It seems to me that a key requirement for this attack is that both the attacker and the victim load the same link, that is, that the attacker knows the URL the victim is going to load. If Signal/Discord created a different link to be given to the victim, and never shared it with the attacker, this attack wouldn't work.

That could be as simple as adding some extra pseudo-random parameters to the URL which will be ignored by the origin (but honored by the caches), or as complex as creating a completely separate URL for the receiver of the message, and somehow giving it to the receiver without giving it to the sender (easy on Discord, harder on Signal due to its end-to-end nature).