Matt Bullock

This commit **updates documentation** for **Cloudflare Workers**, specifically detailing the new **RFC 9440 mTLS certificate fields** now available within the `request.cf.tlsClientAuth` object. It includes a **new changelog entry** in `src/content/changelog/workers/2026-03-27-rfc9440-mtls-fields.mdx` to announce this enhancement and **revises the client certificate variables documentation** in `src/content/docs/ssl/client-certificates/client-certificate-variables.mdx`. This **documentation update** ensures developers are aware of and can utilize the expanded mTLS client authentication details provided by the Workers platform.

[Rules] Fix RFC 9440 mTLS cert size limit: leaf cert is 10 KB, chain is 16 KB (#29392)

This commit provides crucial **security guidance** by updating the **documentation** for specific **mTLS fields**. It adds a caution note to the changelog entry for RFC9440 mTLS fields and incorporates a warning about **header injection** to the descriptions of `cf.tls_client_auth.cert_pem_rfc9440` and `cf.tls_client_auth.cert_chain_rfc9440` in the fields index. This **documentation update** aims to inform users about potential vulnerabilities and best practices when handling these certificate fields, thereby enhancing the security awareness and robustness of integrations.

This commit **introduces a new field** `cf.timings.worker_msec` to the **Rules** subsystem, providing a new metric for worker process timings. It updates the **documentation** by adding the field's definition to `src/content/fields/index.yaml` and creating a new changelog entry in `src/content/changelog/rules/2026-03-18-worker-timing-field.mdx`. This **enhancement** allows users to leverage this new timing data for better observability and performance analysis within their rules.

This commit **adds a new changelog entry** to the **analytics documentation**, specifically detailing the **introduction of the `cfWorker` metric** within the `Server-Timing` HTTP header. This **documentation update** informs users about a new performance metric available for monitoring Cloudflare Worker execution. The entry in `src/content/changelog/analytics/2026-02-18-cfworker-server-timing.mdx` ensures that consumers of the `Server-Timing` header are aware of this new insight into request processing.

Add changelog: New cfWorker metric in Server-Timing header (#28421)

This commit **adds a new changelog entry** to document a recent **improvement in HTTP/3 499 reporting**. Specifically, it highlights **enhanced visibility for HTTP/3 request cancellations** and the resulting **reduction in origin server load**. This **documentation update** ensures users are aware of the improved handling and reporting of client-side request terminations within the **HTTP/3 subsystem**, providing better insights into client behavior and optimizing resource usage. The entry is located at `src/content/changelog/fundamentals/2026-01-19-http3-499-reporting-improvement.mdx`.

This commit **updates the project changelog** by adding a new entry detailing the introduction of **request and response body buffering settings** within the **Configuration Rules** module. This **documentation update** serves as a **maintenance** task, ensuring that users and developers are informed about these recent **feature enhancements**. The entry in `src/content/changelog/rules/2026-01-27-body-buffering-settings.mdx` provides transparency regarding the new configuration options available for managing body buffering behavior.

This commit **updates the changelog documentation** for **Cloudflare Rulesets**, announcing the introduction of new built-in functions. It adds a new entry to `src/content/changelog/rules/2026-01-22-sha256-base64-encode-functions.mdx` to document the availability of `encode_base64()` and `sha256()`. This **documentation update** informs users about these new cryptographic and encoding capabilities, allowing them to leverage more advanced logic within their Cloudflare Rulesets.

This commit **updates the documentation** for the **Ruleset Engine**'s **rules language**, specifically within `src/content/docs/ruleset-engine/rules-language/functions.mdx`, to introduce the newly added `encode_base64` and `sha256` functions. The update provides comprehensive details on their syntax, parameters, and usage examples, making these **new capabilities** accessible to users. This **documentation enhancement** allows rule developers to leverage cryptographic hashing and Base64 encoding directly within their rules, significantly expanding the expressiveness of the rules language.

This commit **documents** the introduction of several new array and map manipulation functions for **Cloudflare Rulesets**. It adds a changelog entry to `src/content/changelog/rules/2026-01-20-array-map-functions.mdx`, detailing the availability of `split`, `join`, `has_key`, and `has_value` functions. This **new feature documentation** informs users about enhanced capabilities for manipulating data structures within their rules. The update provides clearer guidance on leveraging these powerful new tools for more complex rule logic and data processing.

