Thanks for the feedback @digitalproducts669.
When we initially planned on rolling out the HTTPS image proxy we took telemetry for a couple of weeks or so before enabling it and established our baseline of what was deemed acceptable use. We had covered the 90% use case at the time and the remaining 10% we either contacted authors or worked with them to migrate to HTTPS. Unfortunately this wasn’t revisited once it was enabled for all requests as the remaining amount of traffic (less than 30%) was deemed to have already been covered. This was a poor assumption on our behalf.
Not at this stage. This is a part of the ongoing work for GDPR compliance which is unfortunately unavoidable. There are a couple of other forum articles about these steps that are being taken and we’re open to feedback on how we can do better. You can either respond here in the forum or open a support ticket and the right people will see it.
I’m afraid there haven’t been any changes yet. I am in the process of making some changes to raise this limit temporarily and allow us to add some more telemetry to assist us in finding another appropriate limit along with some further service changes. Once the changes are deployed, they will gradually be rolled out due to the way the caching works so it may take an hour or so for anything to change.
There are actually two different systems here that don’t communicate state or anything like that between them. We have the application that renders the markup (here Market) and the system that proxies the request and serves up the asset. These two operate totally independently of one another. Market just knows how to rewrite the URL and the asset proxy just knows how to fetch the resource.
Like all things, this decision came about as a balance between offering a service to the authors to mitigate some GDPR/security issues and preventing abuse of the service. Allowing any size file to be proxied could leave us in a position where a malicious user is able to cause a service disruption which then impacts every user instead of an isolated issue. As I mentioned in an answer closer to the top, we did have some data on this when it was initially rolled out, however the power of hindsight has shown us that not revisiting that data has caused some pain and for that, we’re very apologetic. It’s definitely no ones intention to introduce issues however sometimes it happens.