What's New
Version 21.4.1
Released 2023-12-23
Added
Updated deprecated methods
Version 21.4.0
Released 2023-08-14
Added
__ controllers allowlisting (prevents attackers using __Analytics for POST requests
Version 21.3.0
Released 2022-06-07
Added
- Custom cookie header with the
x-px-cookiesdefault value - Sending
pxvidon async activities also when it was extracted from cookie
Version 21.2.1
Released 2022-04-13
Fixed
- Fixed bug in bypass monitor header
Version 21.2.0
Released 2022-04-13
Fixed
- Linter issues
- Wrong risk mode sent on risk api
Added
- Sending email and user creation date on activities (for account defender)
Version 21.1.1
Released 2022-02-02
Fixed
- Metadata schema was updated to include PX_loggerSeverity
Version 21.1.0
Released 2022-01-03
Added
- Support for credentials intelligence
v2andmultistep_ssoprotocols - Support for login credentials which are sent through
body(when the content-type is JSON or form-urlencoded),headerandquery-param - Support for manual sending of
additional_s2sactivity - Support for sending raw username on
additional_s2sactivity - New
request_idfield to all enforcer activities
Changed
- Update the default request timeout value of async and risk activities to 1 second
Version 21.0.0
Released 2022-11-28
Changed
- Async activities fields align with the spec
- Changed the debug mode field configuration name to
px_logger_severityand its possible values according to the spec - Changed the px_module_mode possible values according to the spec
Fixed
- Send the full url with the risk api activity url field which is included query params if any
Added
- Added implementation for handling s2s_error and s2s_timeout
- Support for monitored routes feature
- Support for enforced routes feature
- Added 'app_user_id' field on risk api and async activities calls
Version 20.3.1
Released 2020-12-23
Fixed
- Mobile token handling for OCAPI
Version 20.3.0
Released 2020-12-23
Fixed
- Mobile token handling
- Mobile response handling
Version 20.2.0
Released 2020-11-18
Added
- OCAPI support
- PBKDF2 key hashing
Fixed
- Bypass monitor header reporting
- Debug flag
Version 20.1.0
Released 2020-02-03
Added
- Send telemetry on demand by header
- Support for testing blocking flow in monitor mode
- Full first-party support
- onRequest integration
- Support for properties in ISML templates
Fixed
- Removed getWriter() and replaced it with templates.
Version 19.1.0
Released 2018-12-25
Added
- Enrich Custom Parameters support for async activities
- Support for PXHD cookies
- First-Party fallback for block templates
- Support Cookie names extraction
Version 18.4.0
Released 2018-09-26
Added
- Whitelist by ip/cidr support
- Custom block page support
Fixed
- Better handling of Services Framework errors
- Better handling of query params for Captcha service calls
- Missing px_cookie on risk_api calls
Version 18.3.0
Released 2018-06-22
Added
- Refactor of services framework usage to support multi app ids
- Support for Advanced Blocking Response
- SFRA support
Fixed
- Documentation refresh
Version 18.2.1
Released 2018-05-01
Added
- Refactor of services framework usage to support multi app ids
- Support for Advanced Blocking Response
- SFRA support
- Captcha v2 support
Fixed
- Documentation refresh
Version 18.2.1
Released 2018-05-01
Added
- Ratelimit support
- First party support
- Enrich Custom Parameters support
Fixed
- Corrected monitor mode block reporting
Version 18.1.1
Released 2018-02-12
Fixed
- Numerous bug fixes
Changed
- Updated README to include js sensor section
Version 18.1.0
Released 2018-01-22
Changed
- New version number scheme
Version 1.1.1
Released 2017-12-17
Changed
- Updated services framework implementation to use LocalServiceRegistry.
Version 1.1.0
Released 2017-12-05
Added
- Enhanced module logs
Changed
- Various performance enhancments.
Updated 12 days ago