This commit **updates the documentation** for the **Rules** feature by adding a new changelog entry. It specifically announces the availability of the `ip.src.metro_code` field, which allows for more granular geographic targeting or filtering within rules. This **documentation update** ensures users are aware of this **new capability**, enabling them to leverage the Digital Metropolitan Area (DMA) or metro code for source IP addresses in their rule configurations.

This commit provides a crucial **documentation update** to `src/content/docs/spectrum/reference/limitations.mdx`, clarifying specific restrictions for **UDP Spectrum applications**. It explicitly states that these applications are not supported when integrated with **Magic Transit**, **BYOIP**, **Spectrum** (referring to a specific feature), and **Bindings**. This **maintenance** task enhances user understanding of platform capabilities, preventing potential misconfigurations or unexpected behavior for **Spectrum** users. The update ensures accurate information is available regarding the operational boundaries of **UDP Spectrum**.

This commit **introduces a new changelog entry** within the **Rulesets documentation**, specifically `src/content/changelog/rules/2025-10-30-tcp-rtt-and-tcp-fields.mdx`. This **documentation update** announces the **availability of new TCP-based fields**, including `tcp.rtt` and other `tcp` attributes, for use in **Rulesets**. It serves as a **maintenance** task to inform users about enhanced capabilities for defining more granular rules based on these new network metrics.

This commit **updates the documentation** for **Magic Transit's integration with Kentik**, specifically within the `src/content/docs/magic-transit/partners/kentik.mdx` file. It **fixes a broken link** that previously resulted in a 404 error, replacing it with the correct and active URL for Kentik's mitigation overview and Cloudflare MT setup guide. This **documentation maintenance** ensures users can accurately access the necessary external resources, improving the overall reliability and user experience for those configuring the Kentik partnership with Magic Transit.

This commit **enhances the Ruleset Engine's documentation** by **adding two new fields** to its comprehensive fields reference. Specifically, it introduces `cf.edge.client_tcp` and `cf.timings.client_tcp_rtt_msec` within the `src/content/fields/index.yaml` file. This **new capability** provides users with updated information, enabling them to leverage these additional fields for more granular control and data access within their rulesets.

This commit **adds a new changelog entry** to the `fundamentals` section, documenting a significant platform enhancement. It informs users that the **HTTP header size limit** for Cloudflare's **CDN** and **Workers** platform has been **increased to 128 KB**. This **documentation update** ensures that developers are aware of the expanded capabilities, allowing for more flexible and larger header usage in their applications. The new entry is located at `src/content/changelog/fundamentals/2025-10-16-header-limit-increase.mdx`.

This commit **updates documentation** across the **`Fundamentals`** and **`Support`** sections to reflect an increased maximum header size. Specifically, it revises the documented total limit for request and response headers from 32 KB to **128 KB** within `connection-limits.mdx`. Additionally, the documentation for `error-520.mdx` is updated to state that a 520 error can be triggered by header sizes exceeding **128 KB**, up from the previous 16 KB. This **maintenance update** ensures users have accurate information regarding Cloudflare's HTTP header limits, improving troubleshooting and understanding of system behavior.

This commit performs a **documentation update** for the **Workers platform**, specifically clarifying the maximum header limits. It updates the `src/content/docs/workers/platform/limits.mdx` file to reflect an increased total limit for request and response headers from 32 KB to **128 KB**. This change ensures that users consulting the documentation have accurate information regarding the platform's capabilities, improving clarity for developers building on the **Workers platform**.

This commit introduces a **new changelog entry** in `src/content/changelog/dns/` to document recent enhancements. Specifically, it details **improvements to the Shopify integration**, focusing on a more streamlined **Orange-to-Orange (O2O) onboarding experience** for merchants. This **documentation update** ensures users are informed about the refined processes and capabilities within the **Shopify O2O subsystem**, including the addition of an image for clarity. The new entry, `2025-06-03-shopify-o2o-improvements.mdx`, provides a comprehensive overview of these updates.