CF-Connecting-IP header is missing?
Hi.
I need this header for the IP so that I can secure my Cloudflare worker. Why might I not be seeing this header?
If it helps, I am using nginx proxy manager to host.
The transform setting to remove the header is already disabled.
24 Replies
Anyone..? Please.
What's the wider context of the worker/how you're trying to get it? Not sure how exactly nginx proxy manager is related to Workers either.
Some common mistakes:
In workers you cannot console.log(request.headers) or json.stringify, have to use Object.fromEntries or new Map: https://developers.cloudflare.com/workers/examples/logging-headers/
Cloudflare Docs
Logging headers to console | Cloudflare Workers docs
Examine the contents of a Headers object by logging to console with a Map.
I've already tried logging the headers with Map or Object.fromEntries, but I will try again.
I wanted to use this worker to toggle on/off a maintenance mode and restrict it to my IP only.
that was ran with wrangler dev not on local mode
Have you tested deploying and testing against?
If that screenshot is supposed to be a map of your request headers from a request your browser set you're missing even other standard things like user-agent, accept, etc that your browser itself would send
I've tried with postman and through browser. Both in the wrangler dev test and through the actual domain.
I'm honestly not sure how to check if the header is shown in postman, but I did not see it in the browser and I did not see it when trying curl -v
well it's a transparent request header added by the proxy layer, only way you'd ever see it is if your worker was reflecting it back or logging it
Hmm. I see. I'll see if I can log.
console.log({headers: Object.fromEntries(request.headers)})
or any of the other examples in the docs linked above will work, other then simply trying to log the objectnothing is currently logging
in the cloudflare browser editor
for workers
that's not very descriptive but sometimes the browser editor can be weird in general, just add logs -> deploy and then Logs tab -> click Live -> begin live stream to tail, send request to live worker and should see a log event you can click to open
hmm.
that doesn't look like live logs, you can click "Live" in the top right to get to them
Ohh I see
Yeah I see it
Alright.
Now that I can actually see it, I'll try getting it again in the script
it's just request.headers.get("cf-connecting-ip"), right?
It is there, but I still get forbidden
log your allowed IPs list. Is it actually under the current object /
this? If you're in the fetch handler it would just be a passed in parameterfixed an issue
but I don't think it will make a difference
this should work if I am not mistaken, right?
About the env thing, ill try that
depends what
allowed_ips is, also refer to my comment above about this and worth noting in the quick editor the requesting IP is always the same-worker IP of 2a06:98c0:3600::103I see, ok
this.env is from a durable object
should it still be from the parameter?
env is undefined
not sure why
it is being passed
I got it! Thank you for your help.