opencodekit 0.15.3 → 0.15.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +1 -1
- package/dist/template/.opencode/AGENTS.md +209 -77
- package/dist/template/.opencode/agent/plan.md +4 -0
- package/dist/template/.opencode/command/cloudflare.md +70 -0
- package/dist/template/.opencode/package.json +1 -1
- package/dist/template/.opencode/skill/cloudflare/SKILL.md +233 -0
- package/dist/template/.opencode/skill/cloudflare/references/agents-sdk/README.md +35 -0
- package/dist/template/.opencode/skill/cloudflare/references/agents-sdk/api.md +100 -0
- package/dist/template/.opencode/skill/cloudflare/references/agents-sdk/configuration.md +99 -0
- package/dist/template/.opencode/skill/cloudflare/references/agents-sdk/gotchas.md +59 -0
- package/dist/template/.opencode/skill/cloudflare/references/agents-sdk/patterns.md +89 -0
- package/dist/template/.opencode/skill/cloudflare/references/ai-gateway/README.md +695 -0
- package/dist/template/.opencode/skill/cloudflare/references/ai-search/README.md +14 -0
- package/dist/template/.opencode/skill/cloudflare/references/ai-search/api.md +38 -0
- package/dist/template/.opencode/skill/cloudflare/references/ai-search/configuration.md +52 -0
- package/dist/template/.opencode/skill/cloudflare/references/ai-search/gotchas.md +41 -0
- package/dist/template/.opencode/skill/cloudflare/references/ai-search/patterns.md +45 -0
- package/dist/template/.opencode/skill/cloudflare/references/analytics-engine/README.md +14 -0
- package/dist/template/.opencode/skill/cloudflare/references/analytics-engine/api.md +27 -0
- package/dist/template/.opencode/skill/cloudflare/references/analytics-engine/configuration.md +45 -0
- package/dist/template/.opencode/skill/cloudflare/references/analytics-engine/gotchas.md +3 -0
- package/dist/template/.opencode/skill/cloudflare/references/analytics-engine/patterns.md +36 -0
- package/dist/template/.opencode/skill/cloudflare/references/api/README.md +21 -0
- package/dist/template/.opencode/skill/cloudflare/references/api/api.md +31 -0
- package/dist/template/.opencode/skill/cloudflare/references/api/configuration.md +20 -0
- package/dist/template/.opencode/skill/cloudflare/references/api/gotchas.md +28 -0
- package/dist/template/.opencode/skill/cloudflare/references/api/patterns.md +47 -0
- package/dist/template/.opencode/skill/cloudflare/references/api-shield/README.md +20 -0
- package/dist/template/.opencode/skill/cloudflare/references/api-shield/api.md +78 -0
- package/dist/template/.opencode/skill/cloudflare/references/api-shield/configuration.md +128 -0
- package/dist/template/.opencode/skill/cloudflare/references/api-shield/gotchas.md +51 -0
- package/dist/template/.opencode/skill/cloudflare/references/api-shield/patterns.md +145 -0
- package/dist/template/.opencode/skill/cloudflare/references/argo-smart-routing/README.md +16 -0
- package/dist/template/.opencode/skill/cloudflare/references/argo-smart-routing/api.md +50 -0
- package/dist/template/.opencode/skill/cloudflare/references/argo-smart-routing/configuration.md +53 -0
- package/dist/template/.opencode/skill/cloudflare/references/argo-smart-routing/gotchas.md +16 -0
- package/dist/template/.opencode/skill/cloudflare/references/argo-smart-routing/patterns.md +45 -0
- package/dist/template/.opencode/skill/cloudflare/references/bindings/README.md +14 -0
- package/dist/template/.opencode/skill/cloudflare/references/bindings/api.md +3 -0
- package/dist/template/.opencode/skill/cloudflare/references/bindings/configuration.md +58 -0
- package/dist/template/.opencode/skill/cloudflare/references/bindings/gotchas.md +35 -0
- package/dist/template/.opencode/skill/cloudflare/references/bindings/patterns.md +37 -0
- package/dist/template/.opencode/skill/cloudflare/references/bot-management/README.md +71 -0
- package/dist/template/.opencode/skill/cloudflare/references/bot-management/api.md +168 -0
- package/dist/template/.opencode/skill/cloudflare/references/bot-management/configuration.md +114 -0
- package/dist/template/.opencode/skill/cloudflare/references/bot-management/gotchas.md +99 -0
- package/dist/template/.opencode/skill/cloudflare/references/bot-management/patterns.md +125 -0
- package/dist/template/.opencode/skill/cloudflare/references/browser-rendering/README.md +16 -0
- package/dist/template/.opencode/skill/cloudflare/references/browser-rendering/api.md +54 -0
- package/dist/template/.opencode/skill/cloudflare/references/browser-rendering/configuration.md +47 -0
- package/dist/template/.opencode/skill/cloudflare/references/browser-rendering/gotchas.md +29 -0
- package/dist/template/.opencode/skill/cloudflare/references/browser-rendering/patterns.md +29 -0
- package/dist/template/.opencode/skill/cloudflare/references/c3/README.md +264 -0
- package/dist/template/.opencode/skill/cloudflare/references/cache-reserve/README.md +93 -0
- package/dist/template/.opencode/skill/cloudflare/references/cache-reserve/api.md +176 -0
- package/dist/template/.opencode/skill/cloudflare/references/cache-reserve/configuration.md +164 -0
- package/dist/template/.opencode/skill/cloudflare/references/cache-reserve/gotchas.md +203 -0
- package/dist/template/.opencode/skill/cloudflare/references/cache-reserve/patterns.md +180 -0
- package/dist/template/.opencode/skill/cloudflare/references/containers/README.md +16 -0
- package/dist/template/.opencode/skill/cloudflare/references/containers/api.md +43 -0
- package/dist/template/.opencode/skill/cloudflare/references/containers/configuration.md +56 -0
- package/dist/template/.opencode/skill/cloudflare/references/containers/gotchas.md +21 -0
- package/dist/template/.opencode/skill/cloudflare/references/containers/patterns.md +40 -0
- package/dist/template/.opencode/skill/cloudflare/references/cron-triggers/README.md +85 -0
- package/dist/template/.opencode/skill/cloudflare/references/cron-triggers/api.md +198 -0
- package/dist/template/.opencode/skill/cloudflare/references/cron-triggers/configuration.md +151 -0
- package/dist/template/.opencode/skill/cloudflare/references/cron-triggers/gotchas.md +129 -0
- package/dist/template/.opencode/skill/cloudflare/references/cron-triggers/patterns.md +122 -0
- package/dist/template/.opencode/skill/cloudflare/references/d1/README.md +92 -0
- package/dist/template/.opencode/skill/cloudflare/references/d1/api.md +141 -0
- package/dist/template/.opencode/skill/cloudflare/references/d1/configuration.md +127 -0
- package/dist/template/.opencode/skill/cloudflare/references/d1/gotchas.md +70 -0
- package/dist/template/.opencode/skill/cloudflare/references/d1/patterns.md +144 -0
- package/dist/template/.opencode/skill/cloudflare/references/ddos/README.md +34 -0
- package/dist/template/.opencode/skill/cloudflare/references/ddos/api.md +136 -0
- package/dist/template/.opencode/skill/cloudflare/references/ddos/configuration.md +67 -0
- package/dist/template/.opencode/skill/cloudflare/references/ddos/gotchas.md +114 -0
- package/dist/template/.opencode/skill/cloudflare/references/ddos/patterns.md +158 -0
- package/dist/template/.opencode/skill/cloudflare/references/do-storage/README.md +62 -0
- package/dist/template/.opencode/skill/cloudflare/references/do-storage/api.md +89 -0
- package/dist/template/.opencode/skill/cloudflare/references/do-storage/configuration.md +116 -0
- package/dist/template/.opencode/skill/cloudflare/references/do-storage/gotchas.md +93 -0
- package/dist/template/.opencode/skill/cloudflare/references/do-storage/patterns.md +112 -0
- package/dist/template/.opencode/skill/cloudflare/references/durable-objects/README.md +125 -0
- package/dist/template/.opencode/skill/cloudflare/references/durable-objects/api.md +152 -0
- package/dist/template/.opencode/skill/cloudflare/references/durable-objects/configuration.md +148 -0
- package/dist/template/.opencode/skill/cloudflare/references/durable-objects/gotchas.md +158 -0
- package/dist/template/.opencode/skill/cloudflare/references/durable-objects/patterns.md +255 -0
- package/dist/template/.opencode/skill/cloudflare/references/email-routing/README.md +18 -0
- package/dist/template/.opencode/skill/cloudflare/references/email-routing/api.md +46 -0
- package/dist/template/.opencode/skill/cloudflare/references/email-routing/configuration.md +63 -0
- package/dist/template/.opencode/skill/cloudflare/references/email-routing/gotchas.md +16 -0
- package/dist/template/.opencode/skill/cloudflare/references/email-routing/patterns.md +46 -0
- package/dist/template/.opencode/skill/cloudflare/references/email-workers/README.md +598 -0
- package/dist/template/.opencode/skill/cloudflare/references/hyperdrive/README.md +62 -0
- package/dist/template/.opencode/skill/cloudflare/references/hyperdrive/api.md +137 -0
- package/dist/template/.opencode/skill/cloudflare/references/hyperdrive/configuration.md +133 -0
- package/dist/template/.opencode/skill/cloudflare/references/hyperdrive/gotchas.md +184 -0
- package/dist/template/.opencode/skill/cloudflare/references/hyperdrive/patterns.md +176 -0
- package/dist/template/.opencode/skill/cloudflare/references/images/README.md +14 -0
- package/dist/template/.opencode/skill/cloudflare/references/images/api.md +3 -0
- package/dist/template/.opencode/skill/cloudflare/references/images/configuration.md +45 -0
- package/dist/template/.opencode/skill/cloudflare/references/images/gotchas.md +23 -0
- package/dist/template/.opencode/skill/cloudflare/references/images/patterns.md +31 -0
- package/dist/template/.opencode/skill/cloudflare/references/kv/README.md +60 -0
- package/dist/template/.opencode/skill/cloudflare/references/kv/api.md +114 -0
- package/dist/template/.opencode/skill/cloudflare/references/kv/configuration.md +92 -0
- package/dist/template/.opencode/skill/cloudflare/references/kv/gotchas.md +117 -0
- package/dist/template/.opencode/skill/cloudflare/references/kv/patterns.md +139 -0
- package/dist/template/.opencode/skill/cloudflare/references/miniflare/README.md +64 -0
- package/dist/template/.opencode/skill/cloudflare/references/miniflare/api.md +144 -0
- package/dist/template/.opencode/skill/cloudflare/references/miniflare/configuration.md +203 -0
- package/dist/template/.opencode/skill/cloudflare/references/miniflare/gotchas.md +187 -0
- package/dist/template/.opencode/skill/cloudflare/references/miniflare/patterns.md +211 -0
- package/dist/template/.opencode/skill/cloudflare/references/network-interconnect/README.md +60 -0
- package/dist/template/.opencode/skill/cloudflare/references/network-interconnect/api.md +240 -0
- package/dist/template/.opencode/skill/cloudflare/references/network-interconnect/configuration.md +127 -0
- package/dist/template/.opencode/skill/cloudflare/references/network-interconnect/gotchas.md +171 -0
- package/dist/template/.opencode/skill/cloudflare/references/network-interconnect/patterns.md +171 -0
- package/dist/template/.opencode/skill/cloudflare/references/observability/README.md +18 -0
- package/dist/template/.opencode/skill/cloudflare/references/observability/api.md +51 -0
- package/dist/template/.opencode/skill/cloudflare/references/observability/configuration.md +60 -0
- package/dist/template/.opencode/skill/cloudflare/references/observability/gotchas.md +36 -0
- package/dist/template/.opencode/skill/cloudflare/references/observability/patterns.md +42 -0
- package/dist/template/.opencode/skill/cloudflare/references/pages/README.md +76 -0
- package/dist/template/.opencode/skill/cloudflare/references/pages/api.md +200 -0
- package/dist/template/.opencode/skill/cloudflare/references/pages/configuration.md +228 -0
- package/dist/template/.opencode/skill/cloudflare/references/pages/gotchas.md +161 -0
- package/dist/template/.opencode/skill/cloudflare/references/pages/patterns.md +145 -0
- package/dist/template/.opencode/skill/cloudflare/references/pages-functions/README.md +57 -0
- package/dist/template/.opencode/skill/cloudflare/references/pages-functions/api.md +201 -0
- package/dist/template/.opencode/skill/cloudflare/references/pages-functions/configuration.md +159 -0
- package/dist/template/.opencode/skill/cloudflare/references/pages-functions/gotchas.md +151 -0
- package/dist/template/.opencode/skill/cloudflare/references/pages-functions/patterns.md +190 -0
- package/dist/template/.opencode/skill/cloudflare/references/pipelines/README.md +664 -0
- package/dist/template/.opencode/skill/cloudflare/references/pulumi/README.md +107 -0
- package/dist/template/.opencode/skill/cloudflare/references/pulumi/api.md +194 -0
- package/dist/template/.opencode/skill/cloudflare/references/pulumi/configuration.md +216 -0
- package/dist/template/.opencode/skill/cloudflare/references/pulumi/gotchas.md +223 -0
- package/dist/template/.opencode/skill/cloudflare/references/pulumi/patterns.md +139 -0
- package/dist/template/.opencode/skill/cloudflare/references/queues/README.md +69 -0
- package/dist/template/.opencode/skill/cloudflare/references/queues/api.md +138 -0
- package/dist/template/.opencode/skill/cloudflare/references/queues/configuration.md +125 -0
- package/dist/template/.opencode/skill/cloudflare/references/queues/gotchas.md +112 -0
- package/dist/template/.opencode/skill/cloudflare/references/queues/patterns.md +155 -0
- package/dist/template/.opencode/skill/cloudflare/references/r2/README.md +61 -0
- package/dist/template/.opencode/skill/cloudflare/references/r2/api.md +127 -0
- package/dist/template/.opencode/skill/cloudflare/references/r2/configuration.md +76 -0
- package/dist/template/.opencode/skill/cloudflare/references/r2/gotchas.md +94 -0
- package/dist/template/.opencode/skill/cloudflare/references/r2/patterns.md +127 -0
- package/dist/template/.opencode/skill/cloudflare/references/r2-data-catalog/README.md +18 -0
- package/dist/template/.opencode/skill/cloudflare/references/r2-data-catalog/api.md +29 -0
- package/dist/template/.opencode/skill/cloudflare/references/r2-data-catalog/configuration.md +39 -0
- package/dist/template/.opencode/skill/cloudflare/references/r2-data-catalog/gotchas.md +20 -0
- package/dist/template/.opencode/skill/cloudflare/references/r2-data-catalog/patterns.md +46 -0
- package/dist/template/.opencode/skill/cloudflare/references/r2-sql/README.md +512 -0
- package/dist/template/.opencode/skill/cloudflare/references/realtime-sfu/README.md +21 -0
- package/dist/template/.opencode/skill/cloudflare/references/realtime-sfu/api.md +135 -0
- package/dist/template/.opencode/skill/cloudflare/references/realtime-sfu/configuration.md +63 -0
- package/dist/template/.opencode/skill/cloudflare/references/realtime-sfu/gotchas.md +75 -0
- package/dist/template/.opencode/skill/cloudflare/references/realtime-sfu/patterns.md +102 -0
- package/dist/template/.opencode/skill/cloudflare/references/realtimekit/README.md +81 -0
- package/dist/template/.opencode/skill/cloudflare/references/realtimekit/api.md +164 -0
- package/dist/template/.opencode/skill/cloudflare/references/realtimekit/configuration.md +147 -0
- package/dist/template/.opencode/skill/cloudflare/references/realtimekit/gotchas.md +172 -0
- package/dist/template/.opencode/skill/cloudflare/references/realtimekit/patterns.md +155 -0
- package/dist/template/.opencode/skill/cloudflare/references/sandbox/README.md +90 -0
- package/dist/template/.opencode/skill/cloudflare/references/sandbox/api.md +178 -0
- package/dist/template/.opencode/skill/cloudflare/references/sandbox/configuration.md +131 -0
- package/dist/template/.opencode/skill/cloudflare/references/sandbox/gotchas.md +156 -0
- package/dist/template/.opencode/skill/cloudflare/references/sandbox/patterns.md +203 -0
- package/dist/template/.opencode/skill/cloudflare/references/secrets-store/README.md +58 -0
- package/dist/template/.opencode/skill/cloudflare/references/secrets-store/api.md +182 -0
- package/dist/template/.opencode/skill/cloudflare/references/secrets-store/configuration.md +140 -0
- package/dist/template/.opencode/skill/cloudflare/references/secrets-store/gotchas.md +129 -0
- package/dist/template/.opencode/skill/cloudflare/references/secrets-store/patterns.md +218 -0
- package/dist/template/.opencode/skill/cloudflare/references/smart-placement/README.md +91 -0
- package/dist/template/.opencode/skill/cloudflare/references/smart-placement/api.md +139 -0
- package/dist/template/.opencode/skill/cloudflare/references/smart-placement/configuration.md +129 -0
- package/dist/template/.opencode/skill/cloudflare/references/smart-placement/gotchas.md +87 -0
- package/dist/template/.opencode/skill/cloudflare/references/smart-placement/patterns.md +135 -0
- package/dist/template/.opencode/skill/cloudflare/references/snippets/README.md +15 -0
- package/dist/template/.opencode/skill/cloudflare/references/snippets/api.md +47 -0
- package/dist/template/.opencode/skill/cloudflare/references/snippets/configuration.md +33 -0
- package/dist/template/.opencode/skill/cloudflare/references/snippets/gotchas.md +21 -0
- package/dist/template/.opencode/skill/cloudflare/references/snippets/patterns.md +34 -0
- package/dist/template/.opencode/skill/cloudflare/references/spectrum/README.md +16 -0
- package/dist/template/.opencode/skill/cloudflare/references/spectrum/api.md +24 -0
- package/dist/template/.opencode/skill/cloudflare/references/spectrum/configuration.md +43 -0
- package/dist/template/.opencode/skill/cloudflare/references/spectrum/gotchas.md +42 -0
- package/dist/template/.opencode/skill/cloudflare/references/spectrum/patterns.md +40 -0
- package/dist/template/.opencode/skill/cloudflare/references/static-assets/README.md +14 -0
- package/dist/template/.opencode/skill/cloudflare/references/static-assets/api.md +3 -0
- package/dist/template/.opencode/skill/cloudflare/references/static-assets/configuration.md +47 -0
- package/dist/template/.opencode/skill/cloudflare/references/static-assets/gotchas.md +44 -0
- package/dist/template/.opencode/skill/cloudflare/references/static-assets/patterns.md +42 -0
- package/dist/template/.opencode/skill/cloudflare/references/stream/README.md +103 -0
- package/dist/template/.opencode/skill/cloudflare/references/stream/api.md +204 -0
- package/dist/template/.opencode/skill/cloudflare/references/stream/configuration.md +127 -0
- package/dist/template/.opencode/skill/cloudflare/references/stream/gotchas.md +131 -0
- package/dist/template/.opencode/skill/cloudflare/references/stream/patterns.md +152 -0
- package/dist/template/.opencode/skill/cloudflare/references/tail-workers/README.md +640 -0
- package/dist/template/.opencode/skill/cloudflare/references/terraform/README.md +76 -0
- package/dist/template/.opencode/skill/cloudflare/references/terraform/api.md +159 -0
- package/dist/template/.opencode/skill/cloudflare/references/terraform/configuration.md +156 -0
- package/dist/template/.opencode/skill/cloudflare/references/terraform/gotchas.md +207 -0
- package/dist/template/.opencode/skill/cloudflare/references/terraform/patterns.md +135 -0
- package/dist/template/.opencode/skill/cloudflare/references/tunnel/README.md +82 -0
- package/dist/template/.opencode/skill/cloudflare/references/tunnel/api.md +105 -0
- package/dist/template/.opencode/skill/cloudflare/references/tunnel/configuration.md +113 -0
- package/dist/template/.opencode/skill/cloudflare/references/tunnel/gotchas.md +115 -0
- package/dist/template/.opencode/skill/cloudflare/references/tunnel/patterns.md +157 -0
- package/dist/template/.opencode/skill/cloudflare/references/turn/README.md +699 -0
- package/dist/template/.opencode/skill/cloudflare/references/turnstile/README.md +14 -0
- package/dist/template/.opencode/skill/cloudflare/references/turnstile/api.md +3 -0
- package/dist/template/.opencode/skill/cloudflare/references/turnstile/configuration.md +19 -0
- package/dist/template/.opencode/skill/cloudflare/references/turnstile/gotchas.md +27 -0
- package/dist/template/.opencode/skill/cloudflare/references/turnstile/patterns.md +41 -0
- package/dist/template/.opencode/skill/cloudflare/references/vectorize/README.md +682 -0
- package/dist/template/.opencode/skill/cloudflare/references/waf/README.md +14 -0
- package/dist/template/.opencode/skill/cloudflare/references/waf/api.md +3 -0
- package/dist/template/.opencode/skill/cloudflare/references/waf/configuration.md +44 -0
- package/dist/template/.opencode/skill/cloudflare/references/waf/gotchas.md +24 -0
- package/dist/template/.opencode/skill/cloudflare/references/waf/patterns.md +29 -0
- package/dist/template/.opencode/skill/cloudflare/references/web-analytics/README.md +19 -0
- package/dist/template/.opencode/skill/cloudflare/references/web-analytics/api.md +52 -0
- package/dist/template/.opencode/skill/cloudflare/references/web-analytics/configuration.md +31 -0
- package/dist/template/.opencode/skill/cloudflare/references/web-analytics/gotchas.md +28 -0
- package/dist/template/.opencode/skill/cloudflare/references/web-analytics/patterns.md +52 -0
- package/dist/template/.opencode/skill/cloudflare/references/workerd/README.md +47 -0
- package/dist/template/.opencode/skill/cloudflare/references/workerd/api.md +199 -0
- package/dist/template/.opencode/skill/cloudflare/references/workerd/configuration.md +185 -0
- package/dist/template/.opencode/skill/cloudflare/references/workerd/gotchas.md +203 -0
- package/dist/template/.opencode/skill/cloudflare/references/workerd/patterns.md +216 -0
- package/dist/template/.opencode/skill/cloudflare/references/workers/README.md +96 -0
- package/dist/template/.opencode/skill/cloudflare/references/workers/api.md +137 -0
- package/dist/template/.opencode/skill/cloudflare/references/workers/configuration.md +147 -0
- package/dist/template/.opencode/skill/cloudflare/references/workers/gotchas.md +99 -0
- package/dist/template/.opencode/skill/cloudflare/references/workers/patterns.md +149 -0
- package/dist/template/.opencode/skill/cloudflare/references/workers-ai/README.md +116 -0
- package/dist/template/.opencode/skill/cloudflare/references/workers-for-platforms/README.md +48 -0
- package/dist/template/.opencode/skill/cloudflare/references/workers-for-platforms/api.md +169 -0
- package/dist/template/.opencode/skill/cloudflare/references/workers-for-platforms/configuration.md +136 -0
- package/dist/template/.opencode/skill/cloudflare/references/workers-for-platforms/gotchas.md +130 -0
- package/dist/template/.opencode/skill/cloudflare/references/workers-for-platforms/patterns.md +170 -0
- package/dist/template/.opencode/skill/cloudflare/references/workers-playground/README.md +16 -0
- package/dist/template/.opencode/skill/cloudflare/references/workers-playground/api.md +20 -0
- package/dist/template/.opencode/skill/cloudflare/references/workers-playground/configuration.md +3 -0
- package/dist/template/.opencode/skill/cloudflare/references/workers-playground/gotchas.md +35 -0
- package/dist/template/.opencode/skill/cloudflare/references/workers-playground/patterns.md +42 -0
- package/dist/template/.opencode/skill/cloudflare/references/workers-vpc/README.md +579 -0
- package/dist/template/.opencode/skill/cloudflare/references/workflows/README.md +62 -0
- package/dist/template/.opencode/skill/cloudflare/references/workflows/api.md +125 -0
- package/dist/template/.opencode/skill/cloudflare/references/workflows/configuration.md +177 -0
- package/dist/template/.opencode/skill/cloudflare/references/workflows/gotchas.md +136 -0
- package/dist/template/.opencode/skill/cloudflare/references/workflows/patterns.md +132 -0
- package/dist/template/.opencode/skill/cloudflare/references/wrangler/README.md +90 -0
- package/dist/template/.opencode/skill/cloudflare/references/wrangler/api.md +140 -0
- package/dist/template/.opencode/skill/cloudflare/references/wrangler/configuration.md +128 -0
- package/dist/template/.opencode/skill/cloudflare/references/wrangler/gotchas.md +93 -0
- package/dist/template/.opencode/skill/cloudflare/references/wrangler/patterns.md +150 -0
- package/dist/template/.opencode/skill/cloudflare/references/zaraz/README.md +360 -0
- package/dist/template/.opencode/skill/react-best-practices/AGENTS.md +2410 -0
- package/dist/template/.opencode/skill/react-best-practices/README.md +123 -0
- package/dist/template/.opencode/skill/react-best-practices/SKILL.md +125 -0
- package/dist/template/.opencode/skill/react-best-practices/metadata.json +15 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/_sections.md +46 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/_template.md +28 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/advanced-event-handler-refs.md +55 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/advanced-use-latest.md +49 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/async-api-routes.md +38 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/async-defer-await.md +80 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/async-dependencies.md +36 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/async-parallel.md +28 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/async-suspense-boundaries.md +99 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/bundle-barrel-imports.md +59 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/bundle-conditional.md +31 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/bundle-defer-third-party.md +49 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/bundle-dynamic-imports.md +35 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/bundle-preload.md +50 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/client-event-listeners.md +74 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/client-localstorage-schema.md +71 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/client-passive-event-listeners.md +48 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/client-swr-dedup.md +56 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/js-batch-dom-css.md +82 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/js-cache-function-results.md +80 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/js-cache-property-access.md +28 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/js-cache-storage.md +70 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/js-combine-iterations.md +32 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/js-early-exit.md +50 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/js-hoist-regexp.md +45 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/js-index-maps.md +37 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/js-length-check-first.md +49 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/js-min-max-loop.md +82 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/js-set-map-lookups.md +24 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/js-tosorted-immutable.md +57 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/rendering-activity.md +26 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/rendering-animate-svg-wrapper.md +47 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/rendering-conditional-render.md +40 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/rendering-content-visibility.md +38 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/rendering-hoist-jsx.md +46 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/rendering-hydration-no-flicker.md +82 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/rendering-svg-precision.md +28 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/rerender-defer-reads.md +39 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/rerender-dependencies.md +45 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/rerender-derived-state.md +29 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/rerender-functional-setstate.md +74 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/rerender-lazy-state-init.md +58 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/rerender-memo.md +44 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/rerender-transitions.md +40 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/server-after-nonblocking.md +73 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/server-cache-lru.md +41 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/server-cache-react.md +76 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/server-parallel-fetching.md +83 -0
- package/dist/template/.opencode/skill/react-best-practices/rules/server-serialization.md +38 -0
- package/dist/template/.opencode/skill/supabase/SKILL.md +120 -0
- package/dist/template/.opencode/skill/supabase/mcp.json +27 -0
- package/dist/template/.opencode/skill/vercel-deploy-claimable/SKILL.md +112 -0
- package/dist/template/.opencode/skill/vercel-deploy-claimable/scripts/deploy.sh +249 -0
- package/dist/template/.opencode/skill/web-design-guidelines/SKILL.md +39 -0
- package/package.json +1 -1
|
@@ -0,0 +1,168 @@
|
|
|
1
|
+
# Bot Management API
|
|
2
|
+
|
|
3
|
+
## Workers: BotManagement Interface
|
|
4
|
+
|
|
5
|
+
```typescript
|
|
6
|
+
interface BotManagement {
|
|
7
|
+
score: number; // 1-99 (Enterprise), 0 if not computed
|
|
8
|
+
verifiedBot: boolean; // Is verified bot
|
|
9
|
+
staticResource: boolean; // Serves static resource
|
|
10
|
+
ja3Hash: string; // JA3 fingerprint (Enterprise, HTTPS only)
|
|
11
|
+
ja4: string; // JA4 fingerprint (Enterprise, HTTPS only)
|
|
12
|
+
jsDetection?: {
|
|
13
|
+
passed: boolean; // Passed JS detection (if enabled)
|
|
14
|
+
};
|
|
15
|
+
detectionIds: number[]; // Heuristic detection IDs
|
|
16
|
+
corporateProxy?: boolean; // From corporate proxy (Enterprise)
|
|
17
|
+
}
|
|
18
|
+
|
|
19
|
+
// Access via request.cf
|
|
20
|
+
export default {
|
|
21
|
+
async fetch(request: Request): Promise<Response> {
|
|
22
|
+
const cf = request.cf as any;
|
|
23
|
+
const botMgmt = cf?.botManagement;
|
|
24
|
+
|
|
25
|
+
if (!botMgmt) return fetch(request);
|
|
26
|
+
if (botMgmt.verifiedBot) return fetch(request); // Allow verified bots
|
|
27
|
+
if (botMgmt.score === 1) return new Response('Blocked', { status: 403 });
|
|
28
|
+
if (botMgmt.score < 30) return new Response('Challenge required', { status: 429 });
|
|
29
|
+
|
|
30
|
+
return fetch(request);
|
|
31
|
+
}
|
|
32
|
+
};
|
|
33
|
+
```
|
|
34
|
+
|
|
35
|
+
## WAF Fields Reference
|
|
36
|
+
|
|
37
|
+
```txt
|
|
38
|
+
# Score fields
|
|
39
|
+
cf.bot_management.score # 0-99 (0 = not computed)
|
|
40
|
+
cf.bot_management.verified_bot # boolean
|
|
41
|
+
cf.bot_management.static_resource # boolean
|
|
42
|
+
cf.bot_management.ja3_hash # string (Enterprise)
|
|
43
|
+
cf.bot_management.ja4 # string (Enterprise)
|
|
44
|
+
cf.bot_management.detection_ids # array
|
|
45
|
+
cf.bot_management.js_detection.passed # boolean
|
|
46
|
+
cf.bot_management.corporate_proxy # boolean (Enterprise)
|
|
47
|
+
cf.verified_bot_category # string
|
|
48
|
+
|
|
49
|
+
# Workers equivalent
|
|
50
|
+
request.cf.botManagement.score
|
|
51
|
+
request.cf.botManagement.verifiedBot
|
|
52
|
+
request.cf.botManagement.ja3Hash
|
|
53
|
+
request.cf.botManagement.ja4
|
|
54
|
+
request.cf.botManagement.jsDetection.passed
|
|
55
|
+
request.cf.verifiedBotCategory
|
|
56
|
+
```
|
|
57
|
+
|
|
58
|
+
## JA4 Signals (Enterprise)
|
|
59
|
+
|
|
60
|
+
```typescript
|
|
61
|
+
export default {
|
|
62
|
+
async fetch(request: Request): Promise<Response> {
|
|
63
|
+
const cf = request.cf as any;
|
|
64
|
+
const ja4Signals = cf?.ja4Signals;
|
|
65
|
+
|
|
66
|
+
if (!ja4Signals) return fetch(request); // Not available for HTTP or Worker routing
|
|
67
|
+
|
|
68
|
+
// Check for anomalous behavior
|
|
69
|
+
const heuristicRatio = ja4Signals.heuristic_ratio_1h ?? 0;
|
|
70
|
+
const browserRatio = ja4Signals.browser_ratio_1h ?? 0;
|
|
71
|
+
|
|
72
|
+
if (heuristicRatio > 0.5 || browserRatio < 0.3) {
|
|
73
|
+
return new Response('Suspicious traffic', { status: 403 });
|
|
74
|
+
}
|
|
75
|
+
|
|
76
|
+
return fetch(request);
|
|
77
|
+
}
|
|
78
|
+
};
|
|
79
|
+
```
|
|
80
|
+
|
|
81
|
+
## Common Patterns
|
|
82
|
+
|
|
83
|
+
### Mobile App Pattern
|
|
84
|
+
```typescript
|
|
85
|
+
const MOBILE_APP_JA4 = 'your_mobile_app_ja4_fingerprint';
|
|
86
|
+
|
|
87
|
+
export default {
|
|
88
|
+
async fetch(request: Request): Promise<Response> {
|
|
89
|
+
const cf = request.cf as any;
|
|
90
|
+
const botMgmt = cf?.botManagement;
|
|
91
|
+
|
|
92
|
+
if (botMgmt?.ja4 === MOBILE_APP_JA4) return fetch(request); // Allow mobile app
|
|
93
|
+
if (botMgmt?.score && botMgmt.score < 30) return new Response('Bot detected', { status: 403 });
|
|
94
|
+
|
|
95
|
+
return fetch(request);
|
|
96
|
+
}
|
|
97
|
+
};
|
|
98
|
+
```
|
|
99
|
+
|
|
100
|
+
### Corporate Proxy Exemption
|
|
101
|
+
```typescript
|
|
102
|
+
export default {
|
|
103
|
+
async fetch(request: Request): Promise<Response> {
|
|
104
|
+
const cf = request.cf as any;
|
|
105
|
+
const botMgmt = cf?.botManagement;
|
|
106
|
+
|
|
107
|
+
if (botMgmt?.corporateProxy) return fetch(request); // Exempt corporate proxy traffic
|
|
108
|
+
if (botMgmt?.score && botMgmt.score < 30 && !botMgmt.verifiedBot) {
|
|
109
|
+
return new Response('Bot detected', { status: 403 });
|
|
110
|
+
}
|
|
111
|
+
|
|
112
|
+
return fetch(request);
|
|
113
|
+
}
|
|
114
|
+
};
|
|
115
|
+
```
|
|
116
|
+
|
|
117
|
+
### Log Bot Data
|
|
118
|
+
```typescript
|
|
119
|
+
export default {
|
|
120
|
+
async fetch(request: Request): Promise<Response> {
|
|
121
|
+
const cf = request.cf as any;
|
|
122
|
+
const botMgmt = cf?.botManagement;
|
|
123
|
+
|
|
124
|
+
console.log({
|
|
125
|
+
score: botMgmt?.score,
|
|
126
|
+
verifiedBot: botMgmt?.verifiedBot,
|
|
127
|
+
ja3Hash: botMgmt?.ja3Hash,
|
|
128
|
+
ja4: botMgmt?.ja4,
|
|
129
|
+
detectionIds: botMgmt?.detectionIds,
|
|
130
|
+
jsDetection: botMgmt?.jsDetection?.passed,
|
|
131
|
+
corporateProxy: botMgmt?.corporateProxy,
|
|
132
|
+
});
|
|
133
|
+
|
|
134
|
+
return fetch(request);
|
|
135
|
+
}
|
|
136
|
+
};
|
|
137
|
+
```
|
|
138
|
+
|
|
139
|
+
## Bot Analytics
|
|
140
|
+
|
|
141
|
+
### Access Locations
|
|
142
|
+
- Dashboard: Security > Bots (old) or Security > Analytics > Bot analysis (new)
|
|
143
|
+
- GraphQL API for programmatic access
|
|
144
|
+
- Security Events & Security Analytics
|
|
145
|
+
- Logpush/Logpull
|
|
146
|
+
|
|
147
|
+
### Available Data
|
|
148
|
+
- **Enterprise BM**: Bot scores (1-99), bot score source, distribution
|
|
149
|
+
- **Pro/Business**: Bot groupings (automated, likely automated, likely human)
|
|
150
|
+
- Top attributes: IPs, paths, user agents, countries
|
|
151
|
+
- Detection sources: Heuristics, ML, AD, JSD
|
|
152
|
+
- Verified bot categories
|
|
153
|
+
|
|
154
|
+
### Time Ranges
|
|
155
|
+
- **Enterprise BM**: Up to 1 week at a time, 30 days history
|
|
156
|
+
- **Pro/Business**: Up to 72 hours at a time, 30 days history
|
|
157
|
+
- Real-time in most cases, adaptive sampling (1-10% depending on volume)
|
|
158
|
+
|
|
159
|
+
## Logpush Fields
|
|
160
|
+
|
|
161
|
+
```txt
|
|
162
|
+
BotScore # 1-99 or 0 if not computed
|
|
163
|
+
BotScoreSrc # Detection engine (ML, Heuristics, etc.)
|
|
164
|
+
BotTags # Classification tags
|
|
165
|
+
BotDetectionIDs # Heuristic detection IDs
|
|
166
|
+
```
|
|
167
|
+
|
|
168
|
+
Access via Logpush (stream to cloud storage/SIEM), Logpull (API to fetch logs), or GraphQL API (query analytics data).
|
|
@@ -0,0 +1,114 @@
|
|
|
1
|
+
# Bot Management Configuration
|
|
2
|
+
|
|
3
|
+
## Product Tiers
|
|
4
|
+
|
|
5
|
+
### Bot Fight Mode (Free)
|
|
6
|
+
- Auto-blocks definite bots (score=1), excludes verified bots by default
|
|
7
|
+
- JavaScript Detections always enabled, no configuration options
|
|
8
|
+
|
|
9
|
+
### Super Bot Fight Mode (Pro/Business)
|
|
10
|
+
```txt
|
|
11
|
+
Dashboard: Security > Bots > Configure
|
|
12
|
+
- Definitely automated: Block/Challenge
|
|
13
|
+
- Likely automated: Challenge/Allow
|
|
14
|
+
- Verified bots: Allow (recommended)
|
|
15
|
+
- Static resource protection: ON (may block mail clients)
|
|
16
|
+
- JavaScript Detections: Optional
|
|
17
|
+
```
|
|
18
|
+
|
|
19
|
+
### Bot Management for Enterprise
|
|
20
|
+
```txt
|
|
21
|
+
Dashboard: Security > Bots > Configure > Auto-updates: ON (recommended)
|
|
22
|
+
|
|
23
|
+
# Template 1: Block definite bots
|
|
24
|
+
(cf.bot_management.score eq 1 and not cf.bot_management.verified_bot and not cf.bot_management.static_resource)
|
|
25
|
+
Action: Block
|
|
26
|
+
|
|
27
|
+
# Template 2: Challenge likely bots
|
|
28
|
+
(cf.bot_management.score ge 2 and cf.bot_management.score le 29 and not cf.bot_management.verified_bot and not cf.bot_management.static_resource)
|
|
29
|
+
Action: Managed Challenge
|
|
30
|
+
```
|
|
31
|
+
|
|
32
|
+
## JavaScript Detections Setup
|
|
33
|
+
|
|
34
|
+
### Enable via Dashboard
|
|
35
|
+
```txt
|
|
36
|
+
Security > Bots > Configure Bot Management > JS Detections: ON
|
|
37
|
+
|
|
38
|
+
Update CSP: script-src 'self' /cdn-cgi/challenge-platform/;
|
|
39
|
+
```
|
|
40
|
+
|
|
41
|
+
### Manual JS Injection (API)
|
|
42
|
+
```html
|
|
43
|
+
<script>
|
|
44
|
+
function jsdOnload() {
|
|
45
|
+
window.cloudflare.jsd.executeOnce({ callback: function(result) { console.log('JSD:', result); } });
|
|
46
|
+
}
|
|
47
|
+
</script>
|
|
48
|
+
<script src="/cdn-cgi/challenge-platform/scripts/jsd/api.js?onload=jsdOnload" async></script>
|
|
49
|
+
```
|
|
50
|
+
|
|
51
|
+
**Use API for**: Selective deployment on specific pages
|
|
52
|
+
**Don't combine**: Zone-wide toggle + manual injection
|
|
53
|
+
|
|
54
|
+
### WAF Rules for JSD
|
|
55
|
+
```txt
|
|
56
|
+
# NEVER use on first page visit (needs HTML page first)
|
|
57
|
+
(not cf.bot_management.js_detection.passed and http.request.uri.path eq "/api/user/create" and http.request.method eq "POST" and not cf.bot_management.verified_bot)
|
|
58
|
+
Action: Managed Challenge (always use Managed Challenge, not Block)
|
|
59
|
+
```
|
|
60
|
+
|
|
61
|
+
### Limitations
|
|
62
|
+
- First request won't have JSD data (needs HTML page first)
|
|
63
|
+
- Strips ETags from HTML responses
|
|
64
|
+
- Not supported with CSP via `<meta>` tags
|
|
65
|
+
- Websocket endpoints not supported
|
|
66
|
+
- Native mobile apps won't pass
|
|
67
|
+
- cf_clearance cookie: 15-minute lifespan, max 4096 bytes
|
|
68
|
+
|
|
69
|
+
## Static Resource Protection
|
|
70
|
+
|
|
71
|
+
**File Extensions**: ico, jpg, png, jpeg, gif, css, js, tif, tiff, bmp, pict, webp, svg, svgz, class, jar, txt, csv, doc, docx, xls, xlsx, pdf, ps, pls, ppt, pptx, ttf, otf, woff, woff2, eot, eps, ejs, swf, torrent, midi, mid, m3u8, m4a, mp3, ogg, ts
|
|
72
|
+
**Plus**: `/.well-known/` path (all files)
|
|
73
|
+
|
|
74
|
+
```txt
|
|
75
|
+
# Exclude static resources from bot rules
|
|
76
|
+
(cf.bot_management.score lt 30 and not cf.bot_management.static_resource)
|
|
77
|
+
```
|
|
78
|
+
|
|
79
|
+
**WARNING**: May block mail clients fetching static images
|
|
80
|
+
|
|
81
|
+
## JA3/JA4 Fingerprinting (Enterprise)
|
|
82
|
+
|
|
83
|
+
```txt
|
|
84
|
+
# Block specific attack fingerprint
|
|
85
|
+
(cf.bot_management.ja3_hash eq "8b8e3d5e3e8b3d5e")
|
|
86
|
+
|
|
87
|
+
# Allow mobile app by fingerprint
|
|
88
|
+
(cf.bot_management.ja4 eq "your_mobile_app_fingerprint")
|
|
89
|
+
```
|
|
90
|
+
|
|
91
|
+
Only available for HTTPS/TLS traffic. Missing for Worker-routed traffic or HTTP requests.
|
|
92
|
+
|
|
93
|
+
## Verified Bot Categories
|
|
94
|
+
|
|
95
|
+
```txt
|
|
96
|
+
# Allow search engines only
|
|
97
|
+
(cf.verified_bot_category eq "Search Engine Crawler")
|
|
98
|
+
|
|
99
|
+
# Block AI crawlers
|
|
100
|
+
(cf.verified_bot_category eq "AI Crawler")
|
|
101
|
+
Action: Block
|
|
102
|
+
|
|
103
|
+
# Or use dashboard: Security > Settings > Bot Management > Block AI Bots
|
|
104
|
+
```
|
|
105
|
+
|
|
106
|
+
Categories: Search Engine Crawler, AI Crawler, Monitoring & Analytics, Aggregator, Security Intelligence, Academic Research
|
|
107
|
+
|
|
108
|
+
## Best Practices
|
|
109
|
+
|
|
110
|
+
- **ML Auto-Updates**: Enable on Enterprise for latest models
|
|
111
|
+
- **Start with Managed Challenge**: Test before blocking
|
|
112
|
+
- **Always exclude verified bots**: Use `not cf.bot_management.verified_bot`
|
|
113
|
+
- **Exempt corporate proxies**: For B2B traffic via `cf.bot_management.corporate_proxy`
|
|
114
|
+
- **Use static resource exception**: Improves performance, reduces overhead
|
|
@@ -0,0 +1,99 @@
|
|
|
1
|
+
# Bot Management Gotchas
|
|
2
|
+
|
|
3
|
+
## Bot Score = 0
|
|
4
|
+
|
|
5
|
+
**Cause**: Bot Management didn't run
|
|
6
|
+
**Reasons**: Internal Cloudflare request, Worker routing to zone (Orange-to-Orange), Request handled before BM (Redirect Rules, etc.)
|
|
7
|
+
**Solution**: Check request flow, ensure BM runs in request lifecycle
|
|
8
|
+
|
|
9
|
+
## JavaScript Detections Not Working
|
|
10
|
+
|
|
11
|
+
**Issue**: `js_detection.passed` always false or undefined
|
|
12
|
+
**Causes**:
|
|
13
|
+
1. CSP headers don't allow `/cdn-cgi/challenge-platform/`
|
|
14
|
+
2. Using on first page visit (needs HTML page first)
|
|
15
|
+
3. Ad blockers or disabled JS
|
|
16
|
+
4. JSD not enabled in dashboard
|
|
17
|
+
5. Using Block action (must use Managed Challenge)
|
|
18
|
+
|
|
19
|
+
**CSP Fix**:
|
|
20
|
+
```txt
|
|
21
|
+
Content-Security-Policy: script-src 'self' /cdn-cgi/challenge-platform/;
|
|
22
|
+
```
|
|
23
|
+
|
|
24
|
+
## False Positives
|
|
25
|
+
|
|
26
|
+
**Issue**: Legitimate users blocked
|
|
27
|
+
**Solutions**:
|
|
28
|
+
1. Check Bot Analytics for affected IPs/paths
|
|
29
|
+
2. Identify detection source (ML, Heuristics, etc.)
|
|
30
|
+
3. Create exception rule:
|
|
31
|
+
```txt
|
|
32
|
+
(cf.bot_management.score lt 30 and http.request.uri.path eq "/problematic-path")
|
|
33
|
+
Action: Skip (Bot Management)
|
|
34
|
+
```
|
|
35
|
+
4. Or allowlist by IP/ASN/country
|
|
36
|
+
|
|
37
|
+
## False Negatives (Bots Not Caught)
|
|
38
|
+
|
|
39
|
+
**Issue**: Bots bypassing detection
|
|
40
|
+
**Solutions**:
|
|
41
|
+
1. Lower score threshold (30 → 50)
|
|
42
|
+
2. Enable JavaScript Detections
|
|
43
|
+
3. Add JA3/JA4 fingerprinting rules
|
|
44
|
+
4. Use rate limiting as fallback
|
|
45
|
+
|
|
46
|
+
## Verified Bot Blocked
|
|
47
|
+
|
|
48
|
+
**Issue**: Search engine bot blocked
|
|
49
|
+
**Causes**: WAF Managed Rules (not just Bot Management), Yandex bot during IP update (48h)
|
|
50
|
+
**Solution**: Create WAF exception for specific rule ID, verify bot via reverse DNS
|
|
51
|
+
|
|
52
|
+
## JA3/JA4 Missing
|
|
53
|
+
|
|
54
|
+
**Issue**: `ja3Hash` or `ja4` is undefined
|
|
55
|
+
**Causes**: Non-HTTPS traffic, Worker routing traffic, Orange-to-Orange traffic via Worker, Bot Management skipped
|
|
56
|
+
**Solution**: Only available for HTTPS/TLS traffic; check request routing
|
|
57
|
+
|
|
58
|
+
## Bot Score Limitations
|
|
59
|
+
|
|
60
|
+
- Score = 0 means **not computed** (not score = 100)
|
|
61
|
+
- First request may not have JSD data
|
|
62
|
+
- Score doesn't guarantee 100% accuracy
|
|
63
|
+
- False positives/negatives possible
|
|
64
|
+
|
|
65
|
+
## JavaScript Detections Limitations
|
|
66
|
+
|
|
67
|
+
- Doesn't work on first HTML page visit
|
|
68
|
+
- Requires JavaScript-enabled browser
|
|
69
|
+
- Strips ETags from HTML responses
|
|
70
|
+
- Not compatible with some CSP configurations
|
|
71
|
+
- Not supported via `<meta>` CSP tags
|
|
72
|
+
- Websocket endpoints not supported
|
|
73
|
+
- Native mobile apps won't pass
|
|
74
|
+
|
|
75
|
+
## JA3/JA4 Fingerprint Limitations
|
|
76
|
+
|
|
77
|
+
- Only available for HTTPS/TLS traffic
|
|
78
|
+
- Missing for Worker-routed traffic
|
|
79
|
+
- Not unique per user (shared by clients with same browser/library)
|
|
80
|
+
- Can change with browser/library updates
|
|
81
|
+
|
|
82
|
+
## Plan Restrictions
|
|
83
|
+
|
|
84
|
+
| Feature | Free | Pro/Business | Enterprise |
|
|
85
|
+
|---------|------|--------------|------------|
|
|
86
|
+
| Granular scores (1-99) | No | No | Yes |
|
|
87
|
+
| JA3/JA4 | No | No | Yes |
|
|
88
|
+
| Anomaly Detection | No | No | Yes |
|
|
89
|
+
| Corporate Proxy detection | No | No | Yes |
|
|
90
|
+
| Verified bot categories | Limited | Limited | Full |
|
|
91
|
+
| Custom WAF rules | 5 | 20/100 | 1,000+ |
|
|
92
|
+
|
|
93
|
+
## Technical Constraints
|
|
94
|
+
|
|
95
|
+
- Max 25 WAF custom rules on Free (varies by plan)
|
|
96
|
+
- Workers CPU time limits apply to bot logic
|
|
97
|
+
- Bot Analytics sampling (1-10%)
|
|
98
|
+
- 30-day maximum history
|
|
99
|
+
- CSP requirements for JSD (must allow `/cdn-cgi/challenge-platform/`)
|
|
@@ -0,0 +1,125 @@
|
|
|
1
|
+
# Bot Management Patterns
|
|
2
|
+
|
|
3
|
+
## E-commerce Protection
|
|
4
|
+
|
|
5
|
+
```txt
|
|
6
|
+
# High security for checkout
|
|
7
|
+
(cf.bot_management.score lt 50 and http.request.uri.path in {"/checkout" "/cart/add"} and not cf.bot_management.verified_bot and not cf.bot_management.corporate_proxy)
|
|
8
|
+
Action: Managed Challenge
|
|
9
|
+
```
|
|
10
|
+
|
|
11
|
+
## API Protection
|
|
12
|
+
|
|
13
|
+
```txt
|
|
14
|
+
# Protect API with JS detection + score
|
|
15
|
+
(http.request.uri.path matches "^/api/" and (cf.bot_management.score lt 30 or not cf.bot_management.js_detection.passed) and not cf.bot_management.verified_bot)
|
|
16
|
+
Action: Block
|
|
17
|
+
```
|
|
18
|
+
|
|
19
|
+
## SEO-Friendly Bot Handling
|
|
20
|
+
|
|
21
|
+
```txt
|
|
22
|
+
# Allow search engine crawlers
|
|
23
|
+
(cf.bot_management.score lt 30 and not cf.verified_bot_category in {"Search Engine Crawler"})
|
|
24
|
+
Action: Managed Challenge
|
|
25
|
+
```
|
|
26
|
+
|
|
27
|
+
## Block AI Scrapers
|
|
28
|
+
|
|
29
|
+
```txt
|
|
30
|
+
# Block AI training bots
|
|
31
|
+
(cf.verified_bot_category eq "AI Crawler")
|
|
32
|
+
Action: Block
|
|
33
|
+
|
|
34
|
+
# Or use dashboard: Security > Settings > Bot Management > Block AI Bots
|
|
35
|
+
```
|
|
36
|
+
|
|
37
|
+
## Rate Limiting by Bot Score
|
|
38
|
+
|
|
39
|
+
```txt
|
|
40
|
+
# Stricter limits for suspicious traffic
|
|
41
|
+
(cf.bot_management.score lt 50)
|
|
42
|
+
Rate: 10 requests per 10 seconds
|
|
43
|
+
|
|
44
|
+
(cf.bot_management.score ge 50)
|
|
45
|
+
Rate: 100 requests per 10 seconds
|
|
46
|
+
```
|
|
47
|
+
|
|
48
|
+
## Mobile App Allowlisting
|
|
49
|
+
|
|
50
|
+
```txt
|
|
51
|
+
# Identify mobile app by JA3/JA4
|
|
52
|
+
(cf.bot_management.ja4 in {"fingerprint1" "fingerprint2"})
|
|
53
|
+
Action: Skip (all remaining rules)
|
|
54
|
+
```
|
|
55
|
+
|
|
56
|
+
## Layered Defense
|
|
57
|
+
|
|
58
|
+
```txt
|
|
59
|
+
1. Bot Management (score-based)
|
|
60
|
+
2. JavaScript Detections (for JS-capable clients)
|
|
61
|
+
3. Rate Limiting (fallback protection)
|
|
62
|
+
4. WAF Managed Rules (OWASP, etc.)
|
|
63
|
+
```
|
|
64
|
+
|
|
65
|
+
## Progressive Enhancement
|
|
66
|
+
|
|
67
|
+
```txt
|
|
68
|
+
Public content: High threshold (score < 10)
|
|
69
|
+
Authenticated: Medium threshold (score < 30)
|
|
70
|
+
Sensitive: Low threshold (score < 50) + JSD
|
|
71
|
+
```
|
|
72
|
+
|
|
73
|
+
## Zero Trust for Bots
|
|
74
|
+
|
|
75
|
+
```txt
|
|
76
|
+
1. Default deny (all scores < 30)
|
|
77
|
+
2. Allowlist verified bots
|
|
78
|
+
3. Allowlist mobile apps (JA3/JA4)
|
|
79
|
+
4. Allowlist corporate proxies
|
|
80
|
+
5. Allowlist static resources
|
|
81
|
+
```
|
|
82
|
+
|
|
83
|
+
## Workers: Score + JS Detection
|
|
84
|
+
|
|
85
|
+
```typescript
|
|
86
|
+
export default {
|
|
87
|
+
async fetch(request: Request): Promise<Response> {
|
|
88
|
+
const cf = request.cf as any;
|
|
89
|
+
const botMgmt = cf?.botManagement;
|
|
90
|
+
const url = new URL(request.url);
|
|
91
|
+
|
|
92
|
+
if (botMgmt?.staticResource) return fetch(request); // Skip static
|
|
93
|
+
|
|
94
|
+
// API endpoints: require JS detection + good score
|
|
95
|
+
if (url.pathname.startsWith('/api/')) {
|
|
96
|
+
const jsDetectionPassed = botMgmt?.jsDetection?.passed ?? false;
|
|
97
|
+
const score = botMgmt?.score ?? 100;
|
|
98
|
+
|
|
99
|
+
if (!jsDetectionPassed || score < 30) {
|
|
100
|
+
return new Response('Unauthorized', { status: 401 });
|
|
101
|
+
}
|
|
102
|
+
}
|
|
103
|
+
|
|
104
|
+
return fetch(request);
|
|
105
|
+
}
|
|
106
|
+
};
|
|
107
|
+
```
|
|
108
|
+
|
|
109
|
+
## Rate Limiting by JWT Claim + Bot Score
|
|
110
|
+
|
|
111
|
+
```txt
|
|
112
|
+
# Enterprise: Combine bot score with JWT validation
|
|
113
|
+
Rate limiting > Custom rules
|
|
114
|
+
- Field: lookup_json_string(http.request.jwt.claims["{config_id}"][0], "sub")
|
|
115
|
+
- Matches: user ID claim
|
|
116
|
+
- Additional condition: cf.bot_management.score lt 50
|
|
117
|
+
```
|
|
118
|
+
|
|
119
|
+
## WAF Integration Points
|
|
120
|
+
|
|
121
|
+
- **WAF Custom Rules**: Primary enforcement mechanism
|
|
122
|
+
- **Rate Limiting Rules**: Bot score as dimension, stricter limits for low scores
|
|
123
|
+
- **Transform Rules**: Pass score to origin via custom header
|
|
124
|
+
- **Workers**: Programmatic bot logic, custom scoring algorithms
|
|
125
|
+
- **Page Rules / Configuration Rules**: Zone-level overrides, path-specific settings
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
# Cloudflare Browser Rendering Skill Reference
|
|
2
|
+
|
|
3
|
+
**Description**: Expert knowledge for Cloudflare Browser Rendering - control headless Chrome on Cloudflare's global network for browser automation, screenshots, PDFs, web scraping, testing, and content generation.
|
|
4
|
+
|
|
5
|
+
**When to use**: Any task involving Cloudflare Browser Rendering including: taking sc...
|
|
6
|
+
|
|
7
|
+
## In This Reference
|
|
8
|
+
|
|
9
|
+
- **[configuration.md](./configuration.md)** - Setup, deployment, configuration
|
|
10
|
+
- **[api.md](./api.md)** - API endpoints, methods, interfaces
|
|
11
|
+
- **[patterns.md](./patterns.md)** - Common patterns, use cases, examples
|
|
12
|
+
- **[gotchas.md](./gotchas.md)** - Troubleshooting, best practices, limitations
|
|
13
|
+
|
|
14
|
+
## See Also
|
|
15
|
+
|
|
16
|
+
- [Cloudflare Docs](https://developers.cloudflare.com/)
|
|
@@ -0,0 +1,54 @@
|
|
|
1
|
+
## API Quick Reference
|
|
2
|
+
|
|
3
|
+
### Puppeteer
|
|
4
|
+
```typescript
|
|
5
|
+
// Browser
|
|
6
|
+
puppeteer.launch(env.MYBROWSER, opts?)
|
|
7
|
+
puppeteer.connect(env.MYBROWSER, sessionId)
|
|
8
|
+
puppeteer.sessions() // List open
|
|
9
|
+
puppeteer.history() // View closed
|
|
10
|
+
puppeteer.limits() // Check quotas
|
|
11
|
+
|
|
12
|
+
browser.newPage()
|
|
13
|
+
browser.close()
|
|
14
|
+
browser.createIncognitoBrowserContext()
|
|
15
|
+
|
|
16
|
+
// Page
|
|
17
|
+
page.goto(url)
|
|
18
|
+
page.content()
|
|
19
|
+
page.screenshot()
|
|
20
|
+
page.pdf()
|
|
21
|
+
page.evaluate(fn)
|
|
22
|
+
page.metrics()
|
|
23
|
+
page.setUserAgent(ua)
|
|
24
|
+
page.type(selector, text)
|
|
25
|
+
page.click(selector)
|
|
26
|
+
page.select(selector, value)
|
|
27
|
+
```
|
|
28
|
+
|
|
29
|
+
### Playwright
|
|
30
|
+
```typescript
|
|
31
|
+
// Browser
|
|
32
|
+
launch(env.MYBROWSER, opts?)
|
|
33
|
+
connect(env.MYBROWSER, sessionId)
|
|
34
|
+
acquire(env.MYBROWSER) // Get new sessionId
|
|
35
|
+
playwright.sessions()
|
|
36
|
+
playwright.history()
|
|
37
|
+
playwright.limits()
|
|
38
|
+
|
|
39
|
+
browser.newPage()
|
|
40
|
+
browser.newContext(opts?)
|
|
41
|
+
browser.close()
|
|
42
|
+
|
|
43
|
+
// Page
|
|
44
|
+
page.goto(url)
|
|
45
|
+
page.content()
|
|
46
|
+
page.screenshot()
|
|
47
|
+
page.getByTestId(id)
|
|
48
|
+
page.getByPlaceholder(text)
|
|
49
|
+
page.locator(selector)
|
|
50
|
+
page.fill(selector, value)
|
|
51
|
+
page.press(selector, key)
|
|
52
|
+
|
|
53
|
+
// Context
|
|
54
|
+
con
|
package/dist/template/.opencode/skill/cloudflare/references/browser-rendering/configuration.md
ADDED
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
### Wrangler Configuration
|
|
2
|
+
```jsonc
|
|
3
|
+
{
|
|
4
|
+
"name": "browser-worker",
|
|
5
|
+
"main": "src/index.js",
|
|
6
|
+
"compatibility_date": "2023-03-14",
|
|
7
|
+
"compatibility_flags": ["nodejs_compat"],
|
|
8
|
+
"browser": {
|
|
9
|
+
"binding": "MYBROWSER"
|
|
10
|
+
}
|
|
11
|
+
}
|
|
12
|
+
```
|
|
13
|
+
|
|
14
|
+
### Basic Pattern
|
|
15
|
+
```typescript
|
|
16
|
+
import puppeteer from "@cloudflare/puppeteer";
|
|
17
|
+
|
|
18
|
+
interface Env {
|
|
19
|
+
MYBROWSER: Fetcher;
|
|
20
|
+
}
|
|
21
|
+
|
|
22
|
+
export default {
|
|
23
|
+
async fetch(request, env): Promise<Response> {
|
|
24
|
+
const browser = await puppeteer.launch(env.MYBROWSER);
|
|
25
|
+
const page = await browser.newPage();
|
|
26
|
+
|
|
27
|
+
try {
|
|
28
|
+
await page.goto("https://example.com");
|
|
29
|
+
const metrics = await page.metrics();
|
|
30
|
+
return Response.json(metrics);
|
|
31
|
+
} finally {
|
|
32
|
+
await browser.close(); // ALWAYS close in finally block
|
|
33
|
+
}
|
|
34
|
+
},
|
|
35
|
+
} satisfies ExportedHandler<Env>;
|
|
36
|
+
```
|
|
37
|
+
|
|
38
|
+
### Keep-Alive Sessions
|
|
39
|
+
```javascript
|
|
40
|
+
// Default: 60 seconds idle timeout
|
|
41
|
+
// Max: 10 minutes (600000 ms)
|
|
42
|
+
const browser = await puppeteer.launch(env.MYBROWSER, {
|
|
43
|
+
keep_alive: 600000
|
|
44
|
+
});
|
|
45
|
+
```
|
|
46
|
+
|
|
47
|
+
### Session Reuse Patt
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
## Best Practices
|
|
2
|
+
|
|
3
|
+
### Always Close Browsers
|
|
4
|
+
```typescript
|
|
5
|
+
// ❌ BAD - Session stays open until timeout
|
|
6
|
+
const browser = await puppeteer.launch(env.MYBROWSER);
|
|
7
|
+
const page = await browser.newPage();
|
|
8
|
+
await page.goto("https://example.com");
|
|
9
|
+
return new Response(await page.content());
|
|
10
|
+
|
|
11
|
+
// ✅ GOOD - Always use try/finally
|
|
12
|
+
const browser = await puppeteer.launch(env.MYBROWSER);
|
|
13
|
+
try {
|
|
14
|
+
const page = await browser.newPage();
|
|
15
|
+
await page.goto("https://example.com");
|
|
16
|
+
return new Response(await page.content());
|
|
17
|
+
} finally {
|
|
18
|
+
await browser.close(); // Ensures cleanup even on errors
|
|
19
|
+
}
|
|
20
|
+
```
|
|
21
|
+
|
|
22
|
+
### Optimize Concurrency
|
|
23
|
+
Instead of launching multiple browsers:
|
|
24
|
+
- Use multiple tabs in single browser
|
|
25
|
+
- Reuse sessions with session IDs
|
|
26
|
+
- Use incognito contexts for isolation without new browsers
|
|
27
|
+
|
|
28
|
+
```typescript
|
|
29
|
+
// ❌ BA
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
## Integration Methods
|
|
2
|
+
|
|
3
|
+
### 1. REST API
|
|
4
|
+
**Best for**: Simple, stateless, one-off tasks
|
|
5
|
+
|
|
6
|
+
**Authentication**: Requires API Token with `Browser Rendering - Edit` permissions
|
|
7
|
+
|
|
8
|
+
**Base URL**: `https://api.cloudflare.com/client/v4/accounts/<accountId>/browser-rendering/`
|
|
9
|
+
|
|
10
|
+
**Available endpoints**:
|
|
11
|
+
- `/content` - Fetch rendered HTML
|
|
12
|
+
- `/screenshot` - Capture screenshots (PNG/JPEG)
|
|
13
|
+
- `/pdf` - Generate PDFs
|
|
14
|
+
- `/snapshot` - Webpage snapshots
|
|
15
|
+
- `/scrape` - Extract HTML elements with selectors
|
|
16
|
+
- `/json` - Extract structured data using AI
|
|
17
|
+
- `/links` - Retrieve all links from page
|
|
18
|
+
- `/markdown` - Convert page to markdown
|
|
19
|
+
|
|
20
|
+
**Usage monitoring**: Response header `X-Browser-Ms-Used` reports browser time (milliseconds)
|
|
21
|
+
|
|
22
|
+
**Example - Take screenshot**:
|
|
23
|
+
```bash
|
|
24
|
+
curl -X POST 'https://api.cloudflare.com/client/v4/accounts/<accountId>/browser-rendering/screenshot' \
|
|
25
|
+
-H 'Authorization: Bearer <apiToken>' \
|
|
26
|
+
-H 'Content-Type: application/json' \
|
|
27
|
+
-d '{
|
|
28
|
+
"url": "https://example.com",
|
|
29
|
+
"screenshotOptions":
|