Code examples in Go

These code examples have an implementation in Go. To learn more about using Go with our Compute platform, see using Go.

NOTE: Some of the code examples here are also available in languages other than Go. Being able to see how the same solution can be achieved in other languages is often useful for migrations or learning, so where a code example has multiple implementations, we show all implementations together.

SEO Response manipulation

Verify if a web crawler accessing your server really is Googlebot

An implementation of Google's recommended mechanism for verifying googlebot

Response manipulation

Add a new field to a JSON response

Decorate API responses in JSON format with new fields.

Geolocation Response manipulation Performance

Geo-IP API at the edge

Create an API endpoint for fetching GeoIP data for the requesting browser, implemented 100% at the edge. The response should show your current approximate location, but no requests to any origin servers.

Geolocation Request manipulation Developer experience

Tag requests with geolocation data

Add GeoIP data about the client browser as extra headers in any requests from Fastly to your origin.

Fetch Request manipulation Cache Personalization

Apply feature flags from an origin API

Park request, make a different request first, use the response to annotate the real origin request (or make decisions about how to route it).

Fetch Request manipulation Cache Security

Enforce a paywall using an origin API

Use a custom Paywall header to trigger preflight requests to authenticate every article view with a backend paywall service.

Fetch Request manipulation Cache Security

Detect leaked passwords

Detect requests that contain submitted passwords and use a service to determine whether the password has leaked before allowing the request to proceed to origin (data from haveibeenpwned).

Request manipulation Cache Developer experience

Add www. to apex hostname and subdomains

Detect requests that don't include a www. prefix, and redirect to the equivalent path on a hostname that starts with www., usually to make sure there's only one canonical location for your content.

Cache Performance

Override TTLs for path prefixes

Set TTLs at the edge based on looking up a path prefix in an edge dictionary.

Logging Observability

Capture and aggregate log data from client devices

Collect and aggregate log data submitted from browsers directly into S3 or another log store without having to handle the traffic at your origin.

Backends Performance

Use microservices to divide up a domain

Send request to different origin servers based on the URL path.

Response manipulation Errors Cache Resilience

Replace origin errors with 'safe' responses

Detect specified response statuses from backends and instead serve a precomposed error page or error content generated at the edge.

Response manipulation Performance

Answer CORS OPTIONS preflight requests at the edge

Browsers send OPTIONS requests before performing cross-origin POSTs. You can answer these requests directly from the edge.

Request manipulation Edge data Security

Apply HTTP basic auth to private endpoints

Store username/password list in an edge dictionary, authorize user at the edge, reject requests that don't have correct credentials.

Response manipulation Edge data SEO

Serve robots.txt from the edge

Serve full text of robots.txt as a synthetic response to avoid requests hitting your origin.

Backends Performance

Load balance randomly across multiple backends

Load balance requests randomly across multiple backends, dropping them automatically if they become unhealthy.

Backends Performance

Log the data you need for actionable insights

Emit logging data to your chosen log endpoint from any VCL stage, not just vcl_log.

Response manipulation Performance

Serve small binary assets direct from edge

Serve binary objects, such as images, directly from edge configuration.

Request manipulation Edge data Security

Create self-destructing URLs for time-limited access

Make URLs expire after a configurable period.

Response manipulation Security

Enable modern web security headers to all responses

Go from an F to an A grade on securityheaders.io by adding security policy headers to your responses at the edge.

Request manipulation Response manipulation Developer experience

Add, remove or change HTTP headers

Fastly can easily read and write HTTP headers at multiple stages of the request/response cycle.

Request manipulation Developer experience

Rewrite URL path

Receive a request for one path but request a different path from origin, without a redirect.

Request manipulation Cache Performance

Filter query string parameters

Add, remove, and sort querystring parameters.

Request manipulation

Change request method

Change PUT, DELETE, OPTIONS and others to POST, or vice versa, to help integrate incompatible client and server apps.

Response manipulation Developer experience

Client public IP API at the edge

Quickly fetch the user's public IP from an API endpoint on your own domain, with no origin.

Request manipulation Response manipulation Performance

Add or remove cookies

Read individual cookies, set new cookies in response.

Request manipulation Response manipulation Security

Filter cookies or other structured headers

Rewrite headers to keep only keys that you want to allow, similar to `querystring.filter_except` but for headers rather than querystrings.

Request manipulation Cache Performance

Remove trailing slashes to normalize URLs

Treat URLs with and without suffixed slashes as equivalent, or redirect URLs with slashes to the version without.

Cache Performance

Caching responses to POST requests

By default, Fastly does not cache responses to POST requests. But you can enable this if you wish.

Regular expression capturing patterns

Capture regex pattern groups to use in matching url segments and more.

