feat(miniflare): add CF-Worker header to outgoing fetch requests#12186
feat(miniflare): add CF-Worker header to outgoing fetch requests#12186
Conversation
🦋 Changeset detectedLatest commit: fd5fb0f The changes in this PR will be included in the next version bump. Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
🤖 Devin AI EngineerI'll be helping with this pull request! Here's what you should know: ✅ I will automatically:
Note: I can only respond to comments from users who have write access to this repository. ⚙️ Control Options:
|
create-cloudflare
@cloudflare/kv-asset-handler
miniflare
@cloudflare/pages-shared
@cloudflare/unenv-preset
@cloudflare/vite-plugin
@cloudflare/vitest-pool-workers
@cloudflare/workers-editor-shared
@cloudflare/workers-utils
wrangler
commit: |
|
The Cf-worker header should be set to the zone. Miniflare should expose an (optional) option to pass in a zone, which Wrangler will use. Additionally, Miniflare should default cf-worker to ${worker-name}.example.com if no zone is passed in |
|
Devin, please make this change |
penalosa
force-pushed
the
devin/1769516338-cf-worker-header
branch
from
5825c4c to
232e8d0
Compare
|
Claude finished @penalosa's task —— View job Changeset ReviewTodo List:
✅ All changesets look good The changeset
|
|
Devin, it doesn't look like Wrangler passes the |
penalosa
force-pushed
the
devin/1769516338-cf-worker-header
branch
from
32dc9de to
f95ae25
Compare
| export default { | ||
| fetch(request) { | ||
| fetch(request, env: Env) { |
There was a problem hiding this comment.
Nit pick: Not needed if we're using satisfies ExportedHandler<Env>
| fetch(request, env: Env) { | |
| fetch(request, env) { |
Adds the CF-Worker header to outgoing fetch requests in local development to match production behavior. The header value is set to the worker's name. Fixes #4367 Co-Authored-By: smacleod@cloudflare.com <samuel@macleod.space>
- Add optional 'zone' option to Miniflare worker options
- CF-Worker header uses zone value when provided
- Default to ${worker-name}.example.com when zone not specified
- Update tests to verify new behavior
Co-Authored-By: smacleod@cloudflare.com <samuel@macleod.space>
Co-Authored-By: smacleod@cloudflare.com <samuel@macleod.space>
penalosa
force-pushed
the
devin/1769516338-cf-worker-header
branch
from
f95ae25 to
fd5fb0f
Compare
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
There was a problem hiding this comment.
🟡 CF-Worker header not added when stripCfConnectingIp is disabled
The CF-Worker header is only added to outbound requests when stripCfConnectingIp is true (the default). When a user explicitly sets stripCfConnectingIp: false, the CF-Worker header is not added, which doesn't match production behavior where CF-Worker is always added to subrequests.
Click to expand
Root Cause
The CF-Worker header logic is coupled with the strip-cf-connecting-ip worker at packages/miniflare/src/plugins/core/index.ts:851-853:
globalOutbound: options.stripCfConnectingIp
? { name: getStripCfConnectingIpName(workerIndex) }
: getGlobalOutbound(workerIndex, options),When stripCfConnectingIp is false, the strip-cf-connecting-ip worker is bypassed entirely, and the CF-Worker header (set at line 9 in strip-cf-connecting-ip.worker.ts) is never added.
Impact
Users who disable CF-Connecting-IP stripping for testing purposes will also lose the CF-Worker header on outbound requests, which may cause their local development environment to behave differently from production in unexpected ways.
Actual vs Expected
- Actual: When
stripCfConnectingIp: false, no CF-Worker header is added - Expected: CF-Worker header should be added regardless of the
stripCfConnectingIpsetting to match production behavior
(Refers to lines 851-853)
Recommendation: Consider decoupling the CF-Worker header logic from the CF-Connecting-IP stripping, or rename the worker to reflect its combined purpose and add a separate option for controlling the CF-Worker header.
Was this helpful? React with 👍 or 👎 to provide feedback.
There was a problem hiding this comment.
This is fine. stripCfConnectingIp really means "this miniflare instance is a proxy and shouldn't do weird things to requests" which applies to both stripCfConnectingIp and adding a CF Worker header
3 participants
Fixes #4367.
Adds the
CF-Workerheader to outgoing fetch requests in Miniflare's local development environment to match production behavior. In production, Cloudflare adds this header to subrequests made by Workers, with the value set to the zone/domain.The implementation reuses the existing
strip-cf-connecting-ipwrapper worker that already intercepts outbound requests. A new optionalzoneoption is exposed to allow specifying the header value. Wrangler now passes the zone value (extracted from the configured routes/host) to Miniflare automatically.Header value behavior:
zoneoption is provided: uses that value (e.g.,example.com)zoneis not provided butnameis: uses${name}.example.com(e.g.,my-worker.example.com)worker.example.comUpdates since last revision:
ConfigBundle.zone, extracted fromdev.origin.hostname(which comes from routes configuration)Human review checklist:
event.config.dev?.origin?.hostnameis the correct source for the zone value in WranglerLink to Devin run: https://app.devin.ai/sessions/3c5448d105c44a5fbbc723f94bbf35b8
Devin PR requested by @penalosa