Hook into web interface anonymization?

Is there a hook I could use to intercept web interface anonymization requests and replace them with my own anonymization script?

I’ve set up Orthanc to use a Lua script to anonymize our incoming studies using OnStableStudy. The Lua script uses the PostGres database to track anonymized PatientID/StudyInstancedUID combinations so we can give consistent anonymized ID in longitudinal studies.

For the moment, I allow users to log into the web interface as an easy way to browse images and manually confirm the link between anonymized and original data series.

However, users, being users, have sought the easiest route to anonymizing a study by clicking the anonymization button within the interface.

I’m not ready to design my own front end browser wrapped around Orthanc just yet and so wondered if I could intercept this behavior somehow and redirect it.

The IncomingHttpRequestFilter might be useful here, if the web interface is calling the Rest API and I knew what to look for that would distinguish a web-interface-based call from my own Lua script calls to the Rest API.

My first thought was to let the user erroneously generate wrong anonymizations. Then, I’d look for new studies generated using the typical Orthanc anonymization, determine their parent study and then invoke my own anonymization before finally deleting the incorrectly web invoked anonymized data. Of course, that’s a whole lot of anonymization and deleting of files just to stop the user from doing what I tell them not to do but which they do anyway.

Thanks for suggestions!

Curious, are you using the /anonymize function of the REST API, or just modifying the tags you want to anonymize? I can’t seem to get /anonymize to work in a Lua script to be triggered OnStoredInstance.

Everything is in Lua. I have a Lua script with an OnStableStudy hook that calls more of my Lua scripts which eventually call the Anonymize rest API in a way that’s particular to my requirements. I tend to anonymize at the study and sometimes series levels.

In either case, I usually prepare with a preliminary call to /modify (on the study or series) to get rid of and/or change some troublesome tags that interfere with how I call /anonymize. The /modify is then followed by a call to /anonymize.

In the /modify and /anonymize calls, I am making use of the json inputs to control the process.

So, for example, when modifying a study with an Orthanc study ID, aoLevelID, I might have something like:

loStudyModMeta = ParseJson(RestApiPost(‘/studies/’ … aoLevelID … ‘/modify’,
DumpJson(lModifyPostData,true), false))

where lModifyPostData is a Lua variable that refines the modify process:

local lModifyPostData = {}
lModifyPostData[‘Remove’] = lRemove
lModifyPostData[‘Force’] = true
lModifyPostData[‘DicomVersion’] = ‘2008’

and lRemove is my list of tags to remove during the modify process:

local lRemove = {‘0010-1000’,

My call to /anonymize is very similar, with modifications to the json parameters to control what tags are kept. Finally, I have some more followup calls to /modify in order to impose the longitudinal tracking that I mentioned in my original post.

Returning to this old question, I did in fact end up using the IncomingHttpRequestFilter to intercept unwanted incoming /anonymize requests so that I could force consistent anonymization with my own tailored calls to /anonymize. This works for both incoming HTTP requests as well as those generated by the Explorer interface (which, anyway, generate HTTP requests by way of javascript in the browser).

function IncomingHttpRequestFilter(method, uri, ip, username, httpHeaders)

local lAnonymize = string.find(uri, ‘/anonymize’)
if lAnonymize then
return false

return true


This helped, thanks John.