I say the 'type', I will host 'adult' content following the guidelines etc, like: 'phub, xvid..' etc

!!! Wilian M.I say the 'type', I will host 'adult' content following the guidelines etc, like...

1

1984 Ford Laser•11/28/24, 11:17 PM

As long as its legal content then you're all good usually

11984 Ford Laser As long as its legal content then you're all good usually

!

!! Wilian M.OP•11/28/24, 11:20 PM

hmm

!

!! Wilian M.OP•11/28/24, 11:20 PM

thx

Z

zanzibar•11/28/24, 11:35 PM

anyone an idea whether there is a currently working solution for ffmpeg on workers?

Zzanzibar anyone an idea whether there is a currently working solution for ffmpeg on worke...

1

1984 Ford Laser•11/29/24, 12:26 AM

I don't believe so, I would be very interested if there was. That would be what #stream is for

Z

zanzibar•11/29/24, 12:59 AM

after spending 16 hours searching for a solution, I also do not. I am wondering if there is any way of sanitizing media files before putting them into the r2 within a worker. which is my actual motivation.

Z

zanzibar•11/29/24, 1:49 AM

at least there is a good way with images:
import * as photon from '@cf-wasm/photon'

// fileData comes from a request PUT request (mimeType: header, image: body) to this worker
const processFile = async (fileData: Uint8Array, mimeType: string) => {
try {
let file;

if (mimeType.startsWith('image/')) {
// Create a new image file with photon
file = photon.PhotonImage.new_from_byteslice(fileData);
console.log('Image successfully recreated.');
}
return file;
} catch (error) {
console.error('Failed to load media file:', error);
throw new Error('Invalid media data or error during processing.');
}
};

M

maco6517•11/29/24, 6:32 AM

Is there any way to cache googlebot, everyone?
Bot access content is not cached, is there any rule to fix this situation?
Currently all Google bot requests are not being cached
Is there any rule for this problem?

M

maurus•11/29/24, 9:30 AM

Hi, I'm trying to debug CORS on R2. I've configured a CORS policy on my R2 bucket in the Cloudflare dashboard, but when doing a preflight request I'm getting 403

<?xml version="1.0" encoding="UTF-8"?><Error><Code>Unauthorized</Code><Message>CORS not configured for this bucket</Message></Error>

<?xml version="1.0" encoding="UTF-8"?><Error><Code>Unauthorized</Code><Message>CORS not configured for this bucket</Message></Error>

<?xml version="1.0" encoding="UTF-8"?><Error><Code>Unauthorized</Code><Message>CORS not configured for this bucket</Message></Error>

<?xml version="1.0" encoding="UTF-8"?><Error><Code>Unauthorized</Code><Message>CORS not configured for this bucket</Message></Error>

(I'm using presigned URLs)

Does it take some time until CORS policy changes are propagated? Or is something wrong with my configuration?

M

maurus•11/29/24, 9:36 AM

are you saying that they only apply to the custom domain and not the

*.r2.cloudflarestorage.com

*.r2.cloudflarestorage.com

*.r2.cloudflarestorage.com

*.r2.cloudflarestorage.com one?

M

maurus•11/29/24, 9:39 AM

I'm using presigned URLs, I'll have to check if that changes anything

M

maurus•11/29/24, 9:41 AM

you mean the preflight CORS request? No

P

Pinky Kyulkyung•11/29/24, 9:43 AM

Hello guys, if i delete my payment method, my bucket will be deleted too?

P

Pinky Kyulkyung•11/29/24, 9:44 AM

if i add 1h later, it will be ok?

P

Pinky Kyulkyung•11/29/24, 9:45 AM

thank you

P

Pinky Kyulkyung•11/29/24, 9:46 AM

i wanna transfer my account to other

P

Pinky Kyulkyung•11/29/24, 9:47 AM

and he want to add it himself

Original message was deleted

Z

zanzibar•11/29/24, 11:50 AM

yupp, that is precisely what i will go for now. it seemed all too good to be true to sanitize uploads at the edge. as i had my user verification, DB access and such all working fine in the worker. but with the security of my users in mind, who will be exposed to other user's uploads - i realize that i can't weasel around a proper backend server anymore hehe

G

Gabriel Mariano Rocha•11/29/24, 11:54 AM

anyone can help me with cors problem?

