I understand this was a highly impactful issue to the folks in this thread and a few others we had heard from. I am personally deeply sorry for this impact, and I do speak for Netlify on this as well.
Our engineers have found the cause and repaired it in our codebase and deployed that fix, and have started a process to repair our CDN’s cache for all impacted sites. We are working on sites from paid customers first, and then working our way to the free ones. We expect all paid sites to be fixed by tomorrow, and the free ones will likely not complete until sometime tomorrow or even next week.
However, you can self-serve on the fix already: redeploying your affected site(s) will clear its cache on the CDN, so as soon as you do so, the problem should no longer occur.
We’d love to hear from you as to whether the fix has worked for you (or perhaps more actionably, if it hasn’t, and at what example URL or x-nf-request-id in case your URL’s are sensitive or unshareable publicly (we can find the URL from that, but an attacker could not).
@f3rg I do hear you loud and clear that this was a breach of trust. We will be doing an internal retrospective call about the causes and how to prevent them from happening in the future, and will report back here. I don’t believe anything we say can rebuild trust, but I do believe that things we do - improving testing, discovering the full nature of the root cause of both the problem and missing it during our (extensive!) pre-testing of the feature - are one step in that process, as is the transparency we’ll provide here. You of course have to make the call about whether any of this is enough for you, but as your advocate to the business, my promise is that I am doing all that I can to see those actions implemented and reporting back here as to the progress.