Merge branch 'production' into kian/PCX-16495

Author: KianNH

package-lock.json

@@ -93,7 +93,7 @@
 		"react-icons": "5.5.0",
 		"react-instantsearch": "7.15.4",
 		"react-markdown": "10.1.0",
-		"redirects-in-workers": "0.0.5",
+		"redirects-in-workers": "0.0.7",
 		"rehype": "13.0.2",
 		"rehype-autolink-headings": "7.1.0",
 		"rehype-external-links": "3.0.0",

package.json

@@ -123,6 +123,9 @@
 /ai-gateway/integration/ /ai-gateway/integrations/ 301
 /ai-gateway/providers/open-router/ /ai-gateway/providers/openrouter/ 301
 
+# agents
+/agents/capabilities/mcp-server/ /agents/model-context-protocol/ 301
+
 # analytics
 /analytics/migration-guides/zone-analytics/ /analytics/graphql-api/migration-guides/zone-analytics/ 301
 /analytics/web-analytics/about/ /web-analytics/about 301
@@ -824,6 +827,7 @@
 /pages/how-to/deploy-a-jekyll-site/ /pages/framework-guides/deploy-a-jekyll-site/ 301
 /pages/how-to/deploy-a-nextjs-site/ /pages/framework-guides/nextjs/ 301
 /pages/framework-guides/deploy-a-nextjs-site/ /pages/framework-guides/nextjs/ 301
+/pages/framework-guides/deploy-a-svelte-site/ /pages/framework-guides/deploy-a-svelte-kit-site/ 301
 /pages/framework-guides/nextjs/deploy-a-nextjs-site/ /pages/framework-guides/nextjs/ssr/get-started/ 301
 /pages/how-to/deploy-anything/ /pages/framework-guides/deploy-anything/ 301
 /pages/how-to/deploy-a-react-application/ /pages/framework-guides/deploy-a-react-site/ 301
@@ -1113,6 +1117,7 @@
 /support/third-party-software/content-management-system-cms/how-do-i-use-wordpress-multi-site-wpmu-with-cloudflare/ /automatic-platform-optimization/ 301
 /support/third-party-software/content-management-system-cms/modified_drupal/ /support/third-party-software/content-management-system-cms/caching-html-with-drupal/ 301
 /support/third-party-software/content-management-system-cms/using-cloudflare-with-wix-website-builder/ /dns/manage-dns-records/reference/vendor-specific-records/#wix 301
+/support/third-party-software/content-management-system-cms/wordpress.com-and-cloudflare/ /support/third-party-software/content-management-system-cms/wordpresscom-and-cloudflare/ 301
 /support/more-dashboard-apps/cloudflare-scrape-shield/what-does-scrape-shield-do/ /waf/tools/scrape-shield/ 301
 /support/third-party-software/others/how-do-i-get-cloudflare-to-work-with-vaultpress/ /automatic-platform-optimization/ 301
 /support/third-party-software/others/can-i-use-cloudflare-and-varnish-together/ /rules/snippets/ 301

public/__redirects

@@ -0,0 +1,79 @@
+---
+import { z } from "astro:schema";
+import { Code } from "@astrojs/starlight/components";
+import Details from "~/components/Details.astro";
+
+type Props = z.infer<typeof props>;
+
+const props = z.object({
+	name: z.string(),
+});
+
+const { name } = props.parse(Astro.props);
+
+const worker = `
+export interface Env {
+	AI: Ai;
+}
+
+export default {
+	async fetch(request, env): Promise<Response> {
+		const query = 'Which one is cooler?'
+		const contexts = [
+			{
+				text: 'a cyberpunk lizzard'
+			},
+			{
+				text: 'a cyberpunk cat'
+			}
+		];
+
+		const response = await env.AI.run('${name}', { query, contexts });
+
+		return Response.json(response);
+	},
+} satisfies ExportedHandler<Env>;
+
+`;
+
+const python = `
+import os
+import requests
+
+ACCOUNT_ID = "your-account-id"
+AUTH_TOKEN = os.environ.get("CLOUDFLARE_AUTH_TOKEN")
+
+response = requests.post(
+  f"https://api.cloudflare.com/client/v4/accounts/{ACCOUNT_ID}/ai/run/${name}",
+    headers={"Authorization": f"Bearer {AUTH_TOKEN}"},
+    json={
+	  "query": "Which one is better?"
+      "context": [
+        {"text": "a cyberpunk lizzard"},
+		{"text": "a cyberpunk car"},
+      ]
+    }
+)
+result = response.json()
+print(result)
+`;
+
+const curl = `
+curl https://api.cloudflare.com/client/v4/accounts/$CLOUDFLARE_ACCOUNT_ID/ai/run/${name} \\
+  -X POST \\
+  -H "Authorization: Bearer $CLOUDFLARE_AUTH_TOKEN" \\
+  -d '{ "query": "Which one is better?", "contexts": [{ "text": "a cyberpunk lizzard" }, {"text": "a cyberpunk cat"}]}'
+`;
+---
+
+<Details header="Worker">
+	<Code code={worker} lang="ts" />
+</Details>
+
+<Details header="Python">
+	<Code code={python} lang="py" />
+</Details>
+
+<Details header="curl">
+	<Code code={curl} lang="sh" />
+</Details>

