From adaffd429775db77f6e483a61e553cf9e30fb4f2 Mon Sep 17 00:00:00 2001
From: The Noah <thenoahbz@gmail.com>
Date: Sat, 8 Oct 2022 20:50:16 -0500
Subject: [PATCH] [fix] fetch erroring on Cloudflare

Fixes #6739
---
 .changeset/tidy-tables-think.md          | 5 +++++
 packages/kit/src/runtime/server/fetch.js | 9 +++++----
 2 files changed, 10 insertions(+), 4 deletions(-)
 create mode 100644 .changeset/tidy-tables-think.md

diff --git a/.changeset/tidy-tables-think.md b/.changeset/tidy-tables-think.md
new file mode 100644
index 000000000000..a79fb94e8f65
--- /dev/null
+++ b/.changeset/tidy-tables-think.md
@@ -0,0 +1,5 @@
+---
+'@sveltejs/kit': patch
+---
+
+[fix] fetch erroring on Cloudflare
diff --git a/packages/kit/src/runtime/server/fetch.js b/packages/kit/src/runtime/server/fetch.js
index 450d047b7bac..a3d28f103ec8 100644
--- a/packages/kit/src/runtime/server/fetch.js
+++ b/packages/kit/src/runtime/server/fetch.js
@@ -34,7 +34,8 @@ export function create_fetch({ event, options, state, get_cookie_header }) {
 				// Remove Origin, according to https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin#description
 				if (
 					(request.method === 'GET' || request.method === 'HEAD') &&
-					((request.mode === 'no-cors' && url.origin !== event.url.origin) ||
+					((('cf' in request ? 'cors' : request.mode) === 'no-cors' &&
+						url.origin !== event.url.origin) ||
 						url.origin === event.url.origin)
 				) {
 					request.headers.delete('origin');
@@ -51,7 +52,7 @@ export function create_fetch({ event, options, state, get_cookie_header }) {
 					// leading dot prevents mydomain.com matching domain.com
 					if (
 						`.${url.hostname}`.endsWith(`.${event.url.hostname}`) &&
-						request.credentials !== 'omit'
+						('cf' in request ? 'same-origin' : request.credentials) !== 'omit'
 					) {
 						const cookie = get_cookie_header(url, request.headers.get('cookie'));
 						if (cookie) request.headers.set('cookie', cookie);
@@ -59,7 +60,7 @@ export function create_fetch({ event, options, state, get_cookie_header }) {
 
 					let response = await fetch(request);
 
-					if (request.mode === 'no-cors') {
+					if (('cf' in request ? 'cors' : request.mode) === 'no-cors') {
 						response = new Response('', {
 							status: response.status,
 							statusText: response.statusText,
@@ -112,7 +113,7 @@ export function create_fetch({ event, options, state, get_cookie_header }) {
 					return await fetch(request);
 				}
 
-				if (request.credentials !== 'omit') {
+				if (('cf' in request ? 'same-origin' : request.credentials) !== 'omit') {
 					const cookie = get_cookie_header(url, request.headers.get('cookie'));
 					if (cookie) {
 						request.headers.set('cookie', cookie);