CloudFront Node.js Changelog

DataDome CloudFront Node.js Module

2.3.0 (2026-06-02)

Improve the core logic of our DataDome integration to support future capabilities
Increase length limit from 128 to 512 characters for DataDome cookie to support upcoming features
Improve GraqhQL parsing

2.2.0 (2026-04-28)

Collect Sec-Fetch-Storage-Access header from requests
Remove statusDescription field from challenged responses to use default message based on the HTTP status code

2.1.0 (2026-04-13)

Collect custom fields UserID and ProductID

2.0.0 (2026-03-05)

Rename the datadome.js file to datadome.mjs
Change the paradigm of the source code from CommonJS to ES Module
Change the signature of the handler function from callback-based to async/await to be compatible with Node.js runtimes 24.x and newer
Change the download link of the module for https://s3.amazonaws.com/dd-lambda-edge/datadome-lambda-edge-v2-latest.zip until the deprecation of the v1 in April 2027.

1.26.0 (2026-01-21)

Increase length limit from 128 to 512 characters for DataDome cookie to support upcoming features
Handle 429 status code (Too Many Requests) responses from Protection API to support upcoming features

1.25.0 (2025-11-03)

Add Model Context Protocol (MCP) support
Collect Skyfire-Pay-ID header for AI bot monetization

1.24.0 (2025-10-21)

Add support for custom fields on payloads using static values and callback functions for dynamic values
Fix maxSockets configuration not being applied when using datadome.configure()
Fix request protocol collection to properly handle CloudFront viewer request events

1.23.1 (2025-09-02)

Exclude empty fields from payloads sent to the Bot Protect API

1.23.0 (2025-08-13)

Collect Signature, Signature-Agent, and Signature-Input headers from requests to support HTTP message signatures as defined by RFC 9421

1.22.0 (2025-05-12)

Add DATADOME_USE_X_FORWARDED_HOST setting to support host override via X-Forwarded-Host header

1.21.0 (2024-10-24)

Enhance security

1.20.1 (2024-03-06)

Log a warning for event types that are not viewer-request

1.20.0 (2024-02-26)

Improve header management
Collect Client Hints and Fetch Metadata headers
Append current Lambda@Edge runtime to collected module name

1.19.0 (2024-01-08)

Add GraphQL support
Collect content-type header
Collect AWS server region

1.18.0 (2023-11-10)

Enable external configuration of the module using the configure function

1.17 (2022-11-14)

Update payload field name to XForwardedForIp

1.16 (2022-10-26)

Add exclusion for .map file type

1.15 (2021-12-30)

Add X-Real-IP header

1.14 (2021-10-08)

Suppress warnings when event listener count safely exceeds the default limit
Remove call stack logging when the connection is simply closed by the API

1.13 (2021-09-22)

Add new SAM template using nodejs14 (support for nodejs10 ended)
Fix response handler not exiting immediately
Fix null value for cookies length
Suppress noisy timeouts by using callbackWaitsForEmptyEventLoop

1.12 (2020-08-28)

Add cookie-by-header feature

1.11 (2020-08-12)

Add bot info logging

1.10 (2020-07-09)

Fix query parameter support

1.9 (2020-06-05)

Improve network call performance with recent Node versions

1.8 (2019-08-22)

Improve Keep-Alive performance
Fix performance regression introduced in version 1.7 for some use cases

1.7 (2019-07-25)

Add support for Keep-Alive connections between the function and the API server

1.6 (2019-05-16)

Add support for Node.js 6.8 and 10.x

1.5 (2019-01-25)

Override all headers except for Set-Cookie

1.4 (2018-12-24)

Preserve original backend headers if a header may have multiple values

1.3 (2018-03-22)

Skip sending payload parameters with null values in request data

1.2 (2018-03-22)

Fix HTTP client configuration to prevent unexpected timeouts

1.1.1 (2018-01-12)

Improve request time computation

1.1 (2018-01-05)

Force body consumption in all cases to work around JS HTTP client timeout behavior

1.0.1 (2017-12-27)

Improve regex to exclude static assets
Improve cookie header support

1.0 (2017-09-21)

Initial release