Pre-function

Overview

The Pre-function policy allows users to execute custom scripts before a request is processed. This policy enables users to modify requests dynamically by adding, removing, or transforming request parameters, headers, and body content.

The Pre-function policy is commonly used for:

• Data Masking: Obscuring sensitive data such as personal identification numbers before they reach the backend.
• Query String Manipulation: Modifying or filtering query parameters dynamically.
• Token Validation: Implementing authentication and security logic.
• Routing Control: Modifying routing decisions based on request attributes.

Configuration Details

The Pre-function policy consists of a code editor where users write scripts. The interface includes the following components:

Code Editor

The editor is the primary area where users can write and modify custom Lua scripts for different execution phases of the API request lifecycle. There are four tabs available within the code editor:

• Access: Code entered here is executed during the access phase, allowing users to manipulate request-level logic such as authentication, headers, path rewrites, etc.
• Header Filter: Used for modifying response headers before they are sent back to the client.
• Body Filter: Enables manipulation of the response body, useful for transforming or masking response content.
• Log: Used to implement logging behaviors based on request or response data after the request has been processed.

Each tab contains a dedicated code editor and access to Snippets and Examples that help speed up development.

note

Code must be written and saved separately within each tab if multiple execution phases are to be utilized.

Snippets (Predefined Code Blocks)

The Snippets section provides predefined code blocks that users can insert into the editor. These help users quickly implement commonly used request modifications without needing to write code from scratch.

List of snippets:

Snippets	Description
JSON Parser	Loads and processes JSON-formatted request bodies.
Get Request Raw Body	Retrieves the entire request body before processing.
Set Service Request Raw Body	Modifies the request body before forwarding it to the backend.
Get Request Method	Retrieves the HTTP method (GET, POST, etc.).
Get Request Path	Obtains the full request path.
Get Request Header	Extracts values from specific request headers.
Set Request Header	Modifies or adds request headers dynamically.
Set Response Exit	Terminates a request and returns a custom response.
Set Service Host	Changes the destination server dynamically.
Set Service Request Scheme	Modifies the request scheme (http or https).
Set Service Request Path	Alters the request path before sending it to the backend.

Examples Section

This section contains predefined example scripts that showcase practical implementations of the Pre-function policy. These examples serve as templates for users to quickly implement common scenarios.

List of examples:

Examples	Description
Masking Data	Masks sensitive information in request payloads. Replaces Korean Resident Registration Number when it appears as a value in a query string with “SSN-DATA” and continue routing.
Query String Manipulation	Remove all query strings except for the "service" key and its corresponding value. Filters parameters based on backend routing conditions: - When the routing target backend address is A, all query parameters will be completely removed. - However, if the routing target backend address is B, only a specific set of query parameters will be permitted; any others will be discarded.
Token Validation	Implement custom validation for the "Authorization: bearer xxxxxxxx" token using regular expressions. AND, specific Method + Path combinations do not perform bearer token validation.
Routing	Allow the user to code so that they can continue routing or immediately handle failure based on the situation.

Users can modify scripts directly in the code editor or use predefined snippets. Clicking on an example opens a popup editor, allowing further customization.