My backend application sends Cache-Control headers so that NGINX and the browser can cache responses.
I would like CloudFlare to not cache these responses. This is because they may have non-public information and while NGINX is cookie-aware when caching, CloudFlare is not (at least not on the free or pro plan)
Essentially I want NGINX to see this so that it caches the response:
Cache-Control: public, max-age=x
(This is what my backend app sends)
And for CloudFlare and the browser to see: (So the browser caches the response, but CloudFlare wont because it is private)
Cache-Control: private, max-age=x
e.g. CloudFlare should always MISS on these requests, but possibly HIT when it gets to nginx.
I think this could be accomplished if NGINX could replace "public" with "private", or recreate the header is the "max-age" variable could be captured. It could also be done if my app sends "private", but NGINX is instructed to cache private responses anyways. I have not been able to find a way to do either however.