Product guides

What's New

Suggest Edits

Version 1.1.0

Released 2024-01-04

  • Added support for Hype Sale Challenge product
  • Added support for URL decode reserved characters feature
  • Added configuration for first party timeout
  • Added configuration for adding the Secure flag to PXHD cookie
  • Added configurations for custom functions to determine filtered, enforced, monitored, and sensitive requests
  • Added base64-encoded URL to captcha script query parameters on block pages
  • Added risk_start_time and enforcer_start_time fields to enforcer activities
  • Changed Bot Defender captcha page to include client-side first party timeout
  • Fixed a bug where an empty, validated cookie v3 resulted in a pass
  • Fixed inaccurate types for px_filter_by_route, px_monitored_routes, px_enforced_routes, px_sensitive_routes, px_graphql_routes configs and changed them to be Array<string | RegExp>
  • Fixed first party XHR validation issue

Version 1.0.0

Released 2023-07-02

  • Added CORS support
  • Added custom first party endpoints support
  • Added Credential Intelligence, including support for:
    • Credential path matching via exact route or regular expression
    • Extracting credentials from body, header, query-param, or via custom callback
    • Single-step (v2) and multistep (multistep_sso) hashing protocols
    • Reporting on login successful via status code, body regex, header, or via custom callback
    • Sending additional S2S activity automatically, via API function call, or transfer via request headers
    • Sending the raw username on the additional S2S activity if configured
  • Added Account Defender, including support for:
    • Reporting of the cross tab session cookie
    • Extracting user ID and additional fields from cookie- or header-based JWT
  • Changed postEnforce function signature to have only Response parameter

Version 0.1.0

Released 2023-05-03

  • Initial version with support for basic and advanced features including:
    • additional activity handler
    • advanced blocking response
    • block activity
    • block page captcha
    • block page rate limit
    • bypass monitor header
    • client ip extraction
    • cookie v3
    • css ref
    • custom cookie header
    • custom logo
    • custom parameters
    • enforced routes
    • filter by extension
    • filter by http method
    • filter by ip
    • filter by route
    • filter by user agent
    • first party
    • graphql support
    • js ref
    • logger
    • mobile support
    • module enable
    • module mode
    • monitored routes
    • page requested activity
    • pxde
    • pxhd
    • risk api
    • sensitive headers
    • sensitive routes
    • telemetry command
    • vid extraction

Updated 12 days ago