๐ง Quick Start
Embed a basic OODA-HTTP header in your server-side logic:
// Example: Setting X-OODA-Action
X-OODA-Action: {
"score": 85,
"action": "challenge-captcha",
"reason": "suspicious-ip"
}โ๏ธ FastAPI Middleware Example (Python)
from fastapi import FastAPI, Request
from fastapi.responses import JSONResponse
import json
app = FastAPI()
@app.middleware("http")
async def ooda_middleware(request: Request, call_next):
threat_score = 85
action = "challenge-captcha"
response = await call_next(request)
response.headers["X-OODA-Action"] = json.dumps({
"score": threat_score,
"action": action
})
return response
๐ฉ Express.js Middleware Example (Node.js)
app.use((req, res, next) => {
const score = 72;
res.setHeader('X-OODA-Action', JSON.stringify({
score,
action: 'throttle-requests'
}));
next();
});๐ Reverse Proxy / CDN Logic
Use header injection and anomaly detection at the edge:
# NGINX example (pseudo)
add_header X-OODA-Action '{"score": 75, "action": "tag-risk"}';๐งช Dev Simulation Mode
During development, use a debug header to test various flows:
X-OODA-Debug: simulate-bot
X-OODA-Debug: simulate-fraud
X-OODA-Debug: simulate-scraperSimulated threats trigger custom logic to test server defenses.