Heyo 👋 . Is the Cache API secure in terms of storing content under signed URLs? That is a user make

Mmanterfield Heyo 👋 . Is the Cache API secure in terms of storing content under signed URLs?...

D

dave•4/1/25, 6:09 PM

If you accidentally config a cache rule to ignore search params, that could be a problem.

Ddave How big are the files? I wonder if Static Assets would be a better fit. https:/...

H

HereToHelp•4/1/25, 7:15 PM

I did try that, but yeah they're too big for just workers/pages unfortunately

M

matt•4/1/25, 7:36 PM

Did this ever go live? https://blog.cloudflare.com/data-anywhere-events-pipelines-durable-execution-workflows/

The Cloudflare Blog

Data Anywhere with Pipelines, Event Notifications, and Workflows

We’re making it easier to build scalable, reliable, data-driven applications on top of our global network, and so we’re announcing a new Event Notifications framework; our take on durable execution, Workflows; and an upcoming streaming ingestion service, Pipelines

Mmatt Did this ever go live? https://blog.cloudflare.com/data-anywhere-events-pipeline...

D

dave•4/1/25, 8:55 PM

See #workflows-beta

D

dave•4/1/25, 8:56 PM

I personally decided not to use Workflows. I found it much easier to have a Cron Worker poll a PostgreSQL database (through Hyperdrive).

H

HereToHelp•4/1/25, 10:50 PM

f02f6632 is the most recent deployment, made Apr 1 00:30 UTC. It's the one listed under "Active Deployment". For some reason though, it look like 84efc01c is still serving requests? Am I misreading this, or is there an outdated version of my worker's code still active? Do I need to do something to make sure all requests are handled by the latest version?

H

HereToHelp•4/1/25, 10:55 PM

I tried clicking "Deploy version" under "Active deployment", sending a new request, and re-checking, and the graph changed? Was it just a visual bug?

H

HereToHelp•4/1/25, 10:59 PM

It keeps randomly changing between the two versions of the chart when I refresh. I am very confused lol

HHereToHelp It keeps randomly changing between the two versions of the chart when I refresh....

P

Peps•4/2/25, 1:02 AM

yeah the new worker metrics are still a little bit buggy so it tends to do that

P

Peps•4/2/25, 1:02 AM

it's being worked on though

H

HereToHelp•4/2/25, 1:02 AM

Got it — thanks for the answer

Original message was deleted

C

crossbeau•4/2/25, 2:05 AM

Use .env.vars for testing local and gitignore that file. And use

wrangler secrets put

wrangler secrets put

wrangler secrets put

wrangler secrets put to put on deployed app

S

Soorya•4/2/25, 3:27 AM

Hey, is it required for me to update the durable object version everytime I need to deploy the project? Because I am currently getting an error

Cannot apply new-class migration to class 'DurableObject' that is already depended on by existing Durable Objects [code: 10074]

Cannot apply new-class migration to class 'DurableObject' that is already depended on by existing Durable Objects [code: 10074]

Cannot apply new-class migration to class 'DurableObject' that is already depended on by existing Durable Objects [code: 10074]

Cannot apply new-class migration to class 'DurableObject' that is already depended on by existing Durable Objects [code: 10074]

, As per chatgpt it might be because I need to update the

v

v in the workers. Does anyone have any idea and do I need to update the version everytime?

Original message was deleted

M

manterfieldOP•4/2/25, 9:51 AM

For what I'm doing the signature in the URL is quite important. Cache outliving the expiry isn't necessarily a problem (assuming it will be removed within a 'reasonable' time post expiry - i.e. it won't live for days or weeks past). The payload under the URL isn't super sensitive, this is more a redundant protection for defence in depth. It would only be a problem if an external user could easily see all the URLs without knowing them in advance/without brute forcing.

Good thought about WAF in front of cache though - I don't think it will work for what I want, but will sanity check. Thanks!

