Google cloud storage modifies javascript file based on request location

0
votes

i'm using a Google Cloud Storage regional bucket to host my javascript files. They were working fine worldwide before, but now they are only working when accessed from regional ips (South American), and international IPs get a slightly modified javascript file.

The bucket has no versioning, and the file is hashed, so it was only uploaded once.

The file in question can be accessed by this link: https://www.googleapis.com/download/storage/v1/b/hassets/o/all%2FViewer-7315d2224c220a45ad8e.js?generation=1530894418059107&alt=media

When accessed via South American IPs (where the bucket is located), it will have the following string once: closeAfter(500)()

But when accessed elsewhere this string will be modified to: closeAfter(500)(,"gl"), thus breaking the script.

Is this supposed to happen? Is there any way for me to fix it?

1
google-cloud-platformgoogle-cloud-storage
It may sound typical, but, could you try accessing in an incognito window? Also, when did this issue started? Have you made any change in GCS? (Bucket configuration and so on). Also, over how many regions do you have this issue? - amport
Hi, I finally got to fix the issue, it appears that all the web-proxies I was using to test this were adding chars to javascript files for some reason, and my customer that was having the problem in US was because of a unrelated Safari issue. - Felipe
Thanks for the comment! If possible (skipping any private information/steps that may happen, of course), could you post this as an answer? It looked like an interesting issue. - amport

1 Answers

0
votes

By default, anonymously-readable GCS objects have a caching policy on them, allowing Google and other intermediaries to cache the contents for up to an hour. For anonymous-readable objects, if an object have been overwritten by another object of the same name in the last hour, it's quite likely that users in one region might see the original object but viewers in another region might see the newer one.

I would bet that someone uploaded the first option, downloaded it at least once (loading it into a cache somewhere), then uploaded a second version. This would happen regardless of whether the object had versioning enabled or not.

Note that this would NOT happen if the generation number were present in the URL, which in your link it is. Is this the link you saw the problem with, or were you using something like "https://storage.googleapis.com/bucket_name/object_name.js"?