Dynamically Generated Assets Compatibility Issue with Cloudflare

Hi,

I’ve recently ran into an issue with this plugin, specifically related to the “Dynamically Generated Assets” feature.

The issue starts with the page not loading correctly, if we look at console you’ll see the following error:

Uncaught SyntaxError: Unexpected token '<' (at pa-frontend-0b876018e.min.js:1:1)

If at the source of this actual javascript file you’ll see:

<!doctype html>
<html>
<head>
<meta charset="utf-8">
<meta name="robots" content="noindex, nofollow">
<title>One moment, please...</title>
<style>
body {
    background: #F6F7F8;
    color: #303131;
    font-family: sans-serif;
    margin-top: 45vh;
    text-align: center;
}
</style>
</head>
<body>
<h1>Please wait while your request is being verified...</h1>
<form id="wsidchk-form" style="display:none;" action="/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f" method="get">
<input type="hidden" id="wsidchk" name="wsidchk"/>
</form>
<script>
(function(){
    var west=+((+!+[])+(+!+[]+[])+(+!+[]+!![]+!![]+!![]+!![])+(+!+[]+!![]+[])+(+!+[]+!![])+(+!+[]+[])+(+!+[]+!![]+!![])),
        east=+((+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+[])+(+!+[]+!![]+!![]+!![]+!![])+(+!+[]+!![]+!![]+!![]+!![]+!![]+[])),
        x=function(){try{return !!window.addEventListener;}catch(e){return !!0;} },
        y=function(y,z){x() ? document.addEventListener("DOMContentLoaded",y,z) : document.attachEvent("onreadystatechange",y);};
    y(function(){
        document.getElementById('wsidchk').value = west + east;
        document.getElementById('wsidchk-form').submit();
    }, false);
})();
</script>
</body>
</html>

The issue is that your plugins crawler is being detected potentially as a robot by Cloudflare

If this is the case, maybe the “dynamically generated assets” function shouldn’t cache the file, instead it should use an un-minified version of the file and alert the user in the dashboard that they may need to make an adjustment in their Cloudflare.

The adjustments would either to:

1. Reduce the security level: Cloudflare > Website > Security > Settings (Mine currently is on Medium which is the Cloudflare default and it ran into this issue, I suspect that Low would solve the issue but it may need either Essentially Off or Off)

2. Add your websites IP to the whitelist:
– Cloudflare > Website > Security > WAF > Create Firewall Rule
– Field > IP Source
– Operator > Equals
– Value > Server IP
– Action > Allow

However, this shouldn’t really be required. The plugin should be able to recognise this and shouldn’t deploy broken minified JS files.

On top of that it should be creating these cache files locally (by server IP, rather than crawling by domain). See how LiteSpeed Cache does it, their crawlers are able to be set to crawl by website IP rather than via domain as this bypasses services like Cloudflare.