1 of 20
2 of 20
3 of 20
4 of 20
5 of 20
6 of 20
7 of 20
8 of 20
9 of 20
10 of 20
11 of 20
12 of 20
13 of 20
14 of 20
15 of 20
16 of 20
17 of 20
18 of 20
19 of 20
20 of 20

doc

Edge Functions on Edge Firewall

  1. Edge Functions in JavaScript
  2. How Edge Functions work with Edge Firewall
  3. Possibilities
  4. Run Function

Edge Functions in JavaScript

Edge Functions are functions that run on the Azion Edge Computing Platform with low latency, bringing the operational power closer to the end user.

Edge Firewall supports edge functions. Through them you can write your own security source code in JavaScript and deploy it to run at the edge of the network.

With edge functions on Edge Firewall, you can:

  • Boost your protection.
  • Have more dynamism.
  • Apply the logic that your business requires.
  • Use APIs that provide request and response headers manipulation.

How Edge Functions work with Edge Firewall

Note: the edge functions in JavaScript on the Edge Firewall run in the request phase.

Process

  • The rules configured on the Edge Firewall Rules Engine for the function to run are triggered.
  • Azion Cells processes the function, returning an outcome.
  • Edge Firewall Rules Engine resumes the processing, based on the outcome, from the point the behavior was triggered.

Run Function

Take a look at How to create and configure an edge function on your Edge Firewall for more details on the process.

Note: all edge functions used on Edge Firewall must have a finishing outcome in it, such as: event.continue(), event.deny(), and event.drop().


Possibilities

Add Request Header

You can add new headers to the request that is sent to the origin.

  addEventListener("firewall", (event) => {
      event.addRequestHeader("X-Custom-Header-1", "1");
      event.addRequestHeader("X-Custom-Header-2", "2");
      event.continue();
  });

Add Response Header

You can add new headers to the response that is sent to users.

  addEventListener("firewall", (event) => {
      event.addResponseHeader("X-Custom-Header-3", "3");
      event.addResponseHeader("X-Custom-Header-4", "4");
      event.continue();
  });

Deny (403 Forbidden)

Through the event event.deny(), you can finish a request returning HTTP 403 Forbidden.

  addEventListener("firewall", (event) => {
      event.deny();
  });

Drop (Close Without Response)

Through the event event.drop() you are able to finish the request without returning an answer to the client.

  addEventListener("firewall", (event) => {
      event.drop();
  });

Respond with

Through the event event.respondWith() you can intercept requests, return custom responses, and modify the response headers or content.

    event.respondWith(new Response('{"my_custom_response": true}', {
        status: 599,
        headers: { "content-type": "application/json" }
    }));

Metadata

The Edge Functions on Edge Firewall have a set of metadata available for manipulation.

By using this metadata you’re able to filter and manage the access to your application and apply the specific logic in different scenarios, such as:

The GeoIP information

You can deny access to your application when the request comes from certain places.

Remote

You’re able to to check the IP address and the TCP port used.

Available metadata list

Name Description
geoip_asn GeoIP information
geoip_city GeoIP information
geoip_city_continent_code GeoIP information
geoip_city_country_code GeoIP information
geoip_city_country_name GeoIP information
geoip_continent_code GeoIP information
geoip_country_code GeoIP information
geoip_country_name GeoIP information
geoip_region GeoIP information
geoip_region_name GeoIP information
remote_addr Remote (client) IP address
remote_port Remote (client) TCP port
remote_user User informed in the URL. Example: user in http://user@site.com/
server_protocol Protocol being used in the request. Example: HTTP/1.1
ssl_cipher TLS/SSL cipher used
ssl_protocol TLS/SSL protocol used

Azion Samples repository

Check the Azion Samples repository on GitHub and analyze the code samples that can help you develop your own edge functions.



Didn’t find what you were looking for? Open a ticket.