[ PROMPT_NODE_24314 ]
Snippets 设计模式
[ SKILL_DOCUMENTATION ]
# 代码片段模式
## 安全响应头
javascript
export default {
async fetch(request) {
const response = await fetch(request);
const newResponse = new Response(response.body, response);
newResponse.headers.set("X-Frame-Options", "DENY");
newResponse.headers.set("X-Content-Type-Options", "nosniff");
newResponse.headers.delete("X-Powered-By");
return newResponse;
}
}
**规则:** `true` (所有请求)
## 基于地理位置的路由
javascript
export default {
async fetch(request) {
const country = request.cf.country;
if (["GB", "DE", "FR"].includes(country)) {
const url = new URL(request.url);
url.hostname = url.hostname.replace(".com", ".eu");
return Response.redirect(url.toString(), 302);
}
return fetch(request);
}
}
## A/B 测试
javascript
export default {
async fetch(request) {
const cookies = request.headers.get("Cookie") || "";
let variant = cookies.match(/ab_test=([AB])/)?.[1] || (Math.random() < 0.5 ? "A" : "B");
const req = new Request(request);
req.headers.set("X-Variant", variant);
const response = await fetch(req);
if (!cookies.includes("ab_test=")) {
const newResponse = new Response(response.body, response);
newResponse.headers.append("Set-Cookie", `ab_test=${variant}; Path=/; Secure`);
return newResponse;
}
return response;
}
}
## 机器人检测
javascript
export default {
async fetch(request) {
const botScore = request.cf.botManagement?.score;
if (botScore && botScore < 30) return new Response("Denied", { status: 403 });
return fetch(request);
}
}
**要求:** 需订阅 Bot Management 计划
## API 认证头注入
javascript
export default {
async fetch(request) {
if (new URL(request.url).pathname.startsWith("/api/")) {
const req = new Request(request);
req.headers.set("X-Internal-Auth", "secret_token");
req.headers.delete("Authorization");
return fetch(req);
}
return fetch(request);
}
}
## CORS 响应头
javascript
export default {
async fetch(request) {
if (request.method === "OPTIONS") {
return new Response(null, {
status: 204,
headers: {
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Methods": "GET, POST, PUT, DELETE",
"Access-Control-Allow-Headers": "Content-Type, Authorization"
}
});
}
const response = await fetch(request);
co
粤公网安备44030002003366号