525 Error On Worker Fetching External Resource

I have a worker that dynamically fetches some external resources and directly responds with them. It is working fine for almost all requests, but there is one specific URL that always seems to return a 525 when requested via this worker. I’ve recreated the issue using a simplified version:

addEventListener('fetch', event => {

async function handleRequest() {
  return fetch('https://cdn.heapanalytics.com/js/heap-2744321076.js');

I’ve confirmed that the non-https version of the same resource does return correctly from the worker. I’ve also noticed that the worker responds as I expect when I hit it directly (under workers.dev). However, when I make the request via the configured route on my domain, the worker is still executed, but it responds with a 525 error. I could probably hack around this issue, but I’d like a better grasp on whats happening. I appreciate any insights!

You can’t fetch some other protected website with Cloudflare workers,
If you have permission from Heapanalytics then they must have given you the host details or they must have something in store for you.

Protected in what way?

Again, the worker responds as I expect when I hit it directly (under workers.dev ), and I can curl or get the resource from my browser just fine. It solely returns the 502 when requested via the configured route in cloudflare.

That’s what I am trying to say , if you put this code -

addEventListener('fetch', function(event) {
async function handleRequest(request) {
  // Only GET requests work with this proxy.
  if (request.method !== 'GET') return MethodNotAllowed(request)
  return fetch(`https://example.com`)
function MethodNotAllowed(request) {
  return new Response(`Method ${request.method} not allowed.`, {
    status: 405,
    headers: {
      'Allow': 'GET'

In the eg. You are trying to fetch data from example.com which is quite possible since it’s not a protected website, but to access other website resources you need permission or you need to find out their project host details which is impossible to find out since companies don’t share these details with any 3rd person. But if you still try to fetch the address then i will return a 502 error.

I don’t think that is applicable in this case. Again, I’m able to request the resource in the example above in any environment I try other than the worker requested via a configured route. The worker returns a success response when I invoke it via the “workers.dev” domain. It only fails when requested via a configured route in cloudflare.

curl https://example.workers.dev => (the worker) fetch('https://cdn.heapanalytics.com/js/heap-2744321076.js') =>  200 with contents of file

curl https://my.custom.domain => (the worker) fetch('https://cdn.heapanalytics.com/js/heap-2744321076.js') => 525 error

Did you find any solution @nminch ?

I’m also fighting this issue (using pages domain or custom subdomain) and can’t find a solution.

My code is not much different than the one in this example: Make API Requests in a Workers Function Using the Fetch API | egghead.io

My issue: Fetch from AWS API Gateway fails from worker with Error 525 revealing the origin URL in error page - #8 by sebastienlorber