Cryptographically sign web pages to change what URL web browsers show.


Google AMP is a way of building websites which make them faster. When a user navigates to an AMP-supporting website from Google’s search results, the page loads almost instantly, but from the wrong URL. As an example, rather than seeing “”, the user would see “” in their address bar, potentially confusing them and damaging brands. To fix this, browsers now support a feature called Signed Exchanges which allow websites to be cryptographically signed by the URL which generated them. When a browser reads that signature it should correctly show the generating URL, not the URL of the service which happened to deliver the file.

Why Workers?

Our AMP Real URL feature uses Workers to implement this signing process. A Worker is executed on the page which looks for the telltale signs that the page is being loaded by Google’s AMP Crawler. If a request is, in fact, coming from the Crawler the Worker cryptographically hashes the content of the site, allowing it to be rendered at the correct URL. Thanks to the power of Workers this very complex cryptography is accessible to every website on Cloudflare at the flip of a switch.

Workers have made it possible for us to operate at massive scale with a very small engineering team. Since being built the AMP Real URL feature has very nearly scaled and managed itself, making it possible for our team to move on to other features and products. We presently do over two thousand signatures per second with almost no operational overhead!