Missing Vary on payment
Quirk · GET /api/x402/edge-missing-vary · Edge / CDN Controls
Caches the paid 200 but ignores the payment header in the cache key (no Vary), so one payer's response is served to another.
Explanation
The paid 200 is cacheable but omits Vary: PAYMENT-SIGNATURE, so the edge cache keys only on the URL and ignores the payment header. As a result, one payer's response is served to a different (or unpaid) client. The merchant must add the payment header to the cache key, or make the response non-shared-cacheable.
What to watch
curl -i: public, max-age with NO Vary header on the paid 200.
Facilitator
Settled against the live Radius testnet facilitator (https://facilitator.testnet.radiustech.xyz). A valid payment runs a real /verify and /settle on-chain.
Metadata
- Status: Quirk
- Method: GET
- Price: 0.0001 (100 atomic)
- Responsible party: Merchant