I was trying to see if I can load it from a bucket

Mmax I was trying to see if I can load it from a bucket

R

Rui Figueira•5/25/25, 5:38 PM

This is my output, but it is definitely above 3MB limit from free plan...

Total Upload: 31672.57 KiB / gzip: 10087.55 KiB
Worker Startup Time: 45 ms
No bindings found.
Uploaded ffmpeg-example (10.47 sec)
Deployed ffmpeg-example triggers (2.74 sec)

Total Upload: 31672.57 KiB / gzip: 10087.55 KiB
Worker Startup Time: 45 ms
No bindings found.
Uploaded ffmpeg-example (10.47 sec)
Deployed ffmpeg-example triggers (2.74 sec)

Total Upload: 31672.57 KiB / gzip: 10087.55 KiB
Worker Startup Time: 45 ms
No bindings found.
Uploaded ffmpeg-example (10.47 sec)
Deployed ffmpeg-example triggers (2.74 sec)

Total Upload: 31672.57 KiB / gzip: 10087.55 KiB
Worker Startup Time: 45 ms
No bindings found.
Uploaded ffmpeg-example (10.47 sec)
Deployed ffmpeg-example triggers (2.74 sec)

RRui Figueira This is my output, but it is definitely above 3MB limit from free plan... ``` T...

M

maxOP•5/25/25, 6:21 PM

hmm thats strange, definitely the free plan?

S

Shizlie•5/25/25, 6:50 PM

hi, anyone who can get the worker's (beta) rate limit to work? I need your help

S

SuperHelpflare•5/25/25, 6:57 PM

https://dontasktoask.com/

Don't ask to ask, just ask

Mmax hmm thats strange, definitely the free plan?

R

Rui Figueira•5/25/25, 7:50 PM

Yes, free plan. Did you try to deploy and it failed?

RRui Figueira Yes, free plan. Did you try to deploy and it failed?

M

maxOP•5/25/25, 7:55 PM

Yeah, it says it exceeds the file limit

M

maxOP•5/25/25, 7:55 PM

⛅️ wrangler 4.16.1
-------------------

Total Upload: 31652.23 KiB / gzip: 10083.07 KiB
No bindings found.
▲ [WARNING] Here are the 3 largest dependencies included in your script:

  - node_modules/@ffmpeg/core/dist/esm/ffmpeg-core.wasm - 31476.97 KiB
  - node_modules/@ffmpeg/core/dist/esm/ffmpeg-core.js - 173.98 KiB
  - src/index.ts - 1.01 KiB
  If these are unnecessary, consider removing them



✘ [ERROR] A request to the Cloudflare API (/accounts/.../workers/scripts/workers-test/versions) failed.

  Your Worker exceeded the size limit of 3 MiB. Please upgrade to a paid plan to
  deploy Workers up to 10 MiB.
  https://dash.cloudflare.com/.../workers/plans
  [code: 10027]
  To learn more about this error, visit:
  https://developers.cloudflare.com/workers/platform/limits/#worker-size

  
  If you think this is a bug, please open an issue at:
  https://github.com/cloudflare/workers-sdk/issues/new/choose

⛅️ wrangler 4.16.1
-------------------

Total Upload: 31652.23 KiB / gzip: 10083.07 KiB
No bindings found.
▲ [WARNING] Here are the 3 largest dependencies included in your script:

  - node_modules/@ffmpeg/core/dist/esm/ffmpeg-core.wasm - 31476.97 KiB
  - node_modules/@ffmpeg/core/dist/esm/ffmpeg-core.js - 173.98 KiB
  - src/index.ts - 1.01 KiB
  If these are unnecessary, consider removing them



✘ [ERROR] A request to the Cloudflare API (/accounts/.../workers/scripts/workers-test/versions) failed.

