Enforcer frameworksFastly Rust Compute@Edge

Fastly Rust Compute@Edge changelog

June 16, 2026

2.0.0

Added

  • [MCP Protection / Agentic Trust] verify MCP requests and extract JSON-RPC metadata (method, tool name, tool argument keys, session id); config px_agentic_trust_enabled, px_agentic_trust_mcp_endpoint_path
  • [Credentials Intelligence] login credential extraction with breached-credential detection and login-success reporting; config px_login_credentials_extraction_enabled, px_login_credentials_extraction, px_credentials_intelligence_version, px_compromised_credentials_header, px_additional_s2s_activity_*, px_login_successful_*, callbacks px_extract_credentials_fn / px_login_successful_fn
  • [User Identifiers] extract app user id and extra fields from a JWT in a cookie or header; config px_jwt_cookie_* and px_jwt_header_*
  • [_pxhd cookie] set the _pxhd risk cookie on responses; config px_secured_pxhd_enabled to add the Secure attribute
  • [Risk cookie hardening] configurable validation limits: px_user_agent_max_length, px_risk_cookie_max_length, px_risk_cookie_min_iterations, px_risk_cookie_max_iterations
  • [Remote configuration] KV Store backend (kv_store cargo feature) and runtime config updates via update_from_json (initial support, used by e2e testing)
  • [Hard block page] new block_page_hard_block.tmpl template and block/rate-limit template updates
  • [Cookie V2 / Mobile SDK] add V2 cookie validation and mobile SDK token (original-token) support; config px_token_version (V2/V3)
  • [E2E testing harness] new e2e_testing application for testing Enforcer code
  • [CI workflows] auto changelog update, example-compilation check, and cargo-tests workflows
  • [Test suites] new config and credentials-intelligence integration tests

Changed

  • [Split backends/hosts] separate Fastly backend per HUMAN service: human_sapi, human_collector, human_client, human_captcha
  • [Config] large pxconfig refactor: serde-based deserialization, typed PXConfigKey with sensitive/static/local classification, documented px_* fields
  • [Telemetry] improve support for Telemetry command
  • [Client IP extraction] improved real-client-IP resolution from trusted px_ip_headers
  • [Enforcer] enforcement-flow fixes and improvements
  • [Dependencies] add strum/strum_macros, bump regex/uuid, update project metadata
  • renamed px_filter_by_method to px_filter_by_http_method
  • public getters/fields renamed (whitelist_* -> filter_by_*)