src/components/models/code/Bge-Reranker-Base.astro

@@ -60,7 +60,7 @@ We've made a WAF (Web Application Firewall) rule available to all sites on Cloud
 **Note**: This rule is not enabled by default as it blocked requests across sites for specific authentication middleware.
 
 * This managed rule protects sites using Next.js on Workers and Pages, as well as sites using Cloudflare to protect Next.js applications hosted elsewhere.
-* This rule has been made avaiable (but not enabled by default) to all sites as part of our [WAF Managed Ruleset](/waf/managed-rules/reference/cloudflare-managed-ruleset/) and blocks requests that attempt to bypass authentication in Next.js applications.
+* This rule has been made available (but not enabled by default) to all sites as part of our [WAF Managed Ruleset](/waf/managed-rules/reference/cloudflare-managed-ruleset/) and blocks requests that attempt to bypass authentication in Next.js applications.
 * The vulnerability affects almost all Next.js versions, and is patched in Next.js `14.2.25` and `15..2.3`. **Users on older versions of Next.js (`11.1.4` to `13.5.6`) do not have a patch available**.
 
 The managed WAF rule mitigates this by blocking _external_ user requests with the `x-middleware-subrequest` header regardless of Next.js version, but we recommend users using Next.js 14 and 15 upgrade to the patched versions of Next.js as an additional mitigation.

src/content/changelog/workers/2025-03-22-next-js-vulnerability-waf.mdx

@@ -24,6 +24,7 @@ import StableDiffusionV15InpaintingCode from "~/components/models/code/StableDif
 import Flux1Schnell from "~/components/models/code/Flux-1-Schnell.astro";
 import WhisperBase64Code from "~/components/models/code/WhisperBase64Code.astro";
 import LlamaGuard from "~/components/models/code/LlamaGuard.astro";
+import BgeRerankerBase from "~/components/models/code/Bge-Reranker-Base.astro";
 
 import { authorData } from "~/components/models/data";
 
@@ -98,6 +99,10 @@ if (model.name === "@cf/meta/llama-guard-3-8b") {
 	CodeExamples = LlamaGuard;
 }
 
+if (model.name === "@cf/baai/bge-reranker-base") {
+	CodeExamples = BgeRerankerBase;
+}
+
 const description = model.description;
 
 const isBeta = model.properties.find(

src/pages/workers-ai/models/[name].astro

@@ -12,7 +12,11 @@ import remarkGfm from "remark-gfm";
 import rehypeRemark from "rehype-remark";
 import remarkStringify from "remark-stringify";
 
-const redirectsEvaluator = generateRedirectsEvaluator(redirectsFileContents);
+const redirectsEvaluator = generateRedirectsEvaluator(redirectsFileContents, {
+	maxLineLength: 10_000, // Usually 2_000
+	maxStaticRules: 10_000, // Usually 2_000
+	maxDynamicRules: 2_000, // Usually 100
+});
 
 export default class extends WorkerEntrypoint<Env> {
 	override async fetch(request: Request) {
@@ -57,7 +61,6 @@ export default class extends WorkerEntrypoint<Env> {
 
 		try {
 			try {
-				// @ts-expect-error Ignore Fetcher type mismatch
 				const redirect = await redirectsEvaluator(request, this.env.ASSETS);
 				if (redirect) {
 					return redirect;
@@ -73,7 +76,6 @@ export default class extends WorkerEntrypoint<Env> {
 				);
 				const redirect = await redirectsEvaluator(
 					new Request(forceTrailingSlashURL, request),
-					// @ts-expect-error Ignore Fetcher type mismatch
 					this.env.ASSETS,
 				);
 				if (redirect) {