@digitalpoint
As I can't fully test this on iolabs.io (and I don't use CloudFlare):
Does guest caching work correctly with Advanced Cookie Consent, eg. if a guest that does accept 3rd party cookies accesses a currently uncached but cachable page that has an embedded youtube video and another user that does not accept 3rd party cookies accesses the page afterwards (and does get a hit from cache) - would the second user still get the consent required message instead of the actual video?
As far as I can see having cookie
xf_consent
doesn't set cache to bypass and you also don't seem to have any server side code to deal with this - I therefore think this would not work correctly.