AWS Lambda@Edge changelog

4.10.1

Added Hard Block support, which lets you customize the Hard Block page that’s displayed to users when a request is blocked without a challenge. Hard Block customization options use the same configuration options as the regular Challenge page. Be sure to update the appropriate configuration options to customize the Hard Block page, not the block page template. The relevant configuration options are:
- px_custom_logo: Adds a custom logo to the Challenge and Hard Block pages. Maps to {{customLogo}} in the block page template.
- px_css_ref: Adds a custom CSS file to the Challenge and Hard Block pages. Maps to {{cssRef}} in the block page template.
- px_js_ref: Adds a custom JS file to the Challenge and Hard Block pages. Maps to {{jsRef}} in the block page template.
- px_first_party_enabled: A boolean flag to enable first party mode. Maps to {{firstPartyEnabled}} in the block page template.

Added compression for px-context header to avoid AWS CloudFront request size limits (20KB) for HumanActivities Lambda

Added is_sensitive_route field to risk api and async activities
Added request_id to telemetry activity details
Telemetry activity update_reason field updated to reflect the reason for telemetry activity:
- command - incoming telemetry request received
- risk - telemetry triggered via risk response field

Support for adding a data enrichment header (new px_data_enrichment_header_name configuration)
Added response custom parameters to supported features and supported it in the CI workflows
Added Documentation enforcement workflow - verify that the documentation is up to date with the latest changes in the codebase

Improvements to request RTT and Lambda execution time by sending async HTTP requests in subsequent Lambda invocations
Added support for interpreting regex-formatted strings (e.g., "/^/regex/path$/i") as regular expressions for the following configurations:
