From ee78bcfa392d4069ad25fe2c0fbf9114f8b0a402 Mon Sep 17 00:00:00 2001 From: Nim G Date: Sun, 8 Mar 2026 21:53:05 -0300 Subject: [PATCH] fix(ai-gateway): strip cf-* headers and skip body on GET in OpenAI proxy cf-connecting-ip, cf-ipcountry, cf-ray, cf-visitor were forwarded to upstream in direct mode. Also prevents sending a request body on GET /v1/models requests. --- workers/ai-gateway/src/providers/openai.ts | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/workers/ai-gateway/src/providers/openai.ts b/workers/ai-gateway/src/providers/openai.ts index 08e3d70..d767fe8 100644 --- a/workers/ai-gateway/src/providers/openai.ts +++ b/workers/ai-gateway/src/providers/openai.ts @@ -17,6 +17,11 @@ export async function proxyOpenAI( // Replace auth token with OpenAI API key headers.set('Authorization', `Bearer ${apiKey}`) + // Strip Cloudflare-injected metadata headers that shouldn't reach upstream providers + for (const key of [...headers.keys()]) { + if (key.startsWith('cf-')) headers.delete(key) + } + // Set provider-config headers (e.g. cf-aig-authorization for gateway mode, // X-Proxy-Auth for egress proxy) if (config.headers) { @@ -26,16 +31,13 @@ export async function proxyOpenAI( } // When egress proxy is configured, wrap the target URL in the proxy URL - // and strip CF-injected headers that shouldn't reach the upstream + // and strip additional proxy-revealing headers const url = config.egressProxyUrl ? `${config.egressProxyUrl}?_proxyUpstreamURL_=${encodeURIComponent(targetUrl)}` : targetUrl if (config.egressProxyUrl) { - for (const h of [ - 'host', 'cf-connecting-ip', 'cf-ipcountry', 'cf-ray', 'cf-visitor', - 'x-real-ip', 'x-forwarded-proto', 'x-forwarded-for', - ]) { + for (const h of ['host', 'x-real-ip', 'x-forwarded-proto', 'x-forwarded-for']) { headers.delete(h) } } @@ -48,6 +50,6 @@ export async function proxyOpenAI( return fetch(url, { method: request.method, headers, - body, + body: request.method !== 'GET' ? body : undefined, }) }