Skip to main content
Supertab Connect integrates with Cloudflare Workers for two purposes: serving your RSL license at /license.xml via your domain, and enforcing the Crawler Authentication Protocol (CAP) across your site.

RSL License Deployment

Your RSL license needs to be accessible at https://yourdomain.com/license.xml. A lightweight Worker proxies this path to the Supertab Connect origin, keeping the URL on your domain.

Worker

Create a Worker that proxies /license.xml to the Supertab Connect API: 
// index.js
export default {
  async fetch(request) {
    const merchantURN = "YOUR_WEBSITE_URN";
    const upstream =
      "https://api-connect.supertab.co/merchants/systems/" + merchantURN + "/license.xml";

    const response = await fetch(upstream, {
      method: "GET",
      redirect: "manual",
    });

    return new Response(response.body, {
      status: response.status,
      headers: response.headers,
    });
  },
};
Deploy it: 
npx wrangler deploy index.js --name supertab-license-worker --compatibility-date YYYY-MM-DD

Worker Route

Add a route that maps requests to /license.xml on your domain to this Worker: 
Route:  *yourdomain.com/license.xml
Worker: supertab-license-worker
You can configure this in the Cloudflare dashboard under your domain → Workers Routes, or via wrangler.toml: 
[[routes]]
pattern = "*yourdomain.com/license.xml"
zone_id = "YOUR_ZONE_ID"

CAP Enforcement

CAP validates the Authorization: License <token> header on crawler requests. The SDK Worker handles detection, verification, enforcement, and analytics recording.

Project Setup

mkdir supertab-cap-worker && cd supertab-cap-worker
npm init -y
npm install @getsupertab/supertab-connect-sdk

Worker Handler

// index.ts
import { SupertabConnect, Env } from "@getsupertab/supertab-connect-sdk";

export default {
  async fetch(request: Request, env: Env, ctx: ExecutionContext): Promise<Response> {
    return SupertabConnect.cloudflareHandleRequests(request, env, ctx);
  },
};
Always pass ctx — the SDK uses it to record analytics events in the background without blocking the response.

Wrangler Configuration

# wrangler.toml
name = "supertab-sdk-worker"
main = "index.ts"
compatibility_date = "YYYY-MM-DD"
compatibility_flags = ["nodejs_compat"]

[[routes]]
pattern = "*yourdomain.com/*"
zone_id = "YOUR_ZONE_ID"
The nodejs_compat flag is required for the SDK to function.

API Key Secret

Store your Merchant API key (from the Supertab Connect dashboard) as a Worker secret: 
npx wrangler secret put MERCHANT_API_KEY
Paste the key when prompted. The SDK reads it automatically from the env object at runtime.

Deploy

npx wrangler deploy
Use wrangler dev for local preview before deploying to production.

Enforcement Modes

import { SupertabConnect, Env, EnforcementMode } from "@getsupertab/supertab-connect-sdk";

export default {
  async fetch(request: Request, env: Env, ctx: ExecutionContext): Promise<Response> {
    return SupertabConnect.cloudflareHandleRequests(request, env, ctx, {
      // DISABLED: no enforcement, signaling, or analytics — use during initial integration
      // SOFT (default): allow all traffic through but log events
      // STRICT: block requests with invalid or missing license tokens
      enforcement: EnforcementMode.SOFT,
    });
  },
};

Deploy in Your CDN

CDN-agnostic guide covering RSL serving, CAP enforcement, and robots.txt.

Other CDNs

Generic CDN patterns for platforms not listed above.