Rules - New cryptographic functions — encode_base64() and sha256()
5mo ago
Source
CloudflareRules - New cryptographic functions — encode_base64() and sha256()cloudflare.comCloudflare Rulesets now includes encode_base64() and sha256() functions, enabling you to generate signed request headers directly in rule expressions. These functions support common patterns like constructing a canonical string from request attributes, computing a SHA256 digest, and Base64-encoding the result. New functions Function Description Availability encode_base64(input, flags) Encodes a string to Base64 format. Optional flags parameter: u for URL-safe encoding, p for padding (adds = characters to make the output length a multiple of 4, as required by some systems). By default, output is standard Base64 without padding. All plans (in header transform rules) sha256(input) Computes a SHA256 hash of the input string. Requires enablement Note The sha256() function is available as an Enterprise add-on and requires a specific entitlement. Contact your account team to enable it. Examples Encode a string to Base64 format: encode_base64("hello world") Returns: aGVsbG8gd29ybGQ Encode a string to Base64 format with padding: encode_base64("hello world", "p") Returns: aGVsbG8gd29ybGQ= Perform a URL-safe Base64 encoding of a string: encode_base64("hello world", "u") Returns: aGVsbG8gd29ybGQ Compute the SHA256 hash of a secret token: sha256("my-token") Returns a hash that your origin can validate to authenticate requests. Compute the SHA256 hash of a string and encode the result to Base64 format: encode_base64(sha256("my-token")) Combines hashing and encoding for systems that expect Base64-encoded signatures. For more information, refer to the Functions reference .
You might also wanna read
Cloudflare Introduces Merkle Tree Certificates for Post-Quantum Internet Security
Cloudflare is introducing Merkle Tree Certificates as part of its post-quantum cryptography initiative to protect internet security against
Authentication Reference Implementation for Cloudflare Workers with PBKDF2, JWT Sessions, and NIST Compliance
This article presents a comprehensive authentication reference implementation for Cloudflare Workers that serves as an educational resource

Comments
Sign in to join the conversation.
No comments yet. Be the first.