Overview
Get started
CLI
Dashboard
Quickstarts
Examples
Tutorials
Playground
Configuration
Bindings
Compatibility dates
Continuous integration
Cron Triggers
Environment variables
Integrations

APIs
External Services
Momento

Page Rules
Routes and domains

Custom Domains
Routes
workers.dev

Secrets
Smart Placement (beta)
Versions & Deployments

回滚
渐进式部署

Workers Sites

Start from existing
Start from scratch
Start from Worker
Workers Sites configuration
Runtime APIs
Bindings (env)

AI
Analytics Engine
Browser Rendering
D1
Dispatcher (Workers for Platforms)
Durable Objects
Environment Variables
Hyperdrive
KV
mTLS
Queues
R2
Rate Limiting
Secrets
Service bindings

HTTP
RPC (WorkerEntrypoint)

Vectorize
Version metadata

Cache
Console
Context (ctx)
Encoding
Fetch
Handlers

Alarm Handler
Email Handler
Fetch Handler
Queue Handler
Scheduled Handler
Tail Handler

Headers
HTMLRewriter
Node.js compatibility

assert
AsyncLocalStorage
Buffer
Crypto
Diagnostics Channel
EventEmitter
path
process
Streams
StringDecoder
test
util

Performance and timers
Remote-procedure call (RPC)

Lifecycle
Reserved Methods
Visibility and Security Model
TypeScript
Error handling

Request
Response
Streams

ReadableStream
ReadableStream BYOBReader
ReadableStream DefaultReader
TransformStream
WritableStream
WritableStream DefaultWriter

TCP sockets
Web Crypto
Web standards
WebAssembly (Wasm)

Wasm in JavaScript

WebSockets
Databases
Connect to databases
分析引擎
Vectorize (vector database)
Cloudflare D1
Hyperdrive
Database Integrations (beta)

Neon
PlanetScale
Supabase
Turso
Upstash
Xata
Testing
Local development
Unit testing
Integration testing
Debugging tools
Vitest integration

Get started

Write your first test
Migrate from Miniflare 2's test environments
Migrate from unstable_dev

Recipes
Configuration
Test APIs
Isolation and concurrency
Known issues
Observability
Baselime integration (beta)
Errors and exceptions
Logging

Logpush
Real-time logs
Tail Workers

Metrics and analytics
Sentry integration (beta)
Source maps and stack traces
Wrangler
Install/Update Wrangler
API
Bundling
Commands
Configuration
Custom builds
Deprecations
Migrations

Migrate from Wrangler v1 to v2

1. Migrate webpack projects
2. Update to Wrangler v2
Wrangler v1 (legacy)

Install / Update
Authentication
Commands
Configuration
Webpack

Migrate from Wrangler v2 to v3

Run in CI/CD
System environment variables
环境
Languages
JavaScript

Examples

TypeScript

Examples

Python

How Python Workers Work
Standard Library
Examples
Foreign Function Interface (FFI)
Packages

FastAPI
Langchain

Rust

Supported crates
Platform
Pricing
Changelog

Workers (Historic)
Wrangler

Limits
Choose a data or storage product
Betas
Known issues
Workers for Platforms
Reference
How the Cache works
How Workers works
Migrate from Service Workers to ES Modules
Protocols
Security model
Glossary
AI Assistant

Using timingSafeEqual

Protect against timing attacks by safely comparing values using timingSafeEqual.

The crypto.subtle.timingSafeEqual function compares two values using a constant-time algorithm. The time taken is independent of the contents of the values.

When strings are compared using the equality operator (== or ===), the comparison will end at the first mismatched character. By using timingSafeEqual, an attacker would not be able to use timing to find where at which point in the two strings there is a difference.

The timingSafeEqual function takes two ArrayBuffer or TypedArray values to compare. These buffers must be of equal length, otherwise an exception is thrown.

In order to compare two strings, you must use the TextEncoder API. Since the time taken to encode the values may reveal the length of our secret value, you should check the length of the strings before encoding.