NGINX Offers New JavaScript Virtual Machine

Wednesday, October 7, 2015

NGINX has announced the preview release of nginScript, a new JavaScript Virtual Machine (VM) that combines JavaScript with the NGINX web server platform to offer scripting capabilities to enable dynamic application delivery.

The release of nginScript gives developers a new way to use the NGINX platform to help craft the user experience and shaping the interactions between inbound requests and the response delivered, using JavaScript and the ability to respond in real-time.

nginScript consists of two parts:

1) A custom virtual machine (VM) and byte-code compiler with a fast start-up and tear-down time. Blocking operations, such as an HTTP subrequest, can be suspended and resumed, in the same way as other blocking operations in JavaScript.

2) A configuration syntax for embedding snippets of JavaScript in an NGINX configuration. These snippets are evaluated at runtime, as HTTP transactions proceed. Developers can create conditional configurations, modify requests and responses on the fly, and adjust the internal operations of NGINX specifically for each request.

The advanced scripting capabilities offered from nginScript can provide developers with greater control over the response between inbound user requests to web applications and the response sent back. This creates a new layer of control for developers that, when fully released in production, will enable:

- Rapid response to issues in applications: Fix bugs, close off vulnerabilities, or address changes in business rules. With nginScript, developers will be able to inspect all aspects of a request and response, and modify data or block transactions. This include the ability to control authentication, and rate-limit and queue requests to enforce business policies.

- Consolidate functions across applications: Streamline applications and microservices by moving repeated functionality out of applications, such as authentication and security policies, and into the NGINX-powered delivery platform.

- Modify or personalize the user experience: Developers will be able to use nginScript to respond to specific inbound requests and data points to implement A/B testing, to prioritize more valuable visitors, to enable sophisticated caching, and even to implement content personalization.

- Richer control over traffic: JavaScript’s expressive language provides no limit to the potential sophistication of nginScript rules.

- Defend against denial-of-service or request overruns: Monitor request volumes across a cluster using a shared database, and dynamically respond to abusive users by rate-limiting or denying requests.