Cached pages (Cloudflare) + CSRF Tokens?

I have a site with a large number of pages. I use Cloudflare to cache a majority of these pages. Users can login. I use javascript to add user-specific widgets to the cached pages. Certain pages allow the user to send ajax requests to update the database. In the past, for these pages, I’ve turned off caching so I can send a csrf_token in the response. But now I want to add functionality to cached pages that will allow the user to favorite the page (or an item on the page). Is there a recommended way for handling this without disabling Cloudflare caching? If possible, I’d also like to allow a visitor to register from a cached page via an ajax form.

Cache is for content that doesn’t change, anything else you try to do with dynamic content on cached pages is asking for trouble and shooting yourself on the foot.

That being said I would recommend you to give a look into turbolinks or unpoly to use or not in conjunction with Live View in order to have fast browsing around your site without the need to cache the pages you need to have dynamic content on them.

1 Like