I have used a custom java script to fetch all the headers in the request and check them against some invalid patterns (similar to Regular Expression Protection Policy) . I didnot use the out of box Regular Expression Protection policy as we need to mention each header name separately and it doesn't support for any unknown header names .The custom JS thing works fine when I test it with few requests. However when I run the test with high volume of requests (30K requests ) I see that the custom javascript fails to execute with the error ```steps.javascript.ScriptExecutionFailed```. I am not sure if there is something I should do to scale the custom JS in Apigee. I would appreciate for any help here.
'use strict' try { var hpNamesString = context.getVariable('message.headers.names') + '' var hpNames = hpNamesString.substr(1, hpNamesString.length - 2).split(', ') var errorOccured = false var regexPattern = null var matchFound = null //print ('hpNames: ' + JSON.stringify(hpNames)) hpNames.forEach(function (name) { if (!errorOccured) { var count = context.getVariable('message.header.' + name + '.values.count') if (count == 1) { // there is just one instance of this named header parameter var headerValue = context.getVariable('message.header.' + name) for (key in properties) { regexPattern = new RegExp(properties[key], 'i') matchFound = headerValue.match(regexPattern) if (matchFound) { errorOccured = name break } } } } }) if (errorOccured) { context.setVariable('headerParamError', errorOccured) } } catch (e) { context.setVariable('headerParamError', "invalid regex") }
You may be aware: there is a time limit for each JS policy. It is configurable in the timeLimit attribute on the root level element.
By default I believe the timeLimit is 200ms. If your JS runs longer than the timeLimit, then Apigee will interrupt the JS, and the policy will fail with the error ScriptExecutionFailed.
Under light load, your JS may complete in 2ms, or 12ms or something small. But at higher load, while Apigee is processing many requests, there can be cpu and memory contention. This can cause the JS policy to be delayed, which can result in exceeding the timelimit. Which results in ScriptExecutionFailed.
Your workarounds are: