🐛 BUG: missing network request header causes IP address conflict when hitting Cloudflare-proxied domain in #7924
Description
Which Cloudflare product(s) does this pertain to?
Wrangler
What versions are you using?
3.101.0
What operating system and version are you using?
Mac Sonoma 14.2.1
Please provide a link to a minimal reproduction
No response
Describe the Bug
Starting in v3.101, when a request is made to another domain that is proxied by Cloudflare, the request fails with the following error:
DNS points to prohibited IP
What happened?
You've requested a page on a website ({domain}) that is on the Cloudflare
network. Unfortunately, it is resolving to an IP address that is creating a conflict within Cloudflare's system.
Here’s is our original worker code that fails on v3.101.0 because we are proxying to another domain which is proxied by Cloudflare:
/**
* Open API Reverse Proxy
*
* A Cloudflare Pages function that acts as a reverse proxy for Open API.
* <cloudflare-address>/openapi/* calls are transformed into <open-api-address>/* calls
*
* @param context
* @returns
*/
export const onRequest: PagesFunction<Env> = async (context) => {
function removePrefix(string0, prefix: string): string {
const hasPrefix = string0.indexOf(prefix) === 0;
return hasPrefix ? string0.substr(prefix.length) : string0;
}
const { request, env } = context
const { pathname, searchParams } = new URL(request.url)
const openApiRequestUrl = env.VITE_OPEN_API_BASE_URL + removePrefix(pathname, "/openapi")
return await fetch(
new Request(
searchParams.size > 0 ? `${openApiRequestUrl}?${searchParams}` : openApiRequestUrl,
request
)
)
}
We were able to fix the issue by adding the following line before the fetch call:
request.headers.set("cf-connecting-ip", "")
We were inspired to attempt the given fix by looking the following pr, which for some reason on its own did not resolve the issue for us: #7712
10:48
reverting to v3.100.0 also fixes the issue for us
Please provide any relevant error logs
No response