Original message was deleted

C

crossbeau•4/2/25, 10:35 AM

So if you put secrets in my secrets put and you have non secret env vars in the toml it leaves the secrets untouched until you run that command again

Original message was deleted

C

crossbeau•4/2/25, 11:13 AM

Use terraform to create your worker or pages project and use it to configure and setup env vars and secrets. And then only use wrangler to deploy code

Ccrossbeau Use terraform to create your worker or pages project and use it to configure and...

C

crossbeau•4/2/25, 11:14 AM

Just for workers on the toml
Make sure to set keep_vars - https://developers.cloudflare.com/workers/wrangler/configuration/#top-level-only-keys

Cloudflare Docs

Configuration - Wrangler · Cloudflare Workers docs

Use a configuration file to customize the development and deployment setup for your Worker project and other Developer Platform products.

C

crossbeau•4/2/25, 12:03 PM

@oSumAtrIX may i dm you ?

D

dave•4/2/25, 3:23 PM

function encodeBase64Bytes(bytes: Uint8Array): string {
  return btoa(
    bytes.reduce((acc, current) => acc + String.fromCharCode(current), "")
  );
}

function encodeBase64Bytes(bytes: Uint8Array): string {
  return btoa(
    bytes.reduce((acc, current) => acc + String.fromCharCode(current), "")
  );
}

function encodeBase64Bytes(bytes: Uint8Array): string {
  return btoa(
    bytes.reduce((acc, current) => acc + String.fromCharCode(current), "")
  );
}

function encodeBase64Bytes(bytes: Uint8Array): string {
  return btoa(
    bytes.reduce((acc, current) => acc + String.fromCharCode(current), "")
  );
}

Is there a better/more performant way of converting an ArrayBuffer to a base64 string in a Worker?

S

Spuckwaffel•4/2/25, 4:38 PM

hey uh is it normal that when purchasing a domain and setting up pages i get the mesage "The hostname is part of a banned domain. This web property cannot be added to Cloudflare at this time"

?

S

Spuckwaffel•4/2/25, 4:38 PM

i never had this

S

sharax•4/2/25, 4:41 PM

{
"code": 10021,
"message": "Uncaught SyntaxError: Unexpected token 'export'\n  at worker.js:474\n"
}

{
"code": 10021,
"message": "Uncaught SyntaxError: Unexpected token 'export'\n  at worker.js:474\n"
}

{
"code": 10021,
"message": "Uncaught SyntaxError: Unexpected token 'export'\n  at worker.js:474\n"
}

{
"code": 10021,
"message": "Uncaught SyntaxError: Unexpected token 'export'\n  at worker.js:474\n"
}

This error is driving me crazy.
I can manually add the code to a worker through the Cloudflare control panel, but I can't do it via the API.
What's the real issue?
I took the exact same JS file from an active worker.

curl "https://api.cloudflare.com/client/v4/accounts/{acount}/workers/scripts/{worker}" \
    -X PUT \
    -H "Authorization: Bearer {token}" \
    -H "Content-Type: multipart/form-data" \
    --form "script=@worker.js;type=application/javascript" \
    --form "metadata={\"main_module\": \"worker.js\", \"compatibility_date\": \"2025-04-02\", \"compatibility_flags\": [\"nodejs_compat\"]};type=application/json"

curl "https://api.cloudflare.com/client/v4/accounts/{acount}/workers/scripts/{worker}" \
    -X PUT \
    -H "Authorization: Bearer {token}" \
    -H "Content-Type: multipart/form-data" \
    --form "script=@worker.js;type=application/javascript" \
    --form "metadata={\"main_module\": \"worker.js\", \"compatibility_date\": \"2025-04-02\", \"compatibility_flags\": [\"nodejs_compat\"]};type=application/json"

