API

Updated on 24 Oct 2023

Print
Share
Dark
Light

Article Summary

Share feedback

Thanks for sharing your feedback!

createEnforcedRequestHandler

A function that creates a default request handler with built-in HUMAN enforcement. Useful if there is little request/response manipulation in your Fastly JS service.

createEnforcedRequestHandler(
    config: HumanSecurityConfiguration,
    onPass: (event: FetchEvent) => Response | Promise<Response>,
    onResponse?: (response: Response) => Response | Promise<Response>,
) => ((event: FetchEvent) => Promise<Response>)

Parameters
- config: HumanSecurityConfiguration
- onPass: (event: FetchEvent) => Response | Promise<Response>
- onResponse?: (response: Response) => Response | Promise<Response>
Returns a handler function that accepts a FetchEvent and returns a Promise resolving to a Response.

Sample usage:

// index.ts
import { HumanSecurityConfiguration, createEnforcedRequestHandler } from "perimeterx-fastly-js-edge";

// define HUMAN configuration
const configs: HumanSecurityConfiguration = {
    px_app_id: '<APP_ID>',
    px_cookie_secret: '<COOKIE_SECRET>',
    px_auth_token: '<AUTH_TOKEN>',
};

// define what to do when requests pass HUMAN enforcement
const onPass = (event: FetchEvent): Promise<Response> => {
    console.log('handling HUMAN-validated request')
    return fetch(event.request, { backend: 'origin' })
};

// define what to do for block responses (optional)
const onResponse = (response: Response): Response => {
    console.log('handling response from HUMAN enforcer');
    return response;
};

// create request handler
const handleRequest = createEnforcedRequestHandler(configs, onPass, onResponse);

// invoke request handler on incoming fetch events
addEventListener("fetch", (event) => event.respondWith(handleRequest(event)));

HumanSecurityEnforcer

The entity responsible for performing HUMAN enforcement.

HumanSecurityEnforcer.initialize()

A static function that creates a new instance of the HumanSecurityEnforcer class from a HumanSecurityConfiguration object.

HumanSecurityEnforcer.initialize(params: HumanSecurityConfiguration) => Promise<HumanSecurityEnforcer>

Parameters
- params: HumanSecurityConfiguration
Returns a Promise resolving to a new instance of the HumanSecurityEnforcer class

enforce()

Executes the enforcement functionality, returning a request or response depending on which action should be taken by the worker.

enforce(event: FetchEvent) => Promise<Response | null>

Parameters
- event: FetchEvent
Returns a Promise resolving to a Response or null

The function returns null when...

The request should not be blocked.
The request should be blocked, but the enforcer has been configured to let these requests pass.

Note: The function may add headers to the original Request object present on the incoming FetchEvent.

The function returns a Response when...

The request should be blocked, and the response is a block page generated by the enforcer.
The request was a first-party request, and the response is the first-party resource requested.

Note: Modifications can be made to this response as needed prior to returning it from the main function.

postEnforce()

Performs any post-enforcement processing actions and final modifications to (i.e., setting cookies or headers on) the response if needed.

postEnforce(response: Response) => Promise<void>

Parameters
- response: Response
Returns a Promise resolving to void.

Was this article helpful?

What's Next

Configuration

Table of contents

createEnforcedRequestHandler
HumanSecurityEnforcer