Cloudflare Workers use the V8 JavaScript engine from Google Chrome. The Workers runtime is updated at least once a week, to at least the version that is currently used by Chrome’s stable release. This means you can safely use latest JavaScript features, with no need for “transpilers”.
This is a summary of the JavaScript APIs available to Cloudflare Worker scripts, and links to their documentation on MDN. Cloudflare currently implements a subset of these APIs, as shown on this table. We are adding support for more APIs all the time – let us know if we’re missing one you need.
| API | Support |
|---|---|
| ECMAScript Builtins | Everything supported by current Google Chrome stable release. eval() and new Function() are disallowed for security reasons. WebAssembly is currently disabled (stay tuned). Date.now() returns the time of last I/O; it does not advance during code execution. |
| Service Worker API | "fetch" event |
| Web Global APIs | Base64 utility methods Timers1 |
| Encoding API | UTF-8 |
| URL API | http://, https:// schemes |
| Fetch API1 | fetch(), Headers, Request, and Response classes (some features inapplicable to the edge, such as CORS-related properties, are not implemented) |
| Streams API1 | ReadableStream class (enough to support the Fetch API) WritableStream class (constructed via TransformStream) TransformStream class (zero-argument constructor) |
| Web Crypto API | Cryptographically-secure random number generation1 Digest (SHA family) Sign and verify (HMAC with SHA family) Encrypt and decrypt (AES-GCM, AES-CBC) Key derivation (PBKDF2) Raw key import/export for all of the above algorithms |
Some APIs are only available inside a request context. A request
context is active during a "fetch" event callback, and, if you pass a Response promise to
FetchEvent.respondWith(), any asynchronous tasks which run before the Response promise has
settled. Any attempt to use such APIs during script startup will throw an exception.
For example:
const promise = fetch("https://example.com/") // ERROR
addEventListener("fetch", event => {
event.respondWith(fetch("https://example.com/")) // OK
})This code snippet will throw during script startup, and the "fetch" event
listener will never be registered.