JavaScript request filter - HTTP

The JavaScript request filter is the most flexible of all HTTP request filters. It can potentially be called for any request, and can modify traffic in any way it sees fit.


URL pattern

Optional. Specifies for which URL(s) the filter should be executed. This does not include the protocol, host and port number. If specified, it can be either:

  • a URL as a string for which this filter should get executed. For instance: /rest/state

  • a regular expression (starting with regex: ) that matches the URL. For instance: regex:/rest/state/[0-9]+


Optional. If specified, the HTTP method (e.g. GET, POST, PUT, etc...) for which this filter should get executed. If not specified, all methods will match.

Client IPs

Optional. If specified, a comma-separated (or line break separated) list of IP4 or IP6 addresses or regular expressions for IP addresses. If specified, only requests from matching IP addresses will cause the execution of the filter. For example:

  •,, regex:88\.48\.23\.\d{1,3}

  • 0:0:0:0:0:0:0:1, regex:2600:1700:6270:6aa0:51:92ca:\d+:\d+

Header patterns

Optional. If specified, a newline-separated list of header specifications which must match the request's headers. The name of the header is a simple string, followed by a colon, and a regular expression for the header value. For instance:

Content-type: ((application/json)|(text/json))

If more than one pattern is specified (separated by line breaks), then the filter will be executed if at least one of the patterns matches at least one of the headers.

Content pattern

A regular expression that must match the body of the request. This is only valid for request methods that can contain a body (normally POST, PUT, and PATCH), and in which the body is text. If the request's body is not text, this parameter should not be set.

For example, if the body of a request contains the following:


<name>Jane Hernandez</name>


then either of the following regular expressions would match:


.*Jane Her[a-z]+.*


This filter does not define any variables besides the usual ones.


Modify a request URL

This request will be forwarded to the specified URL, rather than to the server specified in the connection settings.

context.request.destinationFullUrl = "";

Modify a text request

This assumes that the request has a payload, and therefore is a POST, PUT or PATCH, and that the payload is a string.

Replace all instances of one string with another:

let stmt = context.request.payloadString;

context.request.payloadString = stmt.replaceAll("Czech Republic", "Czechia");

Add or change a header

context.request.setHeader("Content-type", "acme/binary");

Remove a header

Setting a header's value to null removes the header.

context.request.setHeader("Host", null);

Check the origin of the request

if (context.request.protocol !== 'https') {

if ( ! /132\.9\.\d{1,3}\.\d{1,3}/.test(context.request.clientAddressString)) {

context.result.errorMessage = "You must use HTTPS from that IP address";