Product guides

What's New

Suggest Edits

Version 8.2.1

Released 2024-09-23

  • Decode the request URL, send it on the enforcer activities URL field, and use it for all enforcer processing.

Version 8.2.0

Released 2024-09-05

  • Added px_token_version configuration to support both v2 and v3 (default is v3)
  • GraphQL query keyword extraction via string/regex (px_graphql_keywords) and custom function (px_extract_graphql_keywords)
  • Support for cookie secret rotation
  • Default value for px_bypass_monitor_header changed from an empty string to "x-px-block"
  • Configuration px_sensitive_graphql_operation_names expanded to include regular expressions and applies to extracted GraphQL keywords as well
  • Modify telemetry activity to include all types of config
  • Telemetry activity includes redacted sensitive configuration fields
  • Updated the captcha template
  • Using raw URL instead of parsed URL in block page captcha script query parameter
  • Converted fields login_successful_reporting_method, sent_through of CredentialEndpointConfiguration to optional
  • Fixed issue where unvalidated _pxvid value was added to the captcha page
  • Fixed issue where regular expressions occasionally failed on calls to test() due to global flag

Version 8.1.0

Released 2024-02-21

  • Added base64-encoded request HTTP method to captcha script query parameters on block pages
  • JSON parsing issue with generated package.json for CommonJS library build fixed
  • Issue with mix-ups in header-based logs fixed
  • Issue where block activities may contain http_status_code field fixed

Version 8.0.1

Released 2024-01-18

  • Issue with duplicate sending of batched activities fixed
  • Memory issue with header-based logger fixed

Version 8.0.0

Released 2023-01-10

  • Refactor to base on JS Core library
  • Maintains support for:
    • Additional activity handler
    • Advanced blocking response
    • Block activity
    • Block page captcha
    • Block page rate limit
    • Bypass monitor header
    • Client IP extraction
    • Cookie v3
    • CORS support
    • Credentials intelligence
    • CSS ref
    • Custom cookie header
    • Custom first-party endpoints
    • Custom logo
    • Custom parameters
    • Enforced routes
    • Filter by extension
    • Filter by HTTP method
    • Filter by IP
    • Filter by route
    • Filter by user agent
    • First party
    • GraphQL support
    • Header-based logger
    • Hype sale challenge
    • JS ref
    • Logger
    • Mobile support
    • Module enable
    • Module mode
    • Monitored routes
    • Page requested activity
    • PXDE
    • PXHD
    • Risk API
    • Sensitive headers
    • Sensitive routes
    • Telemetry command
    • URL decode reserved characters
    • User identifiers
    • VID extraction

Version 7.9.0

Released 2023-12-21

  • Support for header-based logger
  • Added risk_start_time and enforcer_start_time fields to enforcer activities
  • Added failOnEmptyBody flag for callServer to specify whether a request should fail if it has no body
  • Updated the configuration of PX first-party requests to include additional support

Version 7.8.0

Released 2023-05-16

  • Custom cookie header is processed in addition to (not instead of) default cookie header
  • Custom cookie header default value has been set to x-human-cookies
  • Added HUMANHD from risk response to the async activities

Version 7.7.1

Released 2023-03-28

  • Support for handling GraphQL requests with empty query field
  • Support custom "

Updated 12 days ago