Implement Skew Protection
Hello,
I am trying to implement something like Skew Protection (similar to what Vercel offers https://vercel.com/blog/version-skew-protection) and which has been posted about a few times in this discord.
I got some idea of what I could do and I wonder if this is the best way and what the community thinks.
This is our current set up:
Request -> Origin Rule (which sends it to the right Cloudflare Page url) -> Transform Rule (which adds a header we need, and this header is based off of the host name) -> Finally we hit the "production" deployment of said Page and we load it.
I wanna be able to direct traffic to a different Deployment URL based on a header on the request. The ideas is that as I serve my users the page, I put a header in the response telling them what deployment this is (see question 1), so that subsequent requests will be routed there. Of course, there will be more done here to inform users that they are out of date, but I know how to do that.
Question 1:
I plan to just expose the env variable CF_PAGES_URL for this purpose. Any issues you see with that?
Question 2:
I am not sure where to do the redirect. I am thinking about these options:
1. If I know the CF_PAGES_URL, I can put that in a cookie/header with my request, and then in the origin rule I can redirect it to that. Unfortunately, I do not know how to take a header and make that the host I rewrite my request with in the origin rule. Which is what brings me to option 2 below.
2. Use Cloudflare Snippets to do it. I tried something, but I just get internal server error, how does one rewrite the request to the right cloudflare Page? I also don't love this option cause its in Alpha and that feels very risky to use in production.
3. Use a worker instead of the Cloudflare snippet.
4. Something else?
Sorry for the wall of text, I appreciate any insight anyone has 🙏
1 Reply
Any progress on this?