Response manipulation Edge data Security

Ban bad IPs for a fixed period

Block a list of IP addresses from accessing your service and include an expiry time.

Request manipulation Cache Performance

Normalize requests to increase cache efficiency

Improve cache performance by normalizing requests. Filter and reorder query params, convert to lowercase, filter headers, and more.

Search and replace in strings

Use regular expression substitution functions to map paths, strip extraneous slashes, and more.

Request manipulation Response manipulation Edge data Security

AWS S3 bucket origin (private)

Use AWS authenticated requests (signature version 4) to protect communication between your Fastly service and AWS.

Logging Observability

Log request data to Google BigQuery

Build raw JSON strings matching your BigQuery table schema to send log data to BigQuery.

Base64 POST body

Access the body of a POST request in Base64-encoded form.

Random integers

Generate random whole numbers in a range.

Extract a substring from a string value

Isolate a portion of a string identified by a range of characters.

Request manipulation

POST to GET rewrite using a Base64-encoded querystring

To allow caching of POST requests, consider rewriting them as GET requests at the edge.

Cache Security

Set PCI flag to disable persistent cache storage

PCI-compliant caching requires caching only in volatile storage, which you can enable with beresp.pci in VCL.

Request manipulation Backends Resilience

Smoke test a new origin

Send a copy of your traffic to a test origin before returning a response from production.

Compute intersection of two lists

Useful for comparing capabilities with required permissions.

Response manipulation Security

Prevent hotlinking of product images by third party websites

Detect and reject requests from third party websites that attempt to embed your images on their pages.

Compression Response manipulation Developer experience

Decompress and read gzipped responses

When you need to work on API and text responses from backends that support gzip.

Response manipulation Performance

Prohibit browser caching

Ensure resources are not cached on the front end, while allowing caching within Fastly.

Response manipulation Developer experience

Clean backend responses

Remove headers added by backends that you don't want to emit to the browser, like amz- or goog- headers.

Fetch Response manipulation Developer experience

Follow redirects at the edge

Protect clients from redirects by chasing them internally at the edge, and then return the eventual non-redirect response.

Request manipulation Cache Performance

Remove querystring from static assets

Use the new Sec-Fetch-Dest header or URL patterns to identify assets that should not allow querystrings to be part of the cache key.

Response manipulation Edge data SEO

Set Google Analytics _ga cookie

Due to ITP 2.1 restrictions, cookies set in JavaScript may be limited to a 7-day TTL. Set your Google Analytics cookie on the edge to avoid this.

Request manipulation Backends Resilience

Auto retry a secondary backend

If primary backend fails, retry with a different backend without caching the failure or reducing cache efficiency.

Logging Observability

Anonymize client IPs for logging

Strip the last octet or compute a hash of client IP address for anonymization.

Logging Observability

Log the IP version (IPv4/IPv6)

Identify which type of IP address was used by the client connecting to your Fastly service.

Request manipulation

Base64 URL path segments

Unknown data in URL paths can result in invalid URLs, but base64url is designed to be URL-safe.

Request manipulation Edge data Security

Authenticate JSON Web Tokens at the edge

Decode the popular JWT format to verify user session tokens before forwarding trusted authentication data to your origin.

Response manipulation Edge data Performance

Redirect old URLs at the edge

Use a dictionary of URL mappings to serve your redirects at lightning speed.

Fetch Performance

Perform multiple origin requests asynchronously

Handle third-party requests as they are resolved.

Validate domain on query string

Check the query string if it contains a valid domain.

Security Regex Developer experience

Block bad user-agents

Check for known bad bots and crawlers and deny traffic.

Regex Developer experience

Rewrite url based on the subdomain

Check for a subdomain and rewrite the URL path.

Regex Developer experience

Deny access to certain file types

Check for specific URL extensions and deny access with a 403.

Regex Security Geolocation Developer experience

Block all traffic from certain countries

Check for a country code on an incoming request, and if it's present, deny access with a 403.

Cache Performance

Use surrogate key purges for purge-all and single URL purge

Surrogate key purges are fast and flexible and can be used in place of single URL purge and purge-all.

Performance

Use regionally distributed origin servers

If you have multiple hosting locations, Fastly can route traffic to the closest one.

Performance Cache

Pass all requests

Disable edge caching and skip the Fastly readthrough cache for every request, ensuring nothing is cached at the edge.

Developer experience

Read environment variables

Read values from Fastly-defined env vars in Compute programs.

Developer experience

Backends can be defined at runtime in compute applications to make requests to any host on the internet.

All code on this page is provided under both the BSD and MIT open source licenses.

User contributed notes

BETA

Do you see an error in this page? Do have an interesting use case, example or edge case people should know about? Share your knowledge and help people who are reading this page! (Comments are moderated; for support, please contact support@fastly.com)