cebert3d ago

Incident March 30th, 2026 – Accidental CDN Caching

https://blog.railway.com/p/incident-report-march-30-2026-accidental-cdn-caching

Incident Report: March 30th, 2026 — Authenticated user data cached

Railway experienced an incident where CDN features were accidentally enabled for some domains without users enabling them.

Railway Blog
Show threadstingraycharles3d ago

This write up doesn’t make sense. Authenticated users are the ones without a Set-Cookie? Surely the ones with the cookie set are the authenticated ones?

There are dozens of contradictions, like first they say:

“this may have resulted in potentially authenticated data being served to unauthenticated users”

and then just a few sentences later say

“potentially unauthenticated data is served to authenticated users”

which is the opposite. Which one is it?

Am I missing something, or is this article poorly reviewed?

Show threadjustjake3d ago
Fixed the typo in that second paragraph and aligned the section on the Set-Cookie stuff. Anything else that can be made more clear?
Show threadcodechicago2773d ago
The problem is that these visible errors make us wonder what other errors in the post are less visible. Fixing them doesn’t fix the process that led to them.
Show threadslopinthebag3d ago

I'm pretty sure it's AI.

https://x.com/JustJake/status/2007730898192744751

I wouldn't be surprised if most of Railway's infra is running on Claude at this point.

Jake (@JustJake) on X

@martin_casado @williamevanl Today I handed Claude a document that I've been growing for...years on building an orchestrator/distributed runtime that I had only purely theorized possible. One we've been working towards. It would have taken me probably months to code by hand. Building on 5 years of work and

X (formerly Twitter)
Show threadstingraycharles
It's fine they use AI, it's not fine they don't proofread things.
Mar 31 at 4:16amWeb