Transform rule not working

General Rules
1

Hi,

I’ve got something weird going on.

I’ve got some files in a B2 bucket; for example:

https://f001.backblazeb2.com/file/fsccdn/10-Vespula-sp-male.jpg

I have a CNAME set up that points cdn.field-studies-council.org to f001.backblazeb2.com.

Finally, I have a transform rule that allows for removal of the /file/fsccdn part of the path, like this:

https://cdn.field-studies-council.org/10-Vespula-sp-male.jpg

The transform rule I have set up is as follows:

  • Incoming match (http.host eq "cdn.field-studies-council.org")
  • Path rewrite dynamic concat("/file/fsccdn", http.request.uri.path)
  • Query preserve

When I try and visit this URL in my browser, I get the following 404 (have tried in Firefox, Chrome, Edge)

{
  "code": "not_found",
  "message": "File with such name does not exist.",
  "status": 404
}

However, it seems to load just fine if I reference the image in an image tag.

682×511 32.4 KB

Also, if I download the file on the command line, that works too. Here I am getting the headers using httpie:

> http --headers https://cdn.field-studies-council.org/10-Vespula-sp-male.jpg
HTTP/1.1 200 OK
Accept-Ranges: bytes
CF-Cache-Status: HIT
CF-RAY: 78edbb0e997edcc3-LHR
Cache-Control: max-age=14400
Cf-Bgj: imgq:85,h2pri
Cf-Polished: degrade=85, origSize=59445
Connection: keep-alive
Content-Length: 33179
Content-Type: image/jpeg
Date: Wed, 25 Jan 2023 02:55:34 GMT
Last-Modified: Wed, 25 Jan 2023 02:08:31 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrZu9DS%2Fou5fq0KaM375nZfrg6p9hBIc6ISfnbeLPtbP3DHcvy1krENpBM4r2kfIV3tOxbpdBWOefbvHmj7dO%2BpYUj%2BoDuivlgkM%2FWMDodMXI9uPck0PMpn8MPYFapYdUH97w0awUK1iW2MVu5QU"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Server-Timing: cf-q-config;dur=7.0000005507609e-06
Vary: Accept
X-Bz-Upload-Timestamp: 1633231038000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-bz-content-sha1: unverified:32ba7ca630ff4e386d5efecf981963835c49b0c2
x-bz-file-id: 4_ze7e6e66a1134494f7dc2081c_f100ba06e43b2165d_d20211003_m031718_c001_v0001144_t0038
x-bz-file-name: 10-Vespula-sp-male.jpg
x-bz-info-src_last_modified_millis: 1559681209000

Any idea what’s going on here?

2

I’ve just found the post here from @metadaddy that addresses a similar issue:

However, in my case I do not have SXG enabled and if I check the accept header in Firefox there is no mention of SXG.

accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8

Could this be a CORS issue?

3

https://cdn.field-studies-council.org/10-Vespula-sp-male.jpg doesnt work for me, FYI, I get the same 404.

I suspect what’s happening here is the host header is incorrect. Your requests are going to the backblaze origin but with a Host header of cdn.field-studies-council.org/ instead of f001.backblazeb2.com, causing backblaze to error out as it has no idea what ‘cdn.field…’ is.

We see this typically with cloud providers like AWS, I even wrote about this in a blog last year: https://blog.cloudflare.com/origin-rules/

I’ve not personally setup B2, however I know from speaking with the team at Backblaze in the past that they have a few howto guides (e.g. https://help.backblaze.com/hc/en-us/articles/360010017893-Delivering-Backblaze-B2-Content-Through-Cloudflare-CDN) which might help you.

1 Like
4

@smarsh What I don’t understand is how the files are served if, for example, referenced in an img tag in a web page, but don’t work if directly entered into the URL bar in the browser.

I created a reduced test:

https://charlesroper.com/test.html

The picture loads fine as part of this page, but if I enter it directly into the browser, I get the 404.

Also, I have set up a separate B2 bucket on a completely separate domain, and using the exact same transform rule. Directly entered URLs work here. E.g. this works:

https://cdn.charlesroper.com/undraw_online_test_gba7.png

But this doesn’t:

https://cdn.field-studies-council.org/undraw_online_test_gba7.png

I can’t see what the difference is.

5

@smarsh I have set up another domain and B2 bucket from scratch, configured in the same way, and this works fine too:

https://cdn.fieldstudiescouncil.net/wasp.jpg

So it seems to be something particular for the cdn.field-studies-council.org domain that is not working.

6

I logged a support ticket about this 20 days ago, but so far no response at all. Is this normal? We’re pro plan customers and it feels a bit off that we can’t get any support on this at all.

7

I have improved my reduced test to make it clearer what is happening here.

https://charlesroper.com/test.html

This is totally baffling. Still haven’t heard anything from Cloudflare support.

8

For what it’s worth, I also noticed this issue. If I CNAME f00#.backblazeb2.com, it 404s. Accessing the file directly (e.g. https://f004.backblazeb2.com/file/cloudflare-test/image.avif) works but accessing it via CNAME (e.g. https://cdn.mydomain.com/file/cloudflare-test/image.avif) does not.

9

Hi @reachme - apologies for the latency! I somehow missed the notification when you mentioned me back in January.

It seems like you got this working in the end - your cdn.field-studies-council.org URLs all seem to load in the browser for me.

10

Yes, thanks. Cloudflare support took a deep dive into it and eventually figured out it was due to a somewhat obscure combination of APO and Transforms. Here’s what Scott D. wrote:

It turns out that with APO, requests loop through Transforms, causing a second re-write of the URL.

The workaround is to modify your rule to only trigger when the path does not begin with /file/fsccdn

This is the working Transform rule I ended up with:

(http.host eq "cdn.field-studies-council.org" and not starts_with(http.request.uri.path, "/file/fsccdn"))

3 Likes