alt Hacker NewsI guess one possible fix would be for cloudflare to implement an option to disable the x-cache header for unauthorised users. This way Signal devs could still check their setup by sending authentication headers.
But it would solve the issue completely because you could always check the response time. Probably Signal should disable caching. I guess it's rare for someone to repeatedly download an attachment. Once it's there it's there. For grouped conversations it could be an issue though.
Not sure it's so rare. A large number of group chats will have people in the same area. For me it's the vast majority: family chat, groups of old classmates or flatmates are mostly in the same country, work chats too... I can think of one exception where a group member will consistently be hitting a different Cloudflare node from everyone else, but for everyone else, every time I send a picture into a group chat the caching will save traffic