aperture
CDCloudflare Developers
•Created by aperture on 4/1/2024 in #general-help
Add CORP header to ZeroTrust Domain
Hi guys, I'm having two sites
a.example.com and b.example.com, both of them are place under ZeroTrust. Currently page a cannot access asset from page b because it failed to check for CORP request. The .cloudflareaccess.com domain does not return Cross-Origin-Resource-Policy=cross-origin header. Now I have to manually go to page b to let cf access authorize then go back to page a. Is there any setting I can apply to mitigate this issue? I've tried setting CORS but nothing changed1 replies
CDCloudflare Developers
•Created by aperture on 3/14/2024 in #general-help
Subscription API is returning 503
2 replies
CDCloudflare Developers
•Created by aperture on 3/4/2024 in #general-help
Automatically authorize all Zero trust domains in an Application when one of them was authorized
Hi guys, currently my web and my R2 bucket domain are protected by the same zero trust Application and that web frontend is using assets stored in the R2 bucket. But when the Zero Trust credential timed out and users need to relogin, they always login into the web. When it calls R2 bucket domain, an error returned. Users have to manually go to the R2 bucket domain to authorize access, until then my web can get assets from R2 normally again. Is there any way to simplify this step?
25 replies
CDCloudflare Developers
•Created by aperture on 6/22/2023 in #workers-help
Is there any efficient way to implement Authorization in Cloudflare Workers?
Hi, I'm using CF Pages to build a web page which uses JWT to authorize users. I'm implementing the authorizer in Svelte by using a hook which calls an authorizer CF Workers to verify the JWT tokens to save the CPU time. Is there any cleaner/more transparent solution, like Custom Authorizer in AWS REST API Gateway?
In additional, I'm using ES256 algorithm to sign the JWT.
1 replies