Spaces:
Running
Running
bypass CF proxy for oauth/access_token — go direct to X
Browse filesoauth/access_token was returning 500 from X when routed through
the CF Worker. OAuth 1.0a signatures are sensitive to exact
request details; CF Worker may have altered headers/body.
Direct paths (no proxy): /oauth/access_token
request_token still proxied (working fine via CF).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- cloudflare-proxy.js +17 -4
cloudflare-proxy.js
CHANGED
|
@@ -79,6 +79,19 @@ if (PROXY_URL) {
|
|
| 79 |
return should;
|
| 80 |
};
|
| 81 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 82 |
const patch = (original, originalModuleName) => {
|
| 83 |
return function patchedRequest(arg1, arg2, arg3) {
|
| 84 |
let options = {};
|
|
@@ -109,7 +122,7 @@ if (PROXY_URL) {
|
|
| 109 |
const path = options.path || "/";
|
| 110 |
const headers = options.headers || {};
|
| 111 |
|
| 112 |
-
const shouldProxy = shouldProxyHost(hostname);
|
| 113 |
const alreadyProxied = options._proxied;
|
| 114 |
const hasTargetHeader =
|
| 115 |
headers["x-target-host"] || headers["X-Target-Host"];
|
|
@@ -163,8 +176,8 @@ if (PROXY_URL) {
|
|
| 163 |
}
|
| 164 |
|
| 165 |
const hostname = url.hostname;
|
| 166 |
-
const shouldProxy = shouldProxyHost(hostname);
|
| 167 |
-
|
| 168 |
let mergedHeaders;
|
| 169 |
if (request) {
|
| 170 |
mergedHeaders = new Headers(request.headers);
|
|
@@ -285,7 +298,7 @@ if (PROXY_URL) {
|
|
| 285 |
hostname = String(origin || "").split(':')[0];
|
| 286 |
}
|
| 287 |
|
| 288 |
-
if (hostname && shouldProxyHost(hostname)) {
|
| 289 |
if (DEBUG) log(`[cloudflare-proxy] Redirecting undici ${name}.dispatch: ${hostname}${options.path || ""} -> ${proxy.hostname}`);
|
| 290 |
|
| 291 |
const targetHeader = "x-target-host";
|
|
|
|
| 79 |
return should;
|
| 80 |
};
|
| 81 |
|
| 82 |
+
// Paths that must go DIRECT (bypass CF proxy) even for proxied hosts.
|
| 83 |
+
// oauth/access_token: OAuth 1.0a signature is tied to the exact request;
|
| 84 |
+
// going through the CF Worker was causing X to return 500.
|
| 85 |
+
const DIRECT_PATH_PATTERNS = [
|
| 86 |
+
"/oauth/access_token",
|
| 87 |
+
];
|
| 88 |
+
const shouldBypassPath = (path) => {
|
| 89 |
+
if (!path) return false;
|
| 90 |
+
const matched = DIRECT_PATH_PATTERNS.some((p) => String(path).includes(p));
|
| 91 |
+
if (matched) log(`[cloudflare-proxy] DIRECT (bypass) for path: ${path}`);
|
| 92 |
+
return matched;
|
| 93 |
+
};
|
| 94 |
+
|
| 95 |
const patch = (original, originalModuleName) => {
|
| 96 |
return function patchedRequest(arg1, arg2, arg3) {
|
| 97 |
let options = {};
|
|
|
|
| 122 |
const path = options.path || "/";
|
| 123 |
const headers = options.headers || {};
|
| 124 |
|
| 125 |
+
const shouldProxy = shouldProxyHost(hostname) && !shouldBypassPath(path);
|
| 126 |
const alreadyProxied = options._proxied;
|
| 127 |
const hasTargetHeader =
|
| 128 |
headers["x-target-host"] || headers["X-Target-Host"];
|
|
|
|
| 176 |
}
|
| 177 |
|
| 178 |
const hostname = url.hostname;
|
| 179 |
+
const shouldProxy = shouldProxyHost(hostname) && !shouldBypassPath(url.pathname);
|
| 180 |
+
|
| 181 |
let mergedHeaders;
|
| 182 |
if (request) {
|
| 183 |
mergedHeaders = new Headers(request.headers);
|
|
|
|
| 298 |
hostname = String(origin || "").split(':')[0];
|
| 299 |
}
|
| 300 |
|
| 301 |
+
if (hostname && shouldProxyHost(hostname) && !shouldBypassPath(options.path)) {
|
| 302 |
if (DEBUG) log(`[cloudflare-proxy] Redirecting undici ${name}.dispatch: ${hostname}${options.path || ""} -> ${proxy.hostname}`);
|
| 303 |
|
| 304 |
const targetHeader = "x-target-host";
|