Cloudflare (EN)
You can use Cloudflare Workers to serve your booking engine directly under your own custom domain (e.g., booking.yourhotel.com) while keeping your unique tenant IDs completely hidden from your visitors.
Cloudflare Workers offers a generous free tier of up to 100,000 requests per day, which is more than enough for most booking engines. All you need to set it up is a free Cloudflare account.
Proxying CASABLANCA Booking Engine through Cloudflare
Here is the step-by-step process for creating a transparent reverse proxy for your CASABLANCA Booking Engine.
Before you begin
Sign up for a free Cloudflare account if you don't have an account already, and add your domain to Cloudflare.
Ensure your domain's DNS is managed by Cloudflare (your domain should have the 🟠 "Proxied" orange cloud enabled).
Step 1. Create a worker
- In your Cloudflare account dashboard, click on Workers & Pages in the left-hand sidebar to access the Overview page.
- Click Create application, and then click Get started.
- Click Create Worker.
Step 2. Name your worker
- You can change the service name to give your worker a more meaningful name (for example:
booking-proxy). - Once you have chosen a name, click Deploy.
Don't worry about the code yet, we will edit it in the next step.
Your worker is now be deployed.
Step 3. Paste the proxy code
- In the next window, click Edit Code.
- Remove the default
Hello Worldcode that Cloudflare presents, and paste the code provided below instead. - Before saving, you must update two variables at the top of the script:
- tenantId – Replace this with your unique tenant ID provided by us (red marked).
- spaceName – Replace this with your specific space name (blue marked).
Klick to expand
export default {
async fetch(request) {
const url = new URL(request.url);
const targetDomain = "bookingengine.casablanca.at";
// --- UPDATE THESE VARIABLES ---
const tenantId = "<tenantId>";
const spaceName = "<spaceName>";
// ------------------------------
const hiddenPath = `/${tenantId}/${spaceName}`;
// 1. Rewrite incoming request path (Preserves Trailing Slashes safely)
const langRegex = /^\/([a-zA-Z]{2})(\/|$)(.*)$/;
const match = url.pathname.match(langRegex);
if (match && !url.pathname.includes(tenantId)) {
const lang = match[1];
const slash = match[2];
const rest = match[3];
url.pathname = `/${lang}${hiddenPath}${slash}${rest}`;
}
// 2. Change the hostname to the target provider
url.hostname = targetDomain;
// 3. Create a new request.
const proxyRequestInit = {
method: request.method,
headers: request.headers,
redirect: "manual"
};
// Only attach body if it's not a GET/HEAD request
if (request.method !== "GET" && request.method !== "HEAD") {
proxyRequestInit.body = request.body;
}
const proxyRequest = new Request(url.toString(), proxyRequestInit);
proxyRequest.headers.set("Host", targetDomain);
// Remove headers that might trigger CORS or security blocks
proxyRequest.headers.delete("Origin");
proxyRequest.headers.delete("Referer");
// 4. Fetch the response from the booking engine
let response = await fetch(proxyRequest);
response = new Response(response.body, response);
// Remove strict security headers so it renders on your domain
response.headers.delete("X-Frame-Options");
response.headers.delete("Content-Security-Policy");
// 5. Intercept Server Redirects to hide the long tenant URL
if ([301, 302, 303, 307, 308].includes(response.status) && response.headers.has("Location")) {
let location = response.headers.get("Location");
location = location.replace(`https://${targetDomain}`, `https://${new URL(request.url).hostname}`);
location = location.replace(hiddenPath, "");
response.headers.set("Location", location);
}
// 6. Scrub the HTML (Hides the tenant ID from the frontend source code)
const contentType = response.headers.get("Content-Type") || "";
if (contentType.includes("text/html")) {
let html = await response.text();
const domainRegex = new RegExp(`https://${targetDomain}`, 'g');
html = html.replace(domainRegex, `https://${new URL(request.url).hostname}`);
const pathRegex = new RegExp(hiddenPath, 'g');
html = html.replace(pathRegex, "");
return new Response(html, {
status: response.status,
statusText: response.statusText,
headers: response.headers
});
}
return response;
},
};
- Once you have added the code and updated your variables, click Deploy in the top right corner.
Step 4. Route your custom domain to the worker
Now that the proxy logic is running, you need to tell Cloudflare to trigger this Worker whenever someone visits your custom domain (e.g., booking.yourhotel.com).
- Go back to your main Cloudflare dashboard and click on your website domain.
- In the left-hand sidebar, click on Workers Routes (sometimes located under the Workers & Pages or Rules dropdown).
- Click Add Route.
- Define the following parameters:
- Route – Enter your custom domain with a wildcard at the end. For example:
booking.yourhotel.com/* - Worker – Select the
booking-proxyWorker you created in Step 2.
- Route – Enter your custom domain with a wildcard at the end. For example:
- Click Save.
Step 5. Ensure your DNS is configured
For Cloudflare to intercept traffic on your custom subdomain (e.g., booking), there must be a DNS record for it.
- Go to the DNS section of your Cloudflare dashboard.
- Ensure you have an A Record (or CNAME) for your chosen subdomain.
- Type – A
- Name – booking (or whatever subdomain you chose)
- IPv4 address – 192.0.2.1 (This is a dummy IP required to activate Cloudflare routing. The Worker will intercept the traffic before it ever hits this IP).
- Proxy status – 🟠 Proxied (This is strictly required!)
Step 6. Test your CASABLANCA Booking Engine
That’s it! You are now serving your booking engine through a proxy.
- Open your browser and navigate to your custom domain, appending the language code (e.g.,
https://booking.yourhotel.com/de/).
You should see your booking engine load seamlessly. The URL bar will remain clean, your tenant IDs will stay completely hidden, and query parameters (like ?numberOfRooms=1) will work flawlessly.