From 184d12166bf33337bc02ab99afe3bd04f2af0d6a Mon Sep 17 00:00:00 2001
From: Edmund Hung <edmund@cloudflare.com>
Date: Tue, 24 Dec 2024 14:36:30 +0000
Subject: [PATCH] fix: apply the same update to quick editor

---
 .../src/index.ts                              |  5 +++
 .../tests/index.test.ts                       | 37 +++++++++++++++++++
 .../tests/index.test.ts                       | 25 +++++++++++++
 3 files changed, 67 insertions(+)

diff --git a/packages/edge-preview-authenticated-proxy/src/index.ts b/packages/edge-preview-authenticated-proxy/src/index.ts
index 3be5e663197c..1e0241add9a4 100644
--- a/packages/edge-preview-authenticated-proxy/src/index.ts
+++ b/packages/edge-preview-authenticated-proxy/src/index.ts
@@ -204,6 +204,9 @@ async function handleRawHttp(request: Request, url: URL) {
 	const token = requestHeaders.get("X-CF-Token");
 	const remote = requestHeaders.get("X-CF-Remote");
 
+	// Fallback to the request method for backward compatiblility
+	const method = requestHeaders.get("X-CF-Http-Method") ?? request.method;
+
 	if (!token || !remote) {
 		throw new RawHttpFailed();
 	}
@@ -216,6 +219,7 @@ async function handleRawHttp(request: Request, url: URL) {
 	// request due to exceeding size limits if the value is included twice.
 	requestHeaders.delete("X-CF-Token");
 	requestHeaders.delete("X-CF-Remote");
+	requestHeaders.delete("X-CF-Http-Method");
 
 	const headerEntries = [...requestHeaders.entries()];
 
@@ -229,6 +233,7 @@ async function handleRawHttp(request: Request, url: URL) {
 	const workerResponse = await fetch(
 		switchRemote(url, remote),
 		new Request(request, {
+			method,
 			headers: requestHeaders,
 			redirect: "manual",
 		})
diff --git a/packages/edge-preview-authenticated-proxy/tests/index.test.ts b/packages/edge-preview-authenticated-proxy/tests/index.test.ts
index db1f44e8c90d..dcead23f05be 100644
--- a/packages/edge-preview-authenticated-proxy/tests/index.test.ts
+++ b/packages/edge-preview-authenticated-proxy/tests/index.test.ts
@@ -469,6 +469,43 @@ compatibility_date = "2023-01-01"
 		`);
 	});
 
+	it("should use the method specified on the X-CF-Http-Method header", async () => {
+		const token = randomBytes(4096).toString("hex");
+		const resp = await worker.fetch(
+			`https://0000.rawhttp.devprod.cloudflare.dev`,
+			{
+				method: "POST",
+				headers: {
+					// "Access-Control-Request-Method": "POST",
+					origin: "https://cloudflare.dev",
+					"X-CF-Token": token,
+					"X-CF-Remote": `http://127.0.0.1:${remote.port}`,
+					"X-CF-Http-Method": "PUT",
+				},
+			}
+		);
+
+		expect(await resp.text()).toMatchInlineSnapshot('"PUT"');
+	});
+
+	it("should fallback to the request method if the X-CF-Http-Method header is missing", async () => {
+		const token = randomBytes(4096).toString("hex");
+		const resp = await worker.fetch(
+			`https://0000.rawhttp.devprod.cloudflare.dev`,
+			{
+				method: "PUT",
+				headers: {
+					// "Access-Control-Request-Method": "GET",
+					origin: "https://cloudflare.dev",
+					"X-CF-Token": token,
+					"X-CF-Remote": `http://127.0.0.1:${remote.port}`,
+				},
+			}
+		);
+
+		expect(await resp.text()).toMatchInlineSnapshot('"PUT"');
+	});
+
 	it("should strip cf-ew-raw- prefix from headers which have it before hitting the user-worker", async () => {
 		const token = randomBytes(4096).toString("hex");
 		const resp = await worker.fetch(
diff --git a/packages/playground-preview-worker/tests/index.test.ts b/packages/playground-preview-worker/tests/index.test.ts
index feeddcb807f5..eb99e05d6f50 100644
--- a/packages/playground-preview-worker/tests/index.test.ts
+++ b/packages/playground-preview-worker/tests/index.test.ts
@@ -244,6 +244,31 @@ describe("Preview Worker", () => {
 		);
 		expect(await resp.text()).toMatchInlineSnapshot('"custom"');
 	});
+	it("should return method specified on the X-CF-Http-Method header", async () => {
+		const resp = await fetch(`${PREVIEW_REMOTE}/method`, {
+			method: "POST",
+			headers: {
+				"X-CF-Token": defaultUserToken,
+				"X-CF-Http-Method": "PUT",
+				"CF-Raw-HTTP": "true",
+			},
+			redirect: "manual",
+		});
+
+		expect(await resp.text()).toMatchInlineSnapshot('"PUT"');
+	});
+	it("should fallback to the request method if the X-CF-Http-Method header is missing", async () => {
+		const resp = await fetch(`${PREVIEW_REMOTE}/method`, {
+			method: "PUT",
+			headers: {
+				"X-CF-Token": defaultUserToken,
+				"CF-Raw-HTTP": "true",
+			},
+			redirect: "manual",
+		});
+
+		expect(await resp.text()).toMatchInlineSnapshot('"PUT"');
+	});
 	it("should reject no token for raw HTTP response", async () => {
 		const resp = await fetch(`${PREVIEW_REMOTE}/header`, {
 			headers: {