curl "https://api.cloudflare.com/client/v4/accounts/{acount}/workers/scripts/{worker}" \
    -X PUT \
    -H "Authorization: Bearer {token}" \
    -H "Content-Type: multipart/form-data" \
    --form "script=@worker.js;type=application/javascript" \
    --form "metadata={\"main_module\": \"worker.js\", \"compatibility_date\": \"2025-04-02\", \"compatibility_flags\": [\"nodejs_compat\"]};type=application/json"

curl "https://api.cloudflare.com/client/v4/accounts/{acount}/workers/scripts/{worker}" \
    -X PUT \
    -H "Authorization: Bearer {token}" \
    -H "Content-Type: multipart/form-data" \
    --form "script=@worker.js;type=application/javascript" \
    --form "metadata={\"main_module\": \"worker.js\", \"compatibility_date\": \"2025-04-02\", \"compatibility_flags\": [\"nodejs_compat\"]};type=application/json"

Original message was deleted

D

dave•4/2/25, 5:17 PM

Oh, what about this though?

function encodeBase64Bytes(bytes: Uint8Array): string {
  const decoder = new TextDecoder('latin1');
  const text = decoder.decode(bytes);
  return btoa(text);
}

function encodeBase64Bytes(bytes: Uint8Array): string {
  const decoder = new TextDecoder('latin1');
  const text = decoder.decode(bytes);
  return btoa(text);
}

function encodeBase64Bytes(bytes: Uint8Array): string {
  const decoder = new TextDecoder('latin1');
  const text = decoder.decode(bytes);
  return btoa(text);
}

function encodeBase64Bytes(bytes: Uint8Array): string {
  const decoder = new TextDecoder('latin1');
  const text = decoder.decode(bytes);
  return btoa(text);
}

Original message was deleted

D

dave•4/2/25, 5:45 PM

hmm, seems like it would be better to stick with TextDecoder though since it's native?

D

dave•4/2/25, 5:45 PM

https://developers.cloudflare.com/workers/examples/cache-using-fetch/#using-the-http-cache-api

For some reason when I try to use the new

cache

cache

parameter, VS Code complains about this:

Object literal may only specify known properties, and 'cache' does not exist in type 'RequestInit<RequestInitCfProperties>'.ts(2353)

Object literal may only specify known properties, and 'cache' does not exist in type 'RequestInit<RequestInitCfProperties>'.ts(2353)

Object literal may only specify known properties, and 'cache' does not exist in type 'RequestInit<RequestInitCfProperties>'.ts(2353)

Object literal may only specify known properties, and 'cache' does not exist in type 'RequestInit<RequestInitCfProperties>'.ts(2353)

D

dave•4/2/25, 5:46 PM

unrelated questions

D

dave•4/2/25, 5:46 PM

sorry

Original message was deleted

D

dave•4/2/25, 5:47 PM

Converting an ArrayBuffer to base64.

Original message was deleted

D

dave•4/2/25, 5:48 PM

Latin1 is 0 to 255, so good for base64 afaik.

D

dave•4/2/25, 5:50 PM

ah.. You use this one? https://github.com/dankogai/js-base64

GitHub

GitHub - dankogai/js-base64: Base64 implementation for JavaScript

Base64 implementation for JavaScript. Contribute to dankogai/js-base64 development by creating an account on GitHub.

Ddave https://developers.cloudflare.com/workers/examples/cache-using-fetch/#using-the-...

D

dave•4/2/25, 5:59 PM

https://github.com/cloudflare/workerd/issues/698

Huge thread with no real answers sadly.

GitHub

🐛 BUG: The cache field on RequestInitializerDict is not implemen...

Which Cloudflare product(s) does this pertain to? Workers for Platforms What version of Wrangler are you using? Latest What operating system are you using? All Describe the Bug Making a fetch reque...

D

dave•4/2/25, 10:08 PM

Can I rename a Worker that's already deployed?

Ddave Can I rename a Worker that's already deployed?

