Custom javascript fails to run with high volume of requests

I have used a custom java script to fetch all the headers in the request and check them against some invalid patterns (similar to Regular Expression Protection Policy) . I didnot use the out of box Regular Expression Protection policy as we need to mention each header name separately and it doesn't support for any unknown header names .The custom JS thing works fine when I test it with few requests. However when I run the test with high volume of requests (30K requests ) I see that the custom javascript fails to execute with the error ```steps.javascript.ScriptExecutionFailed```. I am not sure if there is something I should do to scale the custom JS in Apigee. I would appreciate for any help here.

0 2 244
2 REPLIES 2


'use strict'

try {

    var hpNamesString = context.getVariable('message.headers.names') + ''
    var hpNames = hpNamesString.substr(1, hpNamesString.length - 2).split(', ')
    var errorOccured = false
    var regexPattern = null
    var matchFound = null
    //print ('hpNames: ' + JSON.stringify(hpNames))
    hpNames.forEach(function (name) {
        if (!errorOccured) {
            var count = context.getVariable('message.header.' + name + '.values.count')
            if (count == 1) {
                // there is just one instance of this named header parameter
                var headerValue = context.getVariable('message.header.' + name)                
                for (key in properties) {
                    regexPattern = new RegExp(properties[key], 'i')
                    matchFound = headerValue.match(regexPattern)
                    if (matchFound) {
                        errorOccured = name
                        break
                    }
                }
            }
            
        }
    })

    if (errorOccured) {
        context.setVariable('headerParamError', errorOccured)
    }
}
catch (e) {
    context.setVariable('headerParamError', "invalid regex")
}




You may be aware: there is a time limit for each JS policy. It is configurable in the timeLimit attribute on the root level element.

By default I believe the timeLimit is 200ms. If your JS runs longer than the timeLimit, then Apigee will interrupt the JS, and the policy will fail with the error ScriptExecutionFailed.

Under light load, your JS may complete in 2ms, or 12ms or something small. But at higher load, while Apigee is processing many requests, there can be cpu and memory contention. This can cause the JS policy to be delayed, which can result in exceeding the timelimit. Which results in ScriptExecutionFailed.

Your workarounds are:

  • don't run so many requests; throttle the inbound requests.
  • raise the timeLimit for the JS policy
  • modify the checking so that it is more efficient. Perhaps using a Java policy, which caches the compiled regex. Java Pattern objects are immutable and threadsafe.