we're still unsure what might be causing this, but we'll be updating to 0.19.9 soon. maybe that'll fix this issue.
this post was submitted on 10 Feb 2025
18 points (100.0% liked)
Lemmy.world Support
3293 readers
234 users here now
Lemmy.world Support
Welcome to the official Lemmy.world Support community! Post your issues or questions about Lemmy.world here.
This community is for issues related to the Lemmy World instance only. For Lemmy software requests or bug reports, please go to the Lemmy github page.
This community is subject to the rules defined here for lemmy.world.
To open a support ticket
You can also DM https://lemmy.world/u/lwreport or email [email protected] (PGP Supported) if you need to reach our directly to the admin team.
Follow us for server news π
Outages π₯
https://status.lemmy.world
founded 2 years ago
MODERATORS
this reply is deeply concerning.
we're not running any modifications that would impact caching and we don't have any custom caching logic. we're only caching what lemmy/lemmy-ui return as cacheable, which suggests that the issue is likely in one of those services, however, i couldn't find it in either one.
it's also rare enough that it's extremely difficult to troubleshoot, as we see people report this maybe once or twice every few months but without any useful information that would allow us to look into this further than trying to find bugs in related code just from the general symptom of seemingly invalid cache.
additionally, the impact of this should be fairly low, as, unless this somehow impacts private messages as well, no data would be returned that isn't already otherwise public. with this seemingly "just" being a caching issue, there is also no risk at impersonating other users.
nonetheless i agree that this should not be happening in the first place, even if it's rare and the impact appears limited.
There's a reason recommendations nowadays are to use other instances than LW. Being the largest instance brings some unique situations.
that has nothing to do with this issue.
Ah then sorry, I misread your other comment about
just seeing it more frequently due to a larger number of users
It happens 10x less often on other instances that have 10x fewer people.
Not that hard to figure out, unless you have an agenda you're trying to push.
For people reading this and wanting to know more about the agendas Serinus and I are pushing: https://lemmy.dbzer0.com/post/37200740/16522834
Oh, happy cake day!
Sounds like a caching issue. If you were logged in as them, profile would work. Feels like it's caching personalised sections, which it should not.
I already followed various code paths to try and see where Lemmy might be setting incorrect caching headers without finding anything and nothing in the relevant code seems to have been changed between 0.19.3 and newer 0.19 releases.
I'm still unsure if we're just seeing it more frequently due to a larger number of users and us also having a "proper" caching setup and in practice it would happen on other instances as well or whether it's somehow something that others just don't see due to not being on 0.19.3.
Hmm... I don't know what would be causing this particular issue on the Cloudflare side, but the fact that lemmy.world shows @[email protected] instead of usernames when viewed with JS disabled suggests that you should review your Cloudflare configuration... At a minimum you have their email filter enabled when it shouldn't be; there could be other issues too.
why shouldn't the email filter be enabled?
I have to admit that it doesn't do much for us, as the support emails we have in sidebars and posts are unfortunately federated to other instances where they're not getting obfuscated and will be crawled there, but we do have contact emails on the website. I'm currently not aware of any issues caused by that.
It breaks readability of your site without JS. That's particularly bad for the "old" (mlmym) UI which would otherwise be usable for basic interaction without JS entirely, but I find it annoying every time I end up loading a page from lemmy.world directly -- e.g. to check federation.
That's one of the reasons why I'm on reddthat instead of lemmy.world: old.reddthat.com works without JS.
I've been seeing this for as long as I've been using Lemmy, I assumed it was just some known bug in the code.
I have seen this on lemm.ee for the past year. Itβs rare but happens
glad to at least have confirmation that this isn't just us, thanks!
do you remember whether this has still been happening while lemm.ee was on lemmy 0.19.5 or 0.19.8?
I have not seen it for a while. I have not seen it for about 6 months. You may want to reach out to Sunaurus over at Lemm.ee to see if he has any info about it.
We could maybe open a thread somewhere to try to get additional evidence.
I was thinking about [email protected] , but that would probably get removed as a support question.
Maybe [email protected] ?
That's a recurring bug on LW for some reason