H

Hard@Work•4/2/25, 10:11 PM

No, that would create a new Worker

HHard@Work No, that would create a new Worker

D

dave•4/2/25, 10:18 PM

ah, thanks. I just deleted it and deployed, thankfully I didn't have any secrets in this Worker

D

dave•4/2/25, 10:22 PM

Uh, so was there an announcement about

preview_urls = true

preview_urls = true

preview_urls = true

preview_urls = true? That's kinda a crazy default to add without a notice; I feel like I missed something?

A

avovo_•4/3/25, 1:46 AM

Hi, is it common that simple hello world cloydflare worker api has a 100~150 ms latency? I thought edge function would be ~50ms. Is it because cloudflare worker has cold start?

H

hffmnn_•4/3/25, 10:16 AM

Hi. I have some DNS/certificate questions regarding workers. Here is our current setup:

We have a DNS that is NOT managed through cloudflare (and it is no option to make it managed by cloudflare).
We have a workder running on
```
workers.dev
```
```
workers.dev
```
We would like to use a custom domain for one of our workers, e.g.
```
test.ourdomain.xyz
```
test.ourdomain.xyz
```
test.ourdomain.xyz
```
test.ourdomain.xyz
. I can add a CNAME record on our DNS to point to the
```
workers.dev
```
```
workers.dev
```
url, but because there is no certificate for that it doesn't work.

I am aware of partial DNS setup which would solve this (because it is supported by Universal SSL), but it is Enterprise/Business only.

So my question is: Is there any way to connect a (cloudflare-exernal) custom domain to a worker without going for the Enterprise/Business option? Other services like firebase seem to support that.

Cloudflare Docs

Partial (CNAME) setup · Cloudflare DNS docs

A partial (CNAME) setup allows you to use Cloudflare's reverse proxy while maintaining your primary and authoritative DNS provider.

Cloudflare Docs

Enable Universal SSL certificates · Cloudflare SSL/TLS docs

By default, Cloudflare issues — and renews — free, unshared, publicly trusted SSL certificates to all domains added to and activated on Cloudflare.

S

Southpaw•4/3/25, 11:10 AM

I think if you connect a domain to Cloudflare you can use Cloudflare for SaaS to send traffic from your real domain through Cloudflare via the linked one. I’ve never done it but I think I’ve seen others here use it.

Cloudflare Docs

Cloudflare for SaaS · Cloudflare for Platforms docs

Cloudflare for SaaS allows you to extend the security and performance benefits of Cloudflare's network to your customers via their own custom or vanity domains.

H

hffmnn_•4/3/25, 1:28 PM

Thanks for the info. This seems to be part of "Workers for Platform" aka. $25/month?

A

AmazinAxel•4/3/25, 4:05 PM

I have a website whose content partially depends on another website. Currently I have a Github workflow which invokes a deploy hook every day but this is not a permanent solution since it runs too often and can have up to 24 hours of content lag time. Is there a way to invoke a deploy hook for a different Pages instance a few minutes after a build finishes?

AAmazinAxel I have a website whose content partially depends on another website. Currently I...

D

dave•4/3/25, 6:06 PM

Would a Cron Worker do the trick? You could run it every hour for pretty much no real cost.

A

AmazinAxel•4/3/25, 6:58 PM

the GH workflow can also run hourly but i was hoping for a solution that would ping the deploy hook only when it's necessary as to provide less delay

A

AmazinAxel•4/3/25, 7:02 PM

~~i should also mention that fetching the deploy webhook inside of the build does not work~~ got it working, had to specify method: POST in the fetch options

V

VeriHappy•4/3/25, 7:26 PM

Is it possible to use web sockets in workers

J

James•4/3/25, 8:30 PM

yes: https://developers.cloudflare.com/workers/examples/websockets/

Cloudflare Docs

Using the WebSockets API · Cloudflare Workers docs

Use the WebSockets API to communicate in real time with your Cloudflare Workers.

Heyo 👋 . Is the Cache API secure in terms of storing content under signed URLs? That is a user make

Similar Threads

Similar Threads

Similar Threads