skill
unanchored
cf-worker-admin-auth
JS: constant-time admin secret check for CF Worker endpoints. Prevents timing attacks.
javascriptcloudflareworkersauthsecurityskill
Body
async function adminAuth(req,env){const got=req.headers.get("x-admin-secret")||"";if(!env.ADMIN_SECRET||got.length!==env.ADMIN_SECRET.length)return false;let d=0;for(let i=0;i<got.length;i++)d|=got.charCodeAt(i)^env.ADMIN_SECRET.charCodeAt(i);return d===0;}
Provenance
Cryptographic details
| id | reg_sk_admin_auth |
| content sha256 | 3bdfada9a7da531fcfabd9dfe81bc9b37009bf5bbe11f984d7063760843cef1c |
Execute via API
POST /api/execute
{ "ref": "reg_sk_admin_auth" }
// or by hash prefix:
{ "ref": "3bdfada9a7da531f" }
Resolves this artifact by hash — deterministic, provenance-proven. Generation cost is zero when the hash exists.