.txt"} or starts_with(http.request.uri.path, "/types/") or starts_with(http.request.uri.path, "/topics/"))` -- Action: `cache: true`, `edge_ttl.mode: bypass_by_default` (TTL driven by origin `Cache-Control`) +- Action: `cache: true`, `edge_ttl.mode: bypass_by_default`, `browser_ttl.mode: respect_origin` (both TTLs driven by origin `Cache-Control`) + +The `browser_ttl: respect_origin` setting is required because Cloudflare's zone-level Browser +Cache TTL default (4 hours) would otherwise override the origin's lower `max-age=300`. Without +it, returning visitors would cache HTML for 4 hours after each deploy. `respect_origin` keeps +the zone default in effect for paths NOT matched by this rule (favicons, og-image, raw .docx, +extracted .txt), all of which legitimately want 4-hour browser caching. The matching upload-side `Cache-Control` header (`public, max-age=300, stale-while-revalidate=3600`) is set by `deploy-site.yml` on HTML uploads and on `sitemap.xml`/`robots.txt`/`llms.txt`. Keep the