Cloudflare Developers•15mo ago

Cloudflared Tunnel HTTP headers

How can I Pass headers in a cloudflared tunnel, I mean server-side headers that need to be passed to the end user? I wasn't able to find any info about this, while I can use transform rules I can't find any docs on about how can I pass a dynamic header

13 Replies

Cyb3r-Jak3•15mo ago

What do you mean by dynamic header?

thefourcraftOP•15mo ago

X-Requested-With: XMLHttpRequest
X-TxAdmin-CsrfToken: 7ZOWS0E2CjMDs18G8wtDX

X-Requested-With: XMLHttpRequest
X-TxAdmin-CsrfToken: 7ZOWS0E2CjMDs18G8wtDX

These are the headers that I'm trying to pass... this is where they get created in the application that is running behind Cloudflare

const txAdminAPI = ({type, url, data, dataType, timeout, success, error}) => {
    if (anyUndefined(type, url)) return false;

    url = TX_BASE_PATH + url;
    timeout = timeout ?? REQ_TIMEOUT_MEDIUM;
    dataType = dataType || 'json';
    success = success || (() => {});
    error = error || (() => {});
    const headers = {'X-TxAdmin-CsrfToken': (csrfToken) ? csrfToken : 'not_set'}
    // console.log(`txAdminAPI Req to: ${url}`);
    return $.ajax({type, url, timeout, data, dataType, success, error, headers});
};

const txAdminAPI = ({type, url, data, dataType, timeout, success, error}) => {
    if (anyUndefined(type, url)) return false;

    url = TX_BASE_PATH + url;
    timeout = timeout ?? REQ_TIMEOUT_MEDIUM;
    dataType = dataType || 'json';
    success = success || (() => {});
    error = error || (() => {});
    const headers = {'X-TxAdmin-CsrfToken': (csrfToken) ? csrfToken : 'not_set'}
    // console.log(`txAdminAPI Req to: ${url}`);
    return $.ajax({type, url, timeout, data, dataType, success, error, headers});
};

https://github.com/tabarra/txAdmin/blob/361fed4796d229c91b00407c2df45a3aa4c761f2/web/public/js/txadmin/base.js#L147

GitHub

txAdmin/web/public/js/txadmin/base.js at 361fed4796d229c91b00407c2d...

The official FiveM server management platform used by over 23k servers! - tabarra/txAdmin

thefourcraftOP•15mo ago

it changes value randomly

Cyb3r-Jak3•15mo ago

You would need to run a worker in front for a header that advanced. Snippets should be able to do that but they are not available yet.

thefourcraftOP•15mo ago

Interesting, can you give me more info on this? or is this what you are talking about https://developers.cloudflare.com/workers/examples/alter-headers/

Alter headers · Cloudflare Workers docs

You can also use the custom-headers-example template to deploy this code to your custom domain.

Cyb3r-Jak3•15mo ago

Similar to take but you would do the header modification before the await fetch(request) part

thefourcraftOP•15mo ago

Can the worker get headers from the origin? And pass them through? Or will I have to implement my logic?

Cyb3r-Jak3•15mo ago

Like from the response?

thefourcraftOP•15mo ago

Yes, They will get the X-TxAdmin-CsrfToken form the origin and send it to the user after he passes the zero trust authentication

Cyb3r-Jak3•15mo ago

What does the flow look like? Incoming request -> worker appends header -> origin or is more like incoming request -> worker -> origin then worker appends header to response to user?

thefourcraftOP•15mo ago

I think it is like incoming request -> worker -> origin then worker appends header to response to user

Cyb3r-Jak3•15mo ago

Then yeah the example you linked is probabaly best

thefourcraftOP•15mo ago

This hedder X-TxAdmin-CsrfToken is created at the origin so it makes sense that this is how it will look like as always thanks for the help 6Lovee

Gaming

Programming

Cloudflared Tunnel HTTP headers