search

plausible / community-edition

Example Docker Compose setup for hosting Plausible Community Edition
1.45k stars 304 forks source link

Cloudflare proxy issue #180

Closed zuk22 closed 4 weeks ago

zuk22 commented 4 weeks ago

I made a Cloudflare proxy with the worker. During the tracked website load got the next error (failed)net::ERR_CERT_AUTHORITY_INVALID Domain removed

<script defer data-domain="dazzling-monkey-380823.instawp.xyz" data-api="https://mwp-plsible-collect-info.nahnucloud.workers.dev/collection/event" src="https://mwp-plsible-collect-info.nahnucloud.workers.dev/collection/script.js"></script>

Cloudflare worker code (domain initially replaced here placeholders [sub.example.com])

const ScriptName = '/collection/script.js';
const Endpoint = '/collection/event';

const ScriptWithoutExtension = ScriptName.replace('.js', '')

addEventListener('fetch', event => {
    event.passThroughOnException();
    event.respondWith(handleRequest(event));
})

async function handleRequest(event) {
  const pathname = new URL(event.request.url).pathname
  const [baseUri, ...extensions] = pathname.split('.')

  if (baseUri.endsWith(ScriptWithoutExtension)) {
      return getScript(event, extensions)
  } else if (pathname.endsWith(Endpoint)) {
      return postData(event)
  }
  return new Response(null, { status: 404 })
}

async function getScript(event, extensions) {
    let response = await caches.default.match(event.request);
    if (!response) {
        response = await fetch("https://sub.example.com/js/plausible." + extensions.join("."));
        event.waitUntil(caches.default.put(event.request, response.clone()));
    }
    return response;
}

async function postData(event) {
    const request = new Request(event.request);
    request.headers.delete('cookie');
    return await fetch("https://sub.example.com/api/event", request);
}

(failed)net::ERR_CERT_AUTHORITY_INVALID
ruslandoga commented 4 weeks ago

👋 @zuk22

I don't think this is an issue with Plausible CE.

zuk22 commented 4 weeks ago

@ruslandoga Ogirinal domain with plausible is accessible through HTTPS, but the worker provides an issue. Is it more a Cloudflare side issue?

ruslandoga commented 4 weeks ago

I don't know :)

I suggest looking into CF forums for this error and checking your site configuration on CF, e.g. the Strict SSL option.

zuk22 commented 4 weeks ago

Thanks!

jeff-h commented 3 weeks ago

Is the Cloudflare worker proxy solution even needed for self-hosted Plausible? I figured it was to avoid the issue of adblockers blocking scripts from plausible.io, which they would easily detect. In my case, installed at https://pa.mydomain.com I don't see how adblockers could detect a plausible script?