Bypassing Cache Deception Armor using .avif extension file

Cloudflare Deception Armor could be bypassed by using `.avif` extension making Cache deception attack possible on vulnerable origin servers. Cloudflare Cache Deception Armor uses a Page rule to protect Cloudflare Cache against caching possibly sensitive information. This attack could be performed by tricking a user into clicking a crafted URL (using "path confusion techniques") ending with an `.avif` extension which makes Cloudflare edge cache the returned (normally non-cachable) content. An attacker could then retrieve this cached information from Cloudflare's edge. The page rule was improved to better handle .avif formats and the presented bypass is no longer possible.