G

Gabriel Mariano Rocha•11/29/24, 11:54 AM

Good morning

Original message was deleted

Z

zanzibar•11/29/24, 12:52 PM

You could also fetch directly from r2, but use pre-signed urls which can be generated by a backend

Z

zanzibar•11/29/24, 1:55 PM

I use an R2 to store media files from my users and those have resticted access (users can purchase other user's contents and gain access). Currently, I would use a backend for user verification and generate presigned URLs if a user is permitted to view the content. is there a better way of handling this scenario? one thing coming to my mind is that it would be great to cache those contents for users who have access rights.. as they might request the same files over an over

Original message was deleted

Z

zanzibar•11/29/24, 2:06 PM

Thanks, I will happily check it out as I am new to this sort of infrastructure. Could you please elaborate on why presigned URLs are not recommended? Or do you happen to have a readable guide on how to use hmac auth?

A

Astra•11/29/24, 2:41 PM

Is it normal to get billed and charged daily small amounts?

Original message was deleted

Z

zanzibar•11/29/24, 3:18 PM

thanks again! then it seems to be the way to go for my use case. yet I am unable to find a guide on how to implement it. my client would make a request to my backend for a particular post. my backend will validate that the user is permitted to read the media files linked in it. now the backend shall give my client access to view the files - shall the backend create the r2.yourdomain.TLD/<auth-and-objectkey> using the user's auth url and return it to the end user? i cannot find any configurations within cloudflare atm :/

Original message was deleted

Z

zanzibar•11/29/24, 3:42 PM

hmmm.. I will certainly be able to validate my user on my backend and create an appropriate url. yet I don't understand what i need to configure in cloudflare and why the pro subscription is needed. so far I do use a custom domain, proxying and dns by cloudflare with a free plan.

Original message was deleted

Z

zanzibar•11/29/24, 3:52 PM

so HMAC is then a feature within the Security/WAF custom rules.. I see! thank you kindly. let's say i have set up a custom rule to verify the incoming HMAC token to grant access to my r2's resources. where does the caching come into play at this point?

Original message was deleted

Z

zanzibar•11/29/24, 3:57 PM

alright, thanks! i thought that if i want to cache resources behind an authentication, the settings would be different/somewhere particular for that case. really cool that you take time to help people here, much appreciated

Original message was deleted

Z

zanzibar•11/29/24, 5:58 PM

would it be possible to use a worker to validate hmac requests, as long as i do not publish my application? if so, what are the drawbacks in comparison to WAF?

!

!! Wilian M.OP•11/29/24, 9:53 PM

hello

!

!! Wilian M.OP•11/29/24, 9:53 PM

Guys, I uploaded a video through the API, and configured my domain e.g. 'cdn.xxx.com', but anyone can access the files, how do I configure it to only access with the generated URL?

!

!! Wilian M.OP•11/29/24, 9:55 PM

!

!! Wilian M.OP•11/30/24, 12:31 AM

visibility not works?

!!! Wilian M.Guys, I uploaded a video through the API, and configured my domain e.g. 'cdn.xxx...

U

Unsmart•11/30/24, 12:51 AM

You would need to not use a custom domain or do the auth yourself in a worker or some other means before the request goes through to r2

UUnsmart You would need to not use a custom domain or do the auth yourself in a worker or...

!

!! Wilian M.OP•11/30/24, 1:00 AM

but is it possible to use my custom domain?

!!! Wilian M.but is it possible to use my custom domain?

U

Unsmart•11/30/24, 1:00 AM

that was this part of my message

UUnsmart that was this part of my message

!

!! Wilian M.OP•11/30/24, 1:02 AM

kind of complicated, s3 is simpler and easier, but I'll read more

U

Unsmart•11/30/24, 1:03 AM

I just use the r2 url no reason to make a custom domain for things that are locked behind auth

UUnsmart I just use the r2 url no reason to make a custom domain for things that are lock...

!

!! Wilian M.OP•11/30/24, 1:04 AM

but isn't the r2 url just for development?

!!! Wilian M.but isn't the r2 url just for development?

H

Hello, I’m Allie!•11/30/24, 1:04 AM

No?

!

