Cloudflare Docs
Workers
Visit Workers on GitHub
Set theme to dark (⇧+D)

Conditional response

Return a response based on the incoming request's URL, HTTP method, User Agent, IP address, ASN or device type.
const BLOCKED_HOSTNAMES = ['nope.mywebsite.com', 'bye.website.com'];

async function handleRequest(request) {
  // Return a new Response based on a URL's hostname
  const url = new URL(request.url);

  if (BLOCKED_HOSTNAMES.includes(url.hostname)) {
    return new Response('Blocked Host', { status: 403 });
  }

  // Block paths ending in .doc or .xml based on the URL's file extension
  const forbiddenExtRegExp = new RegExp(/\.(doc|xml)$/);

  if (forbiddenExtRegExp.test(url.pathname)) {
    return new Response('Blocked Extension', { status: 403 });
  }

  // On HTTP method
  if (request.method === 'POST') {
    return new Response('Response for POST');
  }

  // On User Agent
  const userAgent = request.headers.get('User-Agent') || '';
  if (userAgent.includes('bot')) {
    return new Response('Block User Agent containing bot', { status: 403 });
  }

  // On Client's IP address
  const clientIP = request.headers.get('CF-Connecting-IP');
  if (clientIP === '1.2.3.4') {
    return new Response('Block the IP 1.2.3.4', { status: 403 });
  }

  // On ASN
  if (request.cf && request.cf.asn == 64512) {
    return new Response('Block the ASN 64512 response');
  }

  // On Device Type
  // Requires Enterprise "CF-Device-Type Header" zone setting or
  // Page Rule with "Cache By Device Type" setting applied.
  const device = request.headers.get('CF-Device-Type');
  if (device === 'mobile') {
    return Response.redirect('https://mobile.example.com');
  }

  console.error(
    "Getting Client's IP address, device type, and ASN are not supported in playground. Must test on a live worker"
  );
  return fetch(request);
}

addEventListener('fetch', event => {
  event.respondWith(handleRequest(event.request));
});