  Your Worker exceeded the size limit of 3 MiB. Please upgrade to a paid plan to
  deploy Workers up to 10 MiB.
  https://dash.cloudflare.com/.../workers/plans
  [code: 10027]
  To learn more about this error, visit:
  https://developers.cloudflare.com/workers/platform/limits/#worker-size

  
  If you think this is a bug, please open an issue at:
  https://github.com/cloudflare/workers-sdk/issues/new/choose

⛅️ wrangler 4.16.1
-------------------

Total Upload: 31652.23 KiB / gzip: 10083.07 KiB
No bindings found.
▲ [WARNING] Here are the 3 largest dependencies included in your script:

  - node_modules/@ffmpeg/core/dist/esm/ffmpeg-core.wasm - 31476.97 KiB
  - node_modules/@ffmpeg/core/dist/esm/ffmpeg-core.js - 173.98 KiB
  - src/index.ts - 1.01 KiB
  If these are unnecessary, consider removing them



✘ [ERROR] A request to the Cloudflare API (/accounts/.../workers/scripts/workers-test/versions) failed.

  Your Worker exceeded the size limit of 3 MiB. Please upgrade to a paid plan to
  deploy Workers up to 10 MiB.
  https://dash.cloudflare.com/.../workers/plans
  [code: 10027]
  To learn more about this error, visit:
  https://developers.cloudflare.com/workers/platform/limits/#worker-size

  
  If you think this is a bug, please open an issue at:
  https://github.com/cloudflare/workers-sdk/issues/new/choose

⛅️ wrangler 4.16.1
-------------------

Total Upload: 31652.23 KiB / gzip: 10083.07 KiB
No bindings found.
▲ [WARNING] Here are the 3 largest dependencies included in your script:

  - node_modules/@ffmpeg/core/dist/esm/ffmpeg-core.wasm - 31476.97 KiB
  - node_modules/@ffmpeg/core/dist/esm/ffmpeg-core.js - 173.98 KiB
  - src/index.ts - 1.01 KiB
  If these are unnecessary, consider removing them



✘ [ERROR] A request to the Cloudflare API (/accounts/.../workers/scripts/workers-test/versions) failed.

  Your Worker exceeded the size limit of 3 MiB. Please upgrade to a paid plan to
  deploy Workers up to 10 MiB.
  https://dash.cloudflare.com/.../workers/plans
  [code: 10027]
  To learn more about this error, visit:
  https://developers.cloudflare.com/workers/platform/limits/#worker-size

  
  If you think this is a bug, please open an issue at:
  https://github.com/cloudflare/workers-sdk/issues/new/choose

M

maxOP•5/25/25, 7:57 PM

I've been trying to dynamically download from r2 and compile the wasm module, but I don't think it's possible

Mmax I've been trying to dynamically download from r2 and compile the wasm module, bu...

R

Rui Figueira•5/25/25, 8:01 PM

I tried with a different account, I also hit the limit there

M

maxOP•5/25/25, 8:02 PM

oh so you've just got a lucky account?...

Mmax oh so you've just got a lucky account?...

R

Rui Figueira•5/25/25, 8:03 PM

so it seems

B

bun•5/26/25, 10:25 AM

wth is going on?! why does deploying a static website need a worker now ?

B

bun•5/26/25, 12:21 PM

export default {
  fetch: async (
    request: Request,
    env: { JWT_SECRET: string }
  ): Promise<Response> => {
    const token = request.headers.get("authorization");

    if (!token) {
      return new Response("unauthorized", { status: 401 });
    }

    try {
      await validateJWT(token, env.JWT_SECRET);

      return new Response(null, {
        status: 404 // meant as success for cloudflare to serve assets
      });
    } catch {
      return new Response("forbidden", { status: 403 });
    }
  }
};

export default {
  fetch: async (
    request: Request,
    env: { JWT_SECRET: string }
  ): Promise<Response> => {
    const token = request.headers.get("authorization");

    if (!token) {
      return new Response("unauthorized", { status: 401 });
    }

    try {
      await validateJWT(token, env.JWT_SECRET);

      return new Response(null, {
        status: 404 // meant as success for cloudflare to serve assets
      });
    } catch {
      return new Response("forbidden", { status: 403 });
    }
  }
};

