Product guides

What's New

Suggest Edits

Version 7.3.1

Released 2024-07-17

Changed

  • Remove lua-resty-nettle version restriction

Fixed

  • Install PX package symlink in OpenResty Lua directory

Version 7.3.0

Released 2023-06-13

Added

  • CORS support
  • Set X-PX-COOKIES as the default custom cookie name
  • _M.px_login_creds_settings configuration, to allow specify CI settings in Lua configuration file

Changed

  • rename "px_graphql_paths" to "px_graphql_routes"

Fixed

  • correctly add GraphQL routes (requests must contain specified GraphQL Type/Name) to sensitive routes

Version 7.2.1

Released 2023-04-20

Added

  • custom_sensitive_routes a custom function to determine if url path is a sensitive route

Version 7.2.0

Released 2023-04-13

Added

  • custom_enabled_routes a custom function to determine if url path is an enabled route
  • px_graphql_paths to specify a list of GraphQL endpoints
  • support for JWT and pxcts

Changed

  • support for multiple GraphQL endpoints

Fixed

  • Add CI paths to the sensitive routes

Version 7.1.3

Released 2022-06-27

  • Fixed an issue where the HUMANDE value was not available on the HUMAN context.

Version 7.1.2

Released 2022-06-22

  • Fixed an issue where multiple instances of the same header weren't handled properly.
  • Fixed the field name in enforcer telemetry command.

Version 7.1.1

Released 2022-05-10

  • Call enrich_custom_parameters() only once for improved performance.

Version 7.1.0

Released 2022-04-20

  • Added Credentials Intelligence v2 hashing protocol as the default. The new protocol normalizes and hashes credentials according to a new algorithm that improves accuracy.
  • Added custom parameters to page_requested and block activities.
  • Changed the block page to use the new template.

Version 7.0.1

Released 2022-03-21

Version 7.0.0

Released 2022-03-17

  • Added support for GraphQL, including visibility into the operation name & type, configuring sensitive GraphQL operations to auto-trigger risk api calls, and support for XI on GraphQL endpoints
  • Added the ability to configure sensitive_routes
  • Added support for HUMAN Credential Intelligence offering

Version 6.8.0

Released 2021-07-25

  • Whitelist URI pattern support
  • Page requested activity now includes HTTP status code

Version 6.7.3

Released 2021-05-02

  • Issue with request body in login credentials extraction

Version 6.7.2

Released 2021-03-20

  • Support for form-urlencoded content type in login credentials extraction

Version 6.7.1

Released 2021-03-19

  • Support for multipart/form-data content type in login credentials extraction

Version 6.7.0

Released 2021-03-17

  • Added support for login credentials extraction

Version 6.6.2

Released 2020-10-16

  • Handle cookies as table in the extract_cookie_names function

Version 6.6.1

Released 2020-05-10

  • Bug fix in the extract_cookie_names function

Version 6.6.0

Released 2020-04-26

  • Added support for monitored routes.
  • Added support for secure flag for HUMANHD cookies.
  • Performance improvement fix in the extract_cookie_names function

Version 6.5.1

Released 2020-02-12

  • Better iterations value validation
  • Added the full url parameter in risk_api activities

Version 6.5.0

Released 2019-10-06

  • Support for testing blocking flow in monitor mode
  • Support for custom cookie header

Version 6.4.0

Released 2019-08-27

  • Refactoring of split string functions.

Version 6.3.4

Released 2019-08-25

  • Linting related errors

Version 6.3.3

Released 2019-08-05

  • Fix for the orig_cookie
  • Fix for the additional_activity_handler as part of the send_page_requested settings

Version 6.3.2

Released 2019-07-14

  • Fix on the cookie variable

Version 6.3.1

Released 2019-06-23

  • Fix to accept header extraction for application/json.

Version 6.3.0

Released 2019-05-28

  • Support for redirect to the referer on challenge solve

Version 6.2.2

Released 2019-04-24

  • Fix on the payload

Version 6.2.1

Released 2019-04-23

  • Additional check for proxy for http scheme in first party
  • Fix on pxcookie/pxtoken

Version 6.2.0

Released 2019-04-22

  • Fix for proxy connection pool key for activities and telemetry
  • Added Enforcer telemetry by request

Version 6.1.1

Released 2019-04-16

  • Fix for Proxy connection pool and scheme handling

Version 6.1.0

Released 2019-04-07

  • Added advanced blocking response (ABR) enablement flag
  • Added proxy support

Version 6.0.4

Released 2019-01-15

  • Fixed for pxvid and _pxvid cookies
  • Fix regarding whitelist ip filtering

Version 6.0.3

Released 2019-01-09

  • Fixed s2s call reason of no_cookie_w_vid

Version 6.0.2

Released 2019-01-06

  • Fixed HUMANHD cookie path

Version 6.0.1

Released 2019-01-04

  • Fixed mobile detection for captcha script

Version 6.0.0

Released2019-01-02

  • Added HUMANHD handling
  • Added async custom params
  • Major token and cookie refactoring

Updated 12 days ago