Topics

Cloudflare Developers•4mo ago

ℝ𝕦𝕓𝕚

remove TTL from is_timed_hmac_valid_v0

Hello, is it possible to disable the TTL, so WAF only used for verifying the hmac without checking expiration, thankyou

(http.host eq "mydomain.com" and not is_timed_hmac_valid_v0("mysecret", http.request.uri, 300, http.request.timestamp.sec, 8))

4 Replies

ℝ𝕦𝕓𝕚•4mo ago

I see, but I can make it for 50 years, then I update it 50 years later, correct ? do you think is_timed_hmac_valid_v0 can receive value from header instead of http.request.uri ? this should not be a problem, as it store second, not epoch yeah, but It's not like defining epoch since 1970 correct?, it a second addition until expired (like 300 on the rule above) thanks leo I don't understand, it's should be on cloudflare to maintain it's data type, correct ? :MeowHeartCloudflare:

ℝ𝕦𝕓𝕚•4mo ago

nice seems working

No description

ℝ𝕦𝕓𝕚•4mo ago

if not valid hmac or expired, then redirect to rick astley

delta•4mo ago

you can use some arbitary vaule instead of http.request.timestamp, like define request timestamp to zero and set HMAC timestamp to zero to make never expiring signature setting expire to far far far after may be enough

Cloudflare Developers Join

Welcome to the official Cloudflare Developers server. Here you can ask for help and stay updated with the latest news

48KMembers

View on Discord

Want results from more Discord servers?

Add your server

More Posts

Cant register domainHello, I purchased a domain via hetzner and want to register cloudflare. when checking with hetztner how to control the policy in include mode as mentioned belwo"Include IPs and Domains — Only traffic destined to the IPs or domains you specify will be sent to C nodejs compat mode problem: Uncaught Error: No such module "node:module"nodejs compat mode does not work for me. not even hello world type code without "node: bla" type imp SSL_ERROR_NO_CYPHER_OVERLAPHowdy, I'm trying to configure my website to use the zero trust access module to prompt for MFA when Using load balancing to route users to different serversHi guys, I am trying to make use of Cloudflare's load balancing to route players to the correct Min Unable to disable rules in WAFI am trying to disable rules on the WAF on one of my client's sites. (I am added as a member). I cl Site downI tried moving my domain to this account, but it won't let me add the lacuna.to domain to Cloudflare Workers Quick Edit with Zero Trust Application ProtectionI've added my worker as a protected self-hosted application in zero trust. But now when I use Quick workers site caching and DDoSI am kind of new to CF. I have a workers site that renders static HTML for any subdomain using the r is there a way to prevent local deploysallowing local deploys of workers makes it very easy for a production worker to lose sync with its g