export default {
  fetch: async (
    request: Request,
    env: { JWT_SECRET: string }
  ): Promise<Response> => {
    const token = request.headers.get("authorization");

    if (!token) {
      return new Response("unauthorized", { status: 401 });
    }

    try {
      await validateJWT(token, env.JWT_SECRET);

      return new Response(null, {
        status: 404 // meant as success for cloudflare to serve assets
      });
    } catch {
      return new Response("forbidden", { status: 403 });
    }
  }
};

export default {
  fetch: async (
    request: Request,
    env: { JWT_SECRET: string }
  ): Promise<Response> => {
    const token = request.headers.get("authorization");

    if (!token) {
      return new Response("unauthorized", { status: 401 });
    }

    try {
      await validateJWT(token, env.JWT_SECRET);

      return new Response(null, {
        status: 404 // meant as success for cloudflare to serve assets
      });
    } catch {
      return new Response("forbidden", { status: 403 });
    }
  }
};

B

bun•5/26/25, 12:21 PM

any idea why does the following code not work :/ ?

B

bun•5/26/25, 12:22 PM

like for some reason the page loads fine, when it shouldn't without a valid token, but in debugger, the requests come as 401, meaning the validation only works inside the debugger?

Bbun any idea why does the following code not work :/ ?

C

Chaika•5/26/25, 12:40 PM

Two problems

By default, Your worker/user code isn't going to be called if the path exactly matches an asset, you'd have to add

run_worker_first = true

run_worker_first = true

run_worker_first = true

run_worker_first = true to your config
https://developers.cloudflare.com/workers/static-assets/#routing-behavior

You'd have to configure your assets configuration to have a binding (like

ASSETS

ASSETS

ASSETS

ASSETS) and then call through to it:

return env.ASSETS.fetch(request);

return env.ASSETS.fetch(request);

return env.ASSETS.fetch(request);

return env.ASSETS.fetch(request);

B

bun•5/26/25, 12:41 PM

Thank you, works perfectly

I

Isaac McFadyen•5/26/25, 1:06 PM

Note that if you run_worker_first then you will always be billed for asset requests (i.e. no free serving of assets like Pages)

IIsaac McFadyen Note that if you run_worker_first then you will always be billed for asset reque...

B

bun•5/26/25, 1:43 PM

do u think there's a way to serve assets while at the same time validate jwt header?

B

bun•5/26/25, 1:43 PM

without being on enterprise tier

Bbun do u think there's a way to serve assets while at the same time validate jwt hea...

I

Isaac McFadyen•5/26/25, 1:44 PM

Your method will work but you would be billed. You could use Snippets if you're on a non-Free plan.

D

dave•5/26/25, 1:52 PM

Was there a recent update on mTLS working for Worker-to-Worker? I thought there was a blog post or something about it.. but can't find anything now.

Bbun do u think there's a way to serve assets while at the same time validate jwt hea...

D

dave•5/26/25, 1:57 PM

If you want to avoid Workers and Snippets, you can use a HMAC (symmetric algorithm only).

https://developers.cloudflare.com/ruleset-engine/rules-language/functions/#hmac-validation

Personally I prefer Snippets a lot more, since you can use ES256 (ECDSA with the P256 curve + SHA256). Using an asymmetric algorithm is so much nicer, since you don't have to worry about the validator ever needing to know what the secret was.

Ddave If you want to avoid Workers and Snippets, you can use a HMAC (symmetric algorit...

C

Chaika•5/26/25, 2:02 PM

You'd then need Pro for HMAC, which has Snippets anyway lol

CChaika You'd then need Pro for HMAC, which has Snippets anyway lol

D

dave•5/26/25, 2:13 PM

ya, but in some cases one might be better than the other. IIRC the WAF doesn't run when you do requests from your own Workers in the same zone, right?

Ddave ya, but in some cases one might be better than the other. IIRC the WAF doesn't r...

C

Chaika•5/26/25, 2:14 PM

That's confused me before, I think you're right

There is now a compat flag which I believe should get around that:
https://developers.cloudflare.com/workers/configuration/compatibility-flags/#global-fetch-strictly-public
If you were running an untrusted worker

Cloudflare Docs

Compatibility flags

Opt into a specific features of the Workers runtime for your Workers project.

