Product guides

What's New

Suggest Edits

Version 1.1.0

Released 2023-12-28

  • Added support for header-based logger feature
  • Added support for Hype Sale Challenge feature
  • Added support for url decode reserved characters feature
  • Added a configuration for secure PXHD
  • Added a configuration for first party timeout
  • Added base64-encoded URL to captcha script query parameters on block pages
  • Changed Bot Defender captcha page to client-side first party timeout
  • Aligned and added new fields to the risk API and async activities
  • Various bug fixes and more accurate TypeScript typings

Version 1.0.1

Released 2023-07-31

  • Normalized URL parsing
  • Fixed a minor bug where block pages would add "/captcha.js" when custom first party captcha endpoint was configured
  • Fixed occasional 502 errors on first party sensor requests due to transfer-encoding: chunked header

Version 1.0.0

Released 2023-06-29

  • Added CORS support
  • Added custom first party endpoints support
  • Added Credential Intelligence, including support for:
    • Credential path matching via exact route or regular expression
    • Extracting credentials from body, header, query-param, or via custom callback
    • Single-step (v2) and multistep (multistep_sso) hashing protocols
    • Reporting on login successful via status code, body regex, header, or via custom callback
    • Sending additional S2S activity automatically, via API function call, or transfer via request headers
    • Sending the raw username on the additional S2S activity if configured
  • Added Account Defender, including support for:
    • Reporting of the cross tab session cookie
    • Extracting user ID and additional fields from cookie- or header-based JWT
  • Changed where the enforcer context is saved from the Enforcer to the Azure execution context
    • Allows for initializing the Enforcer outside the HTTP trigger function
    • Requires API changes in postEnforce function, which must now receive the Azure context as a parameter

Version 0.2.0

Released 2023-05-04

  • Added support for GraphQL including:
    • Customized GraphQL routes
    • Multiple GraphQL operations
    • Sensitive GraphQL operations by name or type
  • Added support for batched activities
  • Changed API for Enforcer enforce() and postEnforce() return values to align with JS Core v0.5.0
  • Changed API for creating default HTTP trigger (providing ConfigurationParams rather than Enforcer instance)
  • Moved rollup.config.js file to example folder

Version 0.1.2

Released 2023-02-24

  • Removed images from npm package

Version 0.1.1

Released 2023-02-23

  • Added repository information to package.json
  • Added example, images directories and host.json to npm package

Version 0.1.0

Released 2023-02-22

  • Initial version with support for a variety of basic and advanced features including:
    • Additional activity handler
    • Advanced blocking response
    • Block activity
    • Block page captcha
    • Block page rate limit
    • Bypass monitor header
    • Client IP extraction
    • Cookie v3
    • Custom cookie header
    • CSS ref
    • Custom logo
    • Custom parameters
    • Filter by extension
    • Filter by IP
    • Filter by HTTP method
    • Filter by route
    • Filter by user agent
    • First party
    • JS ref
    • Logger
    • Mobile support
    • Module enable
    • Module mode
    • Monitored routes
    • Page requested activity
    • PXDE
    • PXHD
    • Risk API
    • Sensitive headers
    • Sensitive routes
    • Telemetry command
    • VID extraction

Updated 12 days ago