cryptomania | skiff
cryptomania | skiff
PostsComments
CDCloudflare Developers
Created by cryptomania | skiff on 10/10/2023 in #pages-help
Pages and Strong ETags
Does Pages automatically generate strong ETags that we can configure as an Enterprise customer? We have a ton of ongoing cache issues related to weak ETags and CSP hashing where our app cannot be loaded by some users. We suspect it has to do with weak ETags being used rather than strong ETags. I was reading through https://developers.cloudflare.com/cache/how-to/cache-rules/ which allows for strong ETags, but this implies that Cloudflare cache will respect Strong ETags served from the origin which for us is Cloudflare Pages. Hence the question if Cloudflare Pages will generate Strong ETags. (Note that we are an enterprise customer)
36 replies
CDCloudflare Developers
Created by cryptomania | skiff on 9/12/2023 in #pages-help
308 error on missing chunk
Hi there! Why would we get 308 http status code for a JS chunk that exists (and is confirmed to be uploaded) in a pages deployment? We use cloudflare pages to serve our frontends. The build is slightly complex so we use the wrangler direct upload method and it generally has worked. We have an open ticket for any CF employees lurking here #2928906 Just looking for any additional insight into what we can debug while we wait on support.
1 replies
CDCloudflare Developers
Created by cryptomania | skiff on 7/5/2023 in #pages-help
Getting strange SSL errors when connecting to Cloudflare Pages site
We see a small percentage of our users running into SSL issues when connecting to app.skiff.com which runs on Cloudflare Pages. The underlying TLS error is * error:1400410B:SSL routines:CONNECT_CR_SRVR_HELLO:wrong version number The really strange part is that the SSL connection goes away when they move off of wifi and onto their 4g/5g connection. This was true for an Android device connecting to the Haifa data center. This was true for an iphone and osx device connecting to San Jose data center. When the iphone switched to their cellular connection, the osx machine switched to hotspot onto their iphone, and the SSL connections disappeared dissappeared for the osx device. To confirm, there is a subset of clients who see this message for ALL connection attempts, and other clients have no issue. 
$ curl https://app.skiff.com/ -v
* Trying 2606:4700:3108::ac42:2918:443...
* Connected to app.skiff.com (2606:4700:3108::ac42:2918) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
* CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* error:1400410B:SSL routines:CONNECT_CR_SRVR_HELLO:wrong version number
* Closing connection 0
curl: (35) error:1400410B:SSL routines:CONNECT_CR_SRVR_HELLO:wrong version number
$ curl https://app.skiff.com/ -v
* Trying 2606:4700:3108::ac42:2918:443...
* Connected to app.skiff.com (2606:4700:3108::ac42:2918) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
* CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* error:1400410B:SSL routines:CONNECT_CR_SRVR_HELLO:wrong version number
* Closing connection 0
curl: (35) error:1400410B:SSL routines:CONNECT_CR_SRVR_HELLO:wrong version number
We have an internal ticket # 2855049 but just wanted to raise awareness here in case anyone has seen this before. Note that we do not see any SSL issues for cloudflare proxied records like our api server (api.skiff.com).
5 replies