CChaika That's confused me before, I think you're right There is now a compat flag whic...

D

dave•5/26/25, 3:12 PM

woah, that's really cool! I wish there was a way to do that per request

D

dave•5/26/25, 3:27 PM

I guess I could do a service binding to a Worker (with global_fetch_strictly_public enabled) that exposes a fetch?

V

VinnieDePikvis•5/26/25, 3:30 PM

Hey, I was planning on using cloudflare pages to host client websites and provide domain registration what are the limits to it and the pricing for everything

C

Chaika•5/26/25, 3:32 PM

https://pages.cloudflare.com/#pricing
https://developers.cloudflare.com/pages/platform/limits/
Domain Registration depends on the domain and extension, can see in dashboard by searching to register a domain

Cloudflare Docs

Limits

Below are limits observed by the Cloudflare Free plan. For more details on removing these limits, refer to the Cloudflare plans page.

Cloudflare Pages

Build your next application with Cloudflare Pages

CChaika That's confused me before, I think you're right There is now a compat flag whic...

D

dave•5/26/25, 3:34 PM

oh sweet, this makes caching in my Workers that are triggered by Cron Workers!

CChaika https://pages.cloudflare.com/#pricing https://developers.cloudflare.com/pages/pl...

V

VinnieDePikvis•5/26/25, 3:41 PM

so its $200 a month to have 20 concurrent builds, can this be increased if asked later

VVinnieDePikvis so its $200 a month to have 20 concurrent builds, can this be increased if asked...

C

Chaika•5/26/25, 3:42 PM

If you go up to Enterprise I'm sure it could, without Enterprise there's the limit form on https://developers.cloudflare.com/pages/platform/limits/, not sure if they would or not

C

Chaika•5/26/25, 3:43 PM

worth noting concurrent builds is just if you're using Cloudflare's built in builders and such. If you're using drag and drop/direct upload/uploading the files via the API, both the concurrent build limit and the builds per month limit do not apply

CChaika worth noting concurrent builds is just if you're using Cloudflare's built in bui...

V

VinnieDePikvis•5/26/25, 4:18 PM

so my current situation is that I need to host my NextJS sites, so are you saying that if I build them using cloudflare-on-next npm package and just make cloudflare host those its free?

VVinnieDePikvis so my current situation is that I need to host my NextJS sites, so are you sayin...

C

Chaika•5/26/25, 4:22 PM

If you build them locally and upload the files you can avoid the build limits and such
Worth noting next-on-pages for example uses Functions to handle all the routing, and you'd be either limited by the Functions free tier or have to pay as part of Workers Paid
Only truly static sites/assets are free and unlimited requests

CChaika If you build them locally and upload the files you can avoid the build limits an...

V

VinnieDePikvis•5/26/25, 4:24 PM

hmm, well I can't make them static but thanks, 'ppreciate it

CChaika That's confused me before, I think you're right There is now a compat flag whic...

D

dave•5/26/25, 4:28 PM

What is the downside of using this flag? It seems like it should be a default, what would it break…?

Ddave What is the downside of using this flag? It seems like it should be a default, w...

C

Chaika•5/26/25, 4:29 PM

It would break every worker on a route fetching through to the origin

C

Chaika•5/26/25, 4:30 PM

or any worker depending on it not being challenged/blocked. I have an Astro SSR site which fetches the API on the same zone, wouldn't want it being challenged or blocked in anyway

CChaika It would break every worker on a route fetching through to the origin

D

dave•5/26/25, 4:30 PM

ahhh, I think I have almost zero Workers do that do that pattern.

C

Chaika•5/26/25, 4:31 PM

yea I think it's kind of rarer these days, was like the #1 use case when Workers first launched though, and still a good example/use

CChaika It would break every worker on a route fetching through to the origin

D

dave•5/26/25, 4:40 PM

How does the flag interact with service bindings?

Ddave How does the flag interact with service bindings?