Static workers handling of headers is different

I have a pages deployment with this headers file:

Content-Security-Policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-src *; child-src *; frame-ancestors *;

That identical _headers file (auto-generated) is not working for a static pages deployment:

✘ [ERROR] A request to the Cloudflare API (/accounts/804f65dff7cae7a9f4fee96ca2f65958/workers/scripts/...) failed.

  Invalid _headers configuration:
  Line 1: Expected a path before headers [code: 10021]

  If you think this is a bug, please open an issue at:
  https://github.com/cloudflare/workers-sdk/issues/new/choose

✘ [ERROR] A request to the Cloudflare API (/accounts/804f65dff7cae7a9f4fee96ca2f65958/workers/scripts/...) failed.

  Invalid _headers configuration:
  Line 1: Expected a path before headers [code: 10021]

  If you think this is a bug, please open an issue at:
  https://github.com/cloudflare/workers-sdk/issues/new/choose

Would love to get a sense for whether there is a bug here... the fix was to add a line for /**/* as a prefix on the preceding line. Annoying because of the automations that will need to change, but workable.

1 Reply

DaniFoldi•6mo ago

I think the actual issue here was that pages didn't error on that _headers file - to my best knowledge it should require a [url]: line https://developers.cloudflare.com/pages/configuration/headers/#attach-a-header Can you confirm if it added the header in Pages?

Cloudflare Docs

Headers

The default response headers served on static asset responses can be overridden, removed, or added to, by creating a plain text file called _headers without a file extension, in the static asset directory of your project. This file will not itself be served as a static asset, but will instead be parsed by Cloudflare Pages and its rules will be a...

Gaming

Programming

Static workers handling of headers is different

Did you find this page helpful?