Code Examples
Content Security Policy
A Content Security Policy (CSP) is a security feature implemented in web browsers to protect websites and web applications from attacks such as cross-site scripting (XSS) and data injection. CSP controls and limits the source of various types of content loaded and executed on a web page, including scripts, stylesheets, and images. EdgeWorkers provides numerous performance benefits for CSPs, which need to complement the security measures on the application server-side.
JA3 Fingerprinting
Calculates JA3 Fingerprint using EdgeWorkers. TLS fingerprinting is a technique that associates a TLS library with parameters from a TLS ClientHello via a database of curated fingerprints to identify malware and vulnerable applications for better network visibility. The JA3 algorithm takes a collection of settings from the SSL “ClientHello” such as SSL/TLS version, accepted cipher suites, list of extensions, accepted elliptical curves/formats, and others. For compactness, the JA3 string is hashed with MD5. This EdgeWorker calculates JA3 Fingerprint to help customers deny requests from services with suspicious JA3 Fingerprints and credentials, without contacting origin servers even on cacheable contents.