Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Ismail Mayat 4511 posts 10092 karma points MVP 2x admin c-trib
    Jan 09, 2020 @ 14:25
    Ismail Mayat
    1

    Umbraco with cloudflare and form pages

    I am working on v8 site and am using cloudflare to cache everything. I have code from umbracoflare project running to invalidate caches of urls when page is published and when images are saved etc.

    One problem though is i am using umbraco forms, the forms can be added on any page. I know in cloudflare you can use page rules to ignore pages however in my case i will not know which pages will have forms.

    Has anyone come across this issue before when working with cloudflare?

    Regards

    Ismail

  • Yakov Lebski 591 posts 2347 karma points
    Jan 10, 2020 @ 03:52
    Yakov Lebski
    0

    for forms we have 2 situation: Get - to show form Post - to submit form

    In most cases get can work from cache, post alwaws works without cache. I think by deafult post is not cached in any CDN.

  • Ismail Mayat 4511 posts 10092 karma points MVP 2x admin c-trib
    Jan 13, 2020 @ 09:43
    Ismail Mayat
    100

    Yakov,

    The issue is when using umbraco forms we have anti forgery token and this causes issues when page is cached. Anyhow for now i will just ignore those pages in cloudflare

  • Chris Waddington 1 post 71 karma points
    Jul 09, 2020 @ 11:42
    Chris Waddington
    0

    Hi Ismail, I am not a developer but we are using Umbraco and Cloudflare. Can I check what you mean by "anyhow for now i will just ignore those pages in in Cloudflare."

    Are you creating a page rule for each umbraco page with a form and setting it to bypass the cache?

    Our forms appear to have been working ok but I see in the log this message An unhandled exception occurred System.Web.Mvc.HttpAntiForgeryException (0x80004005): The anti-forgery cookie token and form field token do not match. at System.Web.Helpers.AntiXsrf.TokenValidator. which I guess is bad

    Regards Chris

  • Yakov Lebski 591 posts 2347 karma points
    Jan 13, 2020 @ 15:15
    Yakov Lebski
    0

    I think anti forgery token can be controlled by machine key. the same key should work for any servers. the post operation in any case is excluded from cache.

    another solution is control cache header by server and "respect" this headers by CDN, in this scenario you can control header from code.

    the best solution in my opinion is dynamic, partial cache like this https://www.cloudflare.com/learning/cdn/caching-static-and-dynamic-content/ or just load unreachable parts via ajax

Please Sign in or register to post replies

Write your reply to:

Draft