!! Wilian M.OP•11/30/24, 2:45 PM

I managed to make it work, but I wanted to use a custom domain, but if I add the domain, everything becomes public

T

tripheo2410•12/1/24, 10:59 AM

Hi, my R2 always return SSL handshake error? Do you know how to debug?

openssl s_client -connect c2cb23ce609ba91a6a649d90f7ca72b3.r2.cloudflarestorage.com:443
Connecting to 162.159.140.238
CONNECTED(00000006)
008CC1F101000000:error:0A000410:SSL routines:ssl3_read_bytes:ssl/tls alert handshake failure:ssl/record/rec_layer_s3.c:908:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 368 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Protocol: TLSv1.3
This TLS version forbids renegotiation.
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

openssl s_client -connect c2cb23ce609ba91a6a649d90f7ca72b3.r2.cloudflarestorage.com:443
Connecting to 162.159.140.238
CONNECTED(00000006)
008CC1F101000000:error:0A000410:SSL routines:ssl3_read_bytes:ssl/tls alert handshake failure:ssl/record/rec_layer_s3.c:908:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 368 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Protocol: TLSv1.3
This TLS version forbids renegotiation.
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

openssl s_client -connect c2cb23ce609ba91a6a649d90f7ca72b3.r2.cloudflarestorage.com:443
Connecting to 162.159.140.238
CONNECTED(00000006)
008CC1F101000000:error:0A000410:SSL routines:ssl3_read_bytes:ssl/tls alert handshake failure:ssl/record/rec_layer_s3.c:908:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 368 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Protocol: TLSv1.3
This TLS version forbids renegotiation.
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

openssl s_client -connect c2cb23ce609ba91a6a649d90f7ca72b3.r2.cloudflarestorage.com:443
Connecting to 162.159.140.238
CONNECTED(00000006)
008CC1F101000000:error:0A000410:SSL routines:ssl3_read_bytes:ssl/tls alert handshake failure:ssl/record/rec_layer_s3.c:908:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 368 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Protocol: TLSv1.3
This TLS version forbids renegotiation.
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

S

SuperHelpflare•12/1/24, 11:57 AM

To contact Cloudflare Support about an issue, please visit the Support Portal and fill in the form on the portal. After submission, you will receive confirmation over email.

Some issues, such as Account or Billing related issues, cannot be solved by the community.
Any plan level (including Free plans) can open tickets for Account, Billing or Registrar ticket categories. Make sure to select the correct category to ensure it goes to the right place.
For more information on the methods by which you can contact Support for your plan level, see Contacting Cloudflare Support - Cloudflare Docs

K

KWAC•12/1/24, 11:58 AM

I'm using nuxt 3 with r2, it generates url like this for example

https://${accountId}.r2.cloudflarestorage.com/${bucketName}/${encodedFileName}?uid=${encodeURIComponent(accountId)}&exp=${Math.round(expiration.getTime() / 1000)}&signature=${signature}

https://${accountId}.r2.cloudflarestorage.com/${bucketName}/${encodedFileName}?uid=${encodeURIComponent(accountId)}&exp=${Math.round(expiration.getTime() / 1000)}&signature=${signature}

https://${accountId}.r2.cloudflarestorage.com/${bucketName}/${encodedFileName}?uid=${encodeURIComponent(accountId)}&exp=${Math.round(expiration.getTime() / 1000)}&signature=${signature}

https://${accountId}.r2.cloudflarestorage.com/${bucketName}/${encodedFileName}?uid=${encodeURIComponent(accountId)}&exp=${Math.round(expiration.getTime() / 1000)}&signature=${signature}

;

but in console im getting this error

Access to fetch at 'https://343836b9a1933af53d195c2d778a27d0.r2.cloudflarestorage.com/project1/email_verify_hero.json?uid=343836b9a1933af53d195c2d778a27d0&exp=1733057758&signature=dd245094b0d73d23f0c513f342e52e32b1bec065763d72bd11335408804e16d8' from origin 'http://localhost.com:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
upload.vue:62 
 PUT https://343836b9a1933af53d195c2d778a27d0.r2.cloudflarestorage.com/project1/email_verify_hero.json?uid=343836b9a1933af53d195c2d778a27d0&exp=1733057758&signature=dd245094b0d73d23f0c513f342e52e32b1bec065763d72bd11335408804e16d8 net::ERR_FAILED 400 (Bad Request)
handleFileUpload @ upload.vue:62
await in handleFileUpload
callWithErrorHandling @ runtime-core.esm-bundler.js:193
callWithAsyncErrorHandling @ runtime-core.esm-bundler.js:201
invoker @ runtime-dom.esm-bundler.js:671Understand this errorAI
upload.vue:69 TypeError: Failed to fetch
    at handleFileUpload (upload.vue:62:13)

