Socket
Socket
Sign inDemoInstall

@netacea/cloudfront

Package Overview
Dependencies
6
Maintainers
1
Versions
164
Alerts
File Explorer

Advanced tools

npm Scripts

Install Socket

Detect and block malicious and high-risk dependencies

Install

    @netacea/cloudfront

Netacea Cloudfront CDN integration

Version published
Maintainers
1
Created

Readme

Source

Netacea CloudFront

Netacea Header

npm   TypeScript

@netacea/cloudfront is a package designed to add Netacea functionality to CloudFront Lambda@Edge.

Installation

🌻 Starting fresh

Quickest way to get started, is pulling the Netacea CloudFront template repository from github and following the steps in there to get up and running.

git clone https://github.com/Netacea/cloudfront-worker-template-typescript.git

Follow the README.md in the cloudfront-worker-template-typescript repository to get this deployed.

✍ Existing Lambda@Edge worker

Run the following command to install the netacea worker

npm i @netacea/cloudfront --save

Require (javascript) or import (typescript) the worker

// JAVASCRIPT:
const NetaceaCloudFront = require('@netacea/cloudfront').default
// TYPESCRIPT:
import NetaceaCloudFront from '@netacea/cloudfront'

Then declare a variable for the worker.

const worker = new NetaceaCloudFront({
  apiKey: 'your-api-key', // REQUIRED
  secretKey: 'your-secret-key', // REQUIRED IF MITIGATING
  kinesisStreamName: 'your-kinesis-stream-name', // REQUIRED
  kinesisAccessKey: 'your-kinesis-access-key', // REQUIRED
  kinesisSecretKey: 'your-kinesis-secret-key' // REQUIRED if not using secretsManager
})

It's best security practice to not commit your apiKey, secretKey, kinesisAccessKey, kinesisSecretKey to any repository.

The code will run in the Viewer Request, Origin Response and Viewer Response events.

Example Viewer Request:

import NetaceaCloudFront from '@netacea/cloudfront'
const worker = new NetaceaCloudFront({
  apiKey: 'your-api-key', // REQUIRED
  secretKey: 'your-secret-key', // REQUIRED IF MITIGATING
  kinesisStreamName: 'your-kinesis-stream-name', // REQUIRED
  kinesisAccessKey: 'your-kinesis-access-key', // REQUIRED
  kinesisSecretKey: 'your-kinesis-secret-key' // REQUIRED if not using secretsManager
})

export const handler = async (event: any, context: any, callback: any): Promise<any> => {
  context.callbackWaitsForEmptyEventLoop = false
  const netaceaResponse = await worker.run(event)
  const { request, response } = netaceaResponse.Records[0].cf
  if (response !== undefined) {
    return callback(null, response)
  }
  return callback(null, request)
}

Example Origin Response:

import NetaceaCloudFront from '@netacea/cloudfront'
const worker = new NetaceaCloudFront({
  apiKey: 'your-api-key', // REQUIRED
  secretKey: 'your-secret-key', // REQUIRED IF MITIGATING
  kinesisStreamName: 'your-kinesis-stream-name', // REQUIRED
  kinesisAccessKey: 'your-kinesis-access-key', // REQUIRED
  kinesisSecretKey: 'your-kinesis-secret-key' // REQUIRED if not using secretsManager
})

export const handler = async (event: any, context: any, callback: any): Promise<void> => {
  context.callbackWaitsForEmptyEventLoop = false
  if (event.Records[0].cf.response.status >= 400) {
    worker.addNetaceaCookiesToResponse(event)
    worker.ingest(event)
  }
  return callback(null, event.Records[0].cf.response)
}

Example Viewer Response:

import NetaceaCloudFront from '@netacea/cloudfront'
const worker = new NetaceaCloudFront({
  apiKey: 'your-api-key', // REQUIRED
  secretKey: 'your-secret-key', // REQUIRED IF MITIGATING
  kinesisStreamName: 'your-kinesis-stream-name', // REQUIRED
  kinesisAccessKey: 'your-kinesis-access-key', // REQUIRED
  kinesisSecretKey: 'your-kinesis-secret-key' // REQUIRED if not using secretsManager
})

export const handler = async (event: any, context: any, callback: any): Promise<void> => {
  context.callbackWaitsForEmptyEventLoop = false
  if (event.Records[0].cf.response.status < 400) {
    worker.addNetaceaCookiesToResponse(event)
    worker.ingest(event)
  }
  return callback(null, event.Records[0].cf.response)
}

This line is very important for ingest to take place. Without this, latency will be added to some requests.

context.callbackWaitsForEmptyEventLoop = false

⬆ Updating

npm i @netacea/cloudfront@latest --save

This will update the netacea module to the latest version.

FAQs

Last updated on 30 Apr 2024

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

CISA Launches Vulnrichment Project as NVD Backlog Hits 10,000

Security News

CISA Launches Vulnrichment Project as NVD Backlog Hits 10,000

CISA launched a new project called Vulnrichment to enrich CVEs with details that help prioritize patching and mitigation efforts, as the NVD backlog of unenriched CVEs awaiting analysis surpasses 10,000.

By Sarah Gooding  -  May 09, 2024
Recent Trends in Malicious Packages Targeting Discord

Research

Recent Trends in Malicious Packages Targeting Discord

The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.

By Socket Research Team  -  May 07, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc