Skip to content

feat: replace DNS-based bot verification with Cloudflare verified bot category#2067

Merged
vladjerca merged 2 commits into
mainfrom
copilot/replace-bot-verification-util
Apr 10, 2026
Merged

feat: replace DNS-based bot verification with Cloudflare verified bot category#2067
vladjerca merged 2 commits into
mainfrom
copilot/replace-bot-verification-util

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Apr 10, 2026
edited by Marius-TV
Loading

The current bot verification performs manual reverse DNS + forward DNS lookups via Cloudflare's DoH endpoint to verify legitimate bots (Googlebot, Bingbot, DuckDuckBot). This is complex, slow (two network requests per incoming request), and limited to only three bot patterns.

Cloudflare already indicates whether a request comes from a verified bot. This is more reliable, covers a much wider range of legitimate bots, and has zero latency cost since Cloudflare computes it at the edge.

This pull request was created from Copilot chat.

@deepsource-io
Copy link
Copy Markdown

deepsource-io Bot commented Apr 10, 2026
edited
Loading

DeepSource Code Review

We reviewed changes in f6553c9...d853883 on this pull request. Below is the summary for the review, and you can see the individual issues we found as inline review comments.

See full review on DeepSource ↗

PR Report Card

Overall Grade   Security  

Reliability  

Complexity  

Hygiene  

Code Review Summary

Analyzer Status Updated (UTC) Details
JavaScript Apr 10, 2026 8:49a.m. Review ↗
Test coverage Apr 10, 2026 8:49a.m. Review ↗

Important

AI Review is run only on demand for your team. We're only showing results of static analysis review right now. To trigger AI Review, comment @deepsourcebot review on this thread.

Copilot AI changed the title [WIP] Replace bot verification utility with header check feat: replace DNS-based bot verification with Cloudflare cf-verified-bot header Apr 10, 2026
Copilot AI requested a review from Marius-TV April 10, 2026 00:42
@Marius-TV Marius-TV marked this pull request as ready for review April 10, 2026 01:22
@trakt-bot trakt-bot Bot enabled auto-merge (rebase) April 10, 2026 01:22
@Marius-TV Marius-TV requested a review from vladjerca April 10, 2026 01:26
@Marius-TV Marius-TV removed their assignment Apr 10, 2026
@Marius-TV Marius-TV disabled auto-merge April 10, 2026 01:28
@Marius-TV Marius-TV enabled auto-merge (squash) April 10, 2026 01:28
Copilot AI requested a review from Marius-TV April 10, 2026 01:38
@Marius-TV Marius-TV removed their request for review April 10, 2026 01:51
@Marius-TV Marius-TV changed the title feat: replace DNS-based bot verification with Cloudflare cf-verified-bot header feat: replace DNS-based bot verification with Cloudflare verified bot category Apr 10, 2026
@vladjerca vladjerca force-pushed the copilot/replace-bot-verification-util branch from 813b061 to 314f7fa Compare April 10, 2026 08:49
@vladjerca vladjerca force-pushed the copilot/replace-bot-verification-util branch from 314f7fa to d853883 Compare April 10, 2026 08:49
@vladjerca vladjerca disabled auto-merge April 10, 2026 08:49
@vladjerca vladjerca merged commit 46cf84c into main Apr 10, 2026
4 of 7 checks passed
@vladjerca vladjerca deleted the copilot/replace-bot-verification-util branch April 10, 2026 08:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vladjerca vladjerca Awaiting requested review from vladjerca

1 more reviewer

@Marius-TV Marius-TV Marius-TV approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Marius-TV @vladjerca