Access to fetch at 'https://343836b9a1933af53d195c2d778a27d0.r2.cloudflarestorage.com/project1/email_verify_hero.json?uid=343836b9a1933af53d195c2d778a27d0&exp=1733057758&signature=dd245094b0d73d23f0c513f342e52e32b1bec065763d72bd11335408804e16d8' from origin 'http://localhost.com:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
upload.vue:62 
 PUT https://343836b9a1933af53d195c2d778a27d0.r2.cloudflarestorage.com/project1/email_verify_hero.json?uid=343836b9a1933af53d195c2d778a27d0&exp=1733057758&signature=dd245094b0d73d23f0c513f342e52e32b1bec065763d72bd11335408804e16d8 net::ERR_FAILED 400 (Bad Request)
handleFileUpload @ upload.vue:62
await in handleFileUpload
callWithErrorHandling @ runtime-core.esm-bundler.js:193
callWithAsyncErrorHandling @ runtime-core.esm-bundler.js:201
invoker @ runtime-dom.esm-bundler.js:671Understand this errorAI
upload.vue:69 TypeError: Failed to fetch
    at handleFileUpload (upload.vue:62:13)

Access to fetch at 'https://343836b9a1933af53d195c2d778a27d0.r2.cloudflarestorage.com/project1/email_verify_hero.json?uid=343836b9a1933af53d195c2d778a27d0&exp=1733057758&signature=dd245094b0d73d23f0c513f342e52e32b1bec065763d72bd11335408804e16d8' from origin 'http://localhost.com:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
upload.vue:62 
 PUT https://343836b9a1933af53d195c2d778a27d0.r2.cloudflarestorage.com/project1/email_verify_hero.json?uid=343836b9a1933af53d195c2d778a27d0&exp=1733057758&signature=dd245094b0d73d23f0c513f342e52e32b1bec065763d72bd11335408804e16d8 net::ERR_FAILED 400 (Bad Request)
handleFileUpload @ upload.vue:62
await in handleFileUpload
callWithErrorHandling @ runtime-core.esm-bundler.js:193
callWithAsyncErrorHandling @ runtime-core.esm-bundler.js:201
invoker @ runtime-dom.esm-bundler.js:671Understand this errorAI
upload.vue:69 TypeError: Failed to fetch
    at handleFileUpload (upload.vue:62:13)

Access to fetch at 'https://343836b9a1933af53d195c2d778a27d0.r2.cloudflarestorage.com/project1/email_verify_hero.json?uid=343836b9a1933af53d195c2d778a27d0&exp=1733057758&signature=dd245094b0d73d23f0c513f342e52e32b1bec065763d72bd11335408804e16d8' from origin 'http://localhost.com:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
upload.vue:62 
 PUT https://343836b9a1933af53d195c2d778a27d0.r2.cloudflarestorage.com/project1/email_verify_hero.json?uid=343836b9a1933af53d195c2d778a27d0&exp=1733057758&signature=dd245094b0d73d23f0c513f342e52e32b1bec065763d72bd11335408804e16d8 net::ERR_FAILED 400 (Bad Request)
handleFileUpload @ upload.vue:62
await in handleFileUpload
callWithErrorHandling @ runtime-core.esm-bundler.js:193
callWithAsyncErrorHandling @ runtime-core.esm-bundler.js:201
invoker @ runtime-dom.esm-bundler.js:671Understand this errorAI
upload.vue:69 TypeError: Failed to fetch
    at handleFileUpload (upload.vue:62:13)

C

Chip•12/1/24, 6:29 PM

I have a quick question, in R2's pricing, it states that egress is free, but does that mean it's entirely free to host the resource and have it load, or does the initial GET request to fetch the resource still fall under a Class B operation, even if the egress is free?

C

Chip•12/1/24, 6:32 PM

Alright good to know, just wanted to make sure before I made any commitment

C

Chip•12/1/24, 6:32 PM

Yeah I figured that

C

Chip•12/1/24, 6:32 PM

Good to know, I'll definitely consider R2 though because it's got a pretty good free tier

C

Chip•12/1/24, 6:34 PM

Yeah, I'd be getting some fair bandwidth so I wouldn't need to use infrequent access

K

Kavatch•12/1/24, 6:48 PM

This might be a really dumb questions but when I want to publish assets I have in R2 to thousands of users how would I best do this? Because the best case would of course be to distribute them via cloudflares CDN as this makes access times short and doesn't result in extra R2 costs, but how would I do something like this? I can't seem to find any option for this

I say the 'type', I will host 'adult' content following the guidelines etc, like: 'phub, xvid..' etc

Similar Threads

Similar Threads

Similar Threads