HAProxy Changelog

HAProxy Lua Module

2.0.0 (2026-06-19)

Breaking changes

  • Move configuration to environment variables (DATADOME_SERVER_SIDE_KEY, DATADOME_TIMEOUT, DATADOME_ENDPOINT, DATADOME_ENABLE_REFERRER_RESTORATION)
  • Send challenge responses directly from the request hook, eliminating the failure_service Lua service and failure_backend HAProxy backend

Follow the migration guide from 1.x to 2.x

Other changes

  • Increase length limit from 128 to 512 characters for the DataDome cookie to support future capabilities
  • Sanitize request headers

1.3.0 (2026-04-28)

1.2.1 (2026-03-17)

  • Update configuration template file to match public documentation
  • Fix content-type header value for json challenges response

1.2.0 (2025-09-04)

  • Collect Signature, Signature-Agent, and Signature-Input headers from requests to support HTTP message signatures as defined by RFC 9421
  • Ensure consistent field ordering to prioritize Key, IP, and RequestModuleName in payload to Bot Protect API

1.1.0 (2025-01-08)

  • Add support for lua-socket to increase timestamp accuracy from seconds to milliseconds
  • Expose variables txn.dd.ptime and txn.dd.ttime for logging, respectively for processing time of the module and total time spent (processing + round trip with Protection API)
  • Update payload truncation to follow recommendations for the Protection API
  • Add restore_referrer option to restore Referer header on requests when the original value is replaced by the browser after a challenge
  • Fix function to retrieve cookie header
  • Fix field value for ServerName
  • Fix URL with query params in payload

1.0.1 (2024-01-12)

  • Fix payload truncation

1.0.0 (2023-02-02)

  • Initial version