Metadata API
The edge functions on Edge Firewall have access to a set of metadata that can be manipulated to:
- Filter and manage access to your application.
- Apply specific logic in different scenarios.
This reference documentation describes the available metadata and their usage.
GeoIP
Section titled GeoIPThe GeoIP metadata provides information on the geographical location of the client based on IP data.
| Name | Description |
|---|---|
| geoip_asn | Autonomous system number |
| geoip_city | City code |
| geoip_city_continent_code | City continent code information |
| geoip_city_country_code | City country code |
| geoip_city_country_name | City country name |
| geoip_continent_code | Continent code |
| geoip_country_code | Country code |
| geoip_country_name | Country name |
| geoip_region | Region code |
| geoip_region_name | Region name |
Remote
Section titled RemoteThe Remote metadata provides details about the remote client’s IP address and TCP port.
| Name | Description |
|---|---|
| remote_addr | Remote (client) IP address |
| remote_port | Remote (client) TCP port |
| remote_user | User informed in the URL. Example: user in http://user@site.com/ |
Server
Section titled ServerThe Server metadata provides details about the protocol being used in the request.
| Name | Description |
|---|---|
| server_protocol | Protocol being used in the request. Example: HTTP/1.1 |
The TLS metadata provides details about TLS certificates.
| Name | Description |
|---|---|
| ssl_cipher | TLS cipher used |
| ssl_protocol | TLS protocol used |
Usage
Section titled UsageYou can access the metadata through event.request.metadata["remote_addr"], as in:
let ip = event.request.metadata["remote_addr"] // Accessing the remote addressImplementation
Section titled ImplementationIn the code sample below:
- The remote address is accessed.
- It’s verified if this address is in a network list.
- If it’s in the network list, the request is denied.
addEventListener("firewall", (event) => {
let ip = event.request.metadata["remote_addr"] // Accessing the remote address
try { let found = Azion.networkList.contains(String(networkListId), ip); // Checking if the ip is in the list if (found) { event.deny(); // If it's in the list, deny the request } } catch (err) { event.console.error(`Error: `, err.stack); } });