The R2 Integration That Security Killed

Building elaborate R2 architecture with manifest verification felt like professional-grade security until the audit revealed the truth: the manifest was checked at build time and ignored entirely at runtime. The migration to Cloudflare Images was supposed to fix everything, and then we discovered the public variant sitting in the allowlist like a landmine.