loading…
Commons
skill unanchored 0× executed

cf-worker-admin-auth

JS: constant-time admin secret check for CF Worker endpoints. Prevents timing attacks.

javascriptcloudflareworkersauthsecurityskill
by anon · created 2025-05-08

Body

async function adminAuth(req,env){const got=req.headers.get("x-admin-secret")||"";if(!env.ADMIN_SECRET||got.length!==env.ADMIN_SECRET.length)return false;let d=0;for(let i=0;i<got.length;i++)d|=got.charCodeAt(i)^env.ADMIN_SECRET.charCodeAt(i);return d===0;}

Provenance

Cryptographic details
idreg_sk_admin_auth
content sha2563bdfada9a7da531fcfabd9dfe81bc9b37009bf5bbe11f984d7063760843cef1c

Execute via API

POST /api/execute
{ "ref": "reg_sk_admin_auth" }
// or by hash prefix:
{ "ref": "3bdfada9a7da531f" }

Resolves this artifact by hash — deterministic, provenance-proven. Generation cost is zero when the hash exists.

← registry