mirror of
https://github.com/myronblair/infra
synced 2026-06-30 17:50:10 -05:00
52f6073593
AI context/memory from Claude Code sessions covering all infrastructure: JARVIS, NovaCPX, DO sites, Proxmox, FusionPBX, MediaStack, and project feedback/preferences.
28 lines
1.7 KiB
Markdown
28 lines
1.7 KiB
Markdown
---
|
|
name: feedback-cloudflare-rocket-loader
|
|
description: Cloudflare Rocket Loader breaks inline JS event handlers and defers scripts — how to avoid and fix
|
|
metadata:
|
|
node_type: memory
|
|
type: feedback
|
|
originSessionId: dfc59a24-a903-4f91-8c76-331af763d3e6
|
|
---
|
|
|
|
Cloudflare Rocket Loader is enabled on all orbishosting.com sites and causes two distinct problems:
|
|
|
|
1. **Script deferral** — changes `<script>` tag type to a fake value, preventing execution until Rocket Loader finishes loading. Breaks any JS that must run on page load.
|
|
|
|
2. **Inline handler blocking** — injects `if (!window.__cfRLUnblockHandlers) return false;` into every `onclick=`, `onkeydown=`, etc. HTML attribute. Even if the function is defined, the click is blocked.
|
|
|
|
**Why:** These are Cloudflare "performance optimizations" that can't be disabled without Cloudflare dashboard access (no API keys stored).
|
|
|
|
**How to apply:** For any page with JavaScript that must work:
|
|
- Add `Cache-Control: no-transform, no-store` response header — this tells Cloudflare not to modify the response. Use `ini_set('session.cache_limiter', '')` before session_start() or the session headers will override it.
|
|
- Never use inline event handler attributes (`onclick=`, `onkeydown=`). Always use `addEventListener()`.
|
|
- The main JARVIS app (jarvis.orbishosting.com) is now served via `index.php` which adds this header automatically.
|
|
|
|
**Current solution (2026-06-01):**
|
|
- Login: `login.php` (pure PHP form POST, no JS) with `Cache-Control: no-transform`
|
|
- Entry point: `index.php` checks PHP session, redirects to `login.php` if not auth'd
|
|
- App served with token injected as `var __jarvisToken` global + CSS forcing loginScreen hidden
|
|
- See [[project-jarvis]] for full architecture
|