CUsing custom hostnames I can have any domain point to my origin and my worker handles what bucket/object is returned based on domain.
C
CUsing worker as origin
W
HHey, it’s still a meme that they aren’t using Azure CDN…
UAh yeah if you do have a domain on your CF account that could work
Cpls ask sales person to give me a £1/month enterprise deal kthx ily
CI keep getting bothered in my emails by Cloudflare Sales Agents for my personal website etc. lol
UIf you happen to have a domain on your CF account heres what you'd need to do to possibly make something work:
1: Create a worker that can serve your R2 bucket (add a custom domain my-cdn.mydomain.com)
2: Go to SSL/TLS -> Custom Hostnames and set fallback origin to my-cdn.mydomain.com
3: Click "Add Custom Hostname" enter cubity.getsharex.com
4: Set the cname of cubity.getsharex.com to my-cdn.mydomain.com
@cubityfirst
1: Create a worker that can serve your R2 bucket (add a custom domain my-cdn.mydomain.com)
2: Go to SSL/TLS -> Custom Hostnames and set fallback origin to my-cdn.mydomain.com
3: Click "Add Custom Hostname" enter cubity.getsharex.com
4: Set the cname of cubity.getsharex.com to my-cdn.mydomain.com
@cubityfirst
Wwhy do ssl for saas over just having a Worker fetching?
Woh wait nevermind
Wmy brain isn't working, i'm on holiday ok! don't bully me 
Coh hi jaex
UYeah we eventually figured that out 
C
K
EYou absolutely can change their headers with transform rules
KShould work straight away
K
C
Would this make it possible for presigned direct uploads from a frontend?KThis is for public buckets, so no
KYou can't add CORS headers to the SigV4 endpoint yet
CBummer
Sproblem of r2 bucket
S
CThat is the firewall checking your connection to the bucket
Sthis is bad, the images do not load...
UYou will need to tone down your security rules
S
UIt's not a problem with R2, you are just getting stopped by your firewall settings.
SI wish I had activated the protection and not have to go through this in the images
SI understand that I will have to create a rule for this, but you's could adjust...
UWe cant adjust your settings if you make them start blocking real people 
KThis is technically not valid CORS, but I suppose most things won’t care? Have you tried it in the wild?
UHow is that not valid cors? 
KYou’re not supposed to blindly answer every HTTP request with CORS headers
K
KYou can just add this if you only want it on
OPTIONS
Uthe MDN for cors shows it responding with the headers for both ends (i.e. options and post)
SYou can make allow origin dynamic and add http.request.headers["origin"][0] as header field
SThis will only have header on requests with origin in it
KBundling CORS settings into R2 is probably something Cloudflare should consider adding to the roadmap. 90% of people can probably hack it with the Transform Rules to add generous permissions, but there are going to be a lot of gotchas. Using Transform Rules feels very smelly.
Amazon has , Backblaze B2 has CORS settings in the bucket management interface, Digital Ocean Spaces also has CORS settings in the management interface. So these services can respond in a fully spec-compliant way.
Amazon has , Backblaze B2 has CORS settings in the bucket management interface, Digital Ocean Spaces also has CORS settings in the management interface. So these services can respond in a fully spec-compliant way.
USeeing as they have already talked about wanting feature parity with S3 that is probably coming soon. 