From b54d7d4e796e0058490f811a8b74c81ceb9cd7ff Mon Sep 17 00:00:00 2001 From: daisyfaithauma Date: Tue, 18 Mar 2025 15:34:46 +0000 Subject: [PATCH 1/5] added release note --- src/content/release-notes/ai-gateway.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/content/release-notes/ai-gateway.yaml b/src/content/release-notes/ai-gateway.yaml index 6e51d8e0c7a95a7..ced2940ca67ae17 100644 --- a/src/content/release-notes/ai-gateway.yaml +++ b/src/content/release-notes/ai-gateway.yaml @@ -5,6 +5,10 @@ productLink: "/ai-gateway/" productArea: Developer platform productAreaLink: /workers/platform/changelog/platform/ entries: + - publish_date: "2025-03-18" + title: WebSockets + description: |- + Added [WebSockets API](/ai-gateway/configuration/websockets-api/) provide a persistent connection for AI interactions, eliminating repeated handshakes and reducing latency. - publish_date: "2025-02-26" title: Guardrails description: |- From b02b6d300c7287c62737481e32a809d0383bb70b Mon Sep 17 00:00:00 2001 From: Kian Date: Tue, 18 Mar 2025 15:41:03 +0000 Subject: [PATCH 2/5] [Docs Site] Add React to Container API (#20918) * [Docs Site] Add React to Container API * fix componentToString * fix import --- src/util/container.ts | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) diff --git a/src/util/container.ts b/src/util/container.ts index f1ed02544ab3bbc..bf22794f0a13d96 100644 --- a/src/util/container.ts +++ b/src/util/container.ts @@ -1,6 +1,6 @@ import { experimental_AstroContainer } from "astro/container"; -import { getContainerRenderer } from "@astrojs/mdx"; -import { loadRenderers } from "astro:container"; +import reactRenderer from "@astrojs/react/server.js"; +import mdxRenderer from "@astrojs/mdx/server.js"; import { render, type CollectionEntry } from "astro:content"; import type { AstroComponentFactory } from "astro/runtime/server/index.js"; @@ -12,9 +12,14 @@ export async function entryToString( return entry.rendered.html; } - const renderers = await loadRenderers([getContainerRenderer()]); - const container = await experimental_AstroContainer.create({ - renderers, + const container = await experimental_AstroContainer.create({}); + container.addServerRenderer({ + name: "astro:jsx", + renderer: mdxRenderer, + }); + container.addServerRenderer({ + name: "@astrojs/react", + renderer: reactRenderer, }); const { Content } = await render(entry); @@ -31,9 +36,14 @@ export async function componentToString( component: AstroComponentFactory, props: any, ) { - const renderers = await loadRenderers([getContainerRenderer()]); - const container = await experimental_AstroContainer.create({ - renderers, + const container = await experimental_AstroContainer.create({}); + container.addServerRenderer({ + name: "astro:jsx", + renderer: mdxRenderer, + }); + container.addServerRenderer({ + name: "@astrojs/react", + renderer: reactRenderer, }); const html = await container.renderToString(component, { From e4151cfa3c530234756941e239a2cffba35c4550 Mon Sep 17 00:00:00 2001 From: Pedro Sousa <680496+pedrosousa@users.noreply.github.com> Date: Tue, 18 Mar 2025 16:04:28 +0000 Subject: [PATCH 3/5] [WAF] Clarify leaked credentials behavior (#20913) --- src/content/docs/waf/detections/leaked-credentials/index.mdx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/content/docs/waf/detections/leaked-credentials/index.mdx b/src/content/docs/waf/detections/leaked-credentials/index.mdx index 4d43d44c37e5d17..522c488b87ddc6e 100644 --- a/src/content/docs/waf/detections/leaked-credentials/index.mdx +++ b/src/content/docs/waf/detections/leaked-credentials/index.mdx @@ -19,14 +19,14 @@ Once enabled, leaked credentials detection will scan incoming HTTP requests for If Cloudflare detects authentication credentials in the request, those credentials are checked against a list of known leaked credentials. This list of credentials consists of Cloudflare-collected credentials, in addition to the [Have I been Pwned (HIBP)](https://haveibeenpwned.com) matched passwords dataset. -Cloudflare will populate the existing [leaked credentials fields](#leaked-credentials-fields) based on the scan results. You can check these results in the [Security Analytics](/waf/analytics/security-analytics/) dashboard, and use these fields in rule expressions ([custom rules](/waf/custom-rules/) or [rate limiting rules](/waf/rate-limiting-rules/)) to protect your application against the usage of compromised credentials by your end users, and also against leaked credential attacks. +Cloudflare will populate the existing [leaked credentials fields](#leaked-credentials-fields) based on the scan results. You can check these results in the [Security Analytics](/waf/analytics/security-analytics/) dashboard, and use these fields in rule expressions ([custom rules](/waf/custom-rules/) or [rate limiting rules](/waf/rate-limiting-rules/)) to protect your application against the usage of compromised credentials by your end users, and also against leaked credential attacks. Cloudflare may detect leaked credentials either because an attacker is performing a [credential stuffing](https://www.cloudflare.com/learning/bots/what-is-credential-stuffing/) attack or because a legitimate end user is reusing a previously leaked password. In addition, leaked credentials detection provides a [managed transform](/rules/transform/managed-transforms/reference/#add-leaked-credentials-checks-header) that adds an `Exposed-Credential-Check` request header with a value indicating which field was leaked. For example, if both username and password were previously leaked, the header value will be `1`; if only the password was leaked, the value will be `4`. One common approach used in web applications when detecting the use of stolen credentials is to warn end users about the situation and ask them to update their password. You can do this based on the managed header received at your origin server. :::note -Cloudflare may detect leaked credentials either because an attacker is performing a [credential stuffing](https://www.cloudflare.com/learning/bots/what-is-credential-stuffing/) attack or because a legitimate end user is reusing a previously leaked password. +Cloudflare does not store, log, or retain plaintext end-user passwords when performing leaked credential checks. Passwords are hashed, converted into a cryptographic representation, and then compared against a database of leaked credentials. ::: ## Availability From a436da4a902169444a3d80808b1a456fd0a30b83 Mon Sep 17 00:00:00 2001 From: "hyperlint-ai[bot]" <154288675+hyperlint-ai[bot]@users.noreply.github.com> Date: Tue, 18 Mar 2025 17:16:51 +0000 Subject: [PATCH 4/5] Hyperlint Meta Descriptions: SSL troubleshooting (#20697) * Fix issue: WorkspaceTaskSubType.META_DESCRIPTION * Fix issue: WorkspaceTaskSubType.META_DESCRIPTION * Apply suggestions from code review --------- Co-authored-by: hyperlint-ai[bot] <154288675+hyperlint-ai[bot]@users.noreply.github.com> Co-authored-by: Rebecca Tamachiro <62246989+RebeccaTamachiro@users.noreply.github.com> --- .../docs/ssl/edge-certificates/universal-ssl/limitations.mdx | 1 + .../ssl/edge-certificates/universal-ssl/troubleshooting.mdx | 5 +---- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/src/content/docs/ssl/edge-certificates/universal-ssl/limitations.mdx b/src/content/docs/ssl/edge-certificates/universal-ssl/limitations.mdx index 516e22a8cc32ebc..14fd22d4a71e90e 100644 --- a/src/content/docs/ssl/edge-certificates/universal-ssl/limitations.mdx +++ b/src/content/docs/ssl/edge-certificates/universal-ssl/limitations.mdx @@ -3,6 +3,7 @@ title: Limitations pcx_content_type: reference sidebar: order: 5 +description: Review the limitations of Universal certificates, such as hostname coverage, certificate authority choice, and compatibility with other products. head: - tag: title content: Limitations for Universal SSL diff --git a/src/content/docs/ssl/edge-certificates/universal-ssl/troubleshooting.mdx b/src/content/docs/ssl/edge-certificates/universal-ssl/troubleshooting.mdx index ac4ab00a19f98a3..744cb25a80e170c 100644 --- a/src/content/docs/ssl/edge-certificates/universal-ssl/troubleshooting.mdx +++ b/src/content/docs/ssl/edge-certificates/universal-ssl/troubleshooting.mdx @@ -6,11 +6,8 @@ sidebar: head: - tag: title content: Troubleshooting Universal SSL -description: Review how to troubleshoot issues when using Cloudflare Universal - SSL certificate. - +description: Review how to troubleshoot issues such as certificate timeouts when using Cloudflare Universal SSL. --- - ## Resolve a timed out state If a certificate issuance times out, Cloudflare tells you where in the chain of issuance the timeout occurred: Initializing, Validation, Issuance, Deployment, or Deletion. From fa68bc454f602451f90b8d884a3a547cb09bac22 Mon Sep 17 00:00:00 2001 From: Kian Date: Tue, 18 Mar 2025 17:19:43 +0000 Subject: [PATCH 5/5] [Docs Site] Track header login button clicks with Zaraz (#20881) --- src/components/overrides/Header.astro | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/components/overrides/Header.astro b/src/components/overrides/Header.astro index 158974662a24490..b85462554816fe8 100644 --- a/src/components/overrides/Header.astro +++ b/src/components/overrides/Header.astro @@ -17,6 +17,7 @@ import HeaderDropdowns from "../HeaderDropdowns.tsx";