For AI agents: visit https://docs.datadome.co/llms.txt for an index of all pages formatted in Markdown and endpoints in OpenAPI.
- Platform Integrations: Server-side
- Envoy
Envoy Changelog
- Remove hard-coded status codes in favor of DataDome Protection API response headers, enabling seamless support for upcoming features
- Increase length limit from 128 to 512 characters for DataDome cookie to support upcoming features
- Extend URL normalization options for exclusion rule
- Add
USE_X_FORWARDED_HOST option to use the X-Forwarded-Host header value when enabled
- Improve URL path normalization
- Collect
Signature, Signature-Agent, and Signature-Input headers from requests to support HTTP message signatures as defined by RFC 9421
- Collect
Sec-Fetch-User headers from requests
- Add new options:
DATADOME_TENANT_NAME: identify instances in a multi-tenancy environment on EnvoyDATADOME_ENABLE_UNPROTECTED_CACHED_RESPONSE: omit Set-Cookie and enriched headers from allowed responses that can be cachedDATADOME_CLUSTER_NAME: define a name for the cluster that will connect to DataDome
- Expose status code of Protection API responses as
X-DataDome-status in enriched headers
- Add enriched headers to the headers of challenged requests
- Match inclusion and exclusion patterns with the host and path of request URLs (previously only matched the path)
- Fix condition to validate responses from Protection API
- Update request timestamp resolution to microseconds to improve the accuracy of latency measurements: only compatible with Envoy >= 1.23.0
- Add session by header feature
- Send
Connection: 'keep-alive' header to API
- Improve header management
- Remove unwanted headers from responses for blocked requests
- Send
Content-Type header value to API
- Add Fetch Metadata (
Sec-Fetch-* headers) in payload
- Add Client Hints (
Sec-CH-* headers) in payload
- Truncate fields in payload
- Update default static assets list
- Fix skipping requests when module has empty
URI_PATTERNS option
