I believe Access with service tokens in headers and jwt validation on the tunnel is the only truly s
I believe Access with service tokens in headers and jwt validation on the tunnel is the only truly secure way
Dso I need to enable this?
EAnd then setup Access with a service token stored as a secret in the worker, yeah
EIts not ideal but it's the most secure approach available right now to my knowledge, there is no magic button to bind a tunnel to a worker
SLooks similar to what I'm seeing - others have reported it at https://github.com/cloudflare/workerd/issues/1422
GitHub
Hello! Recently we've been seeing this issue with one of our worker scripts (we have three, the other two seem fine) where after some time being used in dev mode it will segfault and become unr...
Dmy theory (untested, I stopped looking into it since I finished my project) is that a thread crashes due to OOM or something, and the network connection lost error is a bit misleading.
DIs it expected that the cache doesn't work when using
fetch
KYep.
DI thought the default
caches.default and the cache that fetchWhen ran in Cloudflare they both access the same CDN cache (sort of, tiered doesnt work with cache api), but when running locally only Cache API is emulated, the
fetchwhen you have tiered cache enabled, which cache does
fetchcaches.default?
UI’d assume it uses both as in if local cache doesn’t have it will go to the upper tier (if it isn’t)
UI’m pretty sure that’s how tiered cache works at least is that every datacenter can still cache the value and not just upper tiers
Dahhh, that makes sense! What happens if the local cache is the location of the tiered cache, and the cache API attempts to replace it?
UWould just update its own cache the other tiers would eventually pull from it if needed
Dbut then that sounds like the Cache API does work with tiered caching? 
UNot really. You would have to use fetch to pull from tiered cache, unless the datacenter you are in already has the cache. At least thats how I understand it 
CI assume it depends on the topology as well, if its a location other colos pull from you might update it for tiered cached to use, if its at the bottom/just a local colo it wouldn't ever be used, just a side effect of not storing things twice just for tiered caching/normal cache
NHey! Is there any chance for CloudFlare Workers to support compression algorithms other than just gzip?
We provide a library for developers which has a Rust core compiled to WASM. Currently, gzip is able to compress 3MB WASM module into roughly 1.2MB. We have exhausted all options of compressing the code size on our end (like dependency reduction, unused code elimination, etc). Considering other options, we noticed that LZMA and ZSTD algorithms provide us with 800KB and 770KB WASM modules respectively, which is very promising. Our target is roughly 800KB.
CloudFlare Workers do not allow to run WASM code generated in runtime, so we cannot just unpack the WASM module in runtime ourselves and run it. An ugly alternative to that is including a WASM runtime of our own (like wasm3) and running WASM inside WASM. We would like to avoid that, but this is the only option we have at the moment.
Thus, we are wondering if native support for compressed WASM modules can be added to the platform.
We provide a library for developers which has a Rust core compiled to WASM. Currently, gzip is able to compress 3MB WASM module into roughly 1.2MB. We have exhausted all options of compressing the code size on our end (like dependency reduction, unused code elimination, etc). Considering other options, we noticed that LZMA and ZSTD algorithms provide us with 800KB and 770KB WASM modules respectively, which is very promising. Our target is roughly 800KB.
CloudFlare Workers do not allow to run WASM code generated in runtime, so we cannot just unpack the WASM module in runtime ourselves and run it. An ugly alternative to that is including a WASM runtime of our own (like wasm3) and running WASM inside WASM. We would like to avoid that, but this is the only option we have at the moment.
Thus, we are wondering if native support for compressed WASM modules can be added to the platform.
ZWhat's preventing you from just using the 1.2MB WASM module?
NFree tier worker limit size is 1MB. Since we are a library we want (total library size + total user code size) to be less than 1MB
ZAh, I see. I think your best bet is to create a discussion post on the workerd (workers runtime) repo: https://github.com/cloudflare/workerd. Unless you are an enterprise customer, in which case reaching out to support might work better.
Dstupid question, does workerd allow you to load WASM from a URL?
Dor does it have to be bundled?
Dhave you tried compiling with
-Os?NYes, but the size reduction is only a couple percent
NIt has to be bundled
NBefore I create a discussion at workerd repo, does anybody else have WASM code size issues? The more use cases we have, the better
Dis there no way to access
envis it a bad idea to just do
process.env.API_KEY = env.API_KEY in my fetch handlerDWhy does this tutorial use the fetch adapter? https://developers.cloudflare.com/workers/tutorials/openai-function-calls-workers/#2-make-a-request-to-openai
Doesn't look like it's needed. https://developers.cloudflare.com/ai-gateway/tutorials/deploy-aig-worker/
Doesn't look like it's needed. https://developers.cloudflare.com/ai-gateway/tutorials/deploy-aig-worker/
K1st one is OpenAI SDK v3, 2nd is v4
KGiven that the first tutorial doesn’t pin to the major version, I guess it’s broken since it’ll install v4. cc @rickyrobinett
RHmm... yes, good catch. Let me work on a PR to update / fix.
Dis it possible to use local node modules in a worker (with wrangler)? i'm setting up a monorepo and i need some types from a local package in my worker
DAhhh, thanks! Totally missed that.
HIs it to use cloudflare's workers for security research purposes such as brute forcing web hosts, fingerprinting, crawling, etc ?
Hall legally ofcourse (bug bounty etc)
UCloudflare
This page is for those who are interested in our Self-Serve Subscription Agreement.
Hthanks for this! i don't see anything in the Restrictions part that denies this, would love to get confirmation tho as i may have misread it
DI'm getting really weird console.debug results today.
DSo this is my code... and this is my log:
Dwhat on earth is going on?
CThere is a bug open related to log messages with
at in them. I know there is a fix PR up but don't remember the numberUGitHub
Fixes #4668.
What this PR solves / how to test:
Previously, logs containing at were always treated as stack trace call sites requiring source mapping. This change updates the call site detection t...
What this PR solves / how to test:
Previously, logs containing at were always treated as stack trace call sites requiring source mapping. This change updates the call site detection t...
D@Cyb3r-Jok3 thank you! Thought I was going crazy.
Is there a temp workaround?
Is there a temp workaround?
Udo a replaceAll on console.log for "at" and replace with "@" or something 
Dlol
Dhmm, downgrade to
3.19.0 is my only safe option right?DI had a panic moment thinking I had incorrectly stored JSON in >100,000 files.
NHeyo guys!
I'm developing/testing a worker project using the
Hope someone could help me figure it this out. Thanks in advance.
I'm developing/testing a worker project using the
wrangler dev --remote command, but it seems like my DOs aren't updating on the network, that's is intentional? Am I doing something wrong? Hope someone could help me figure it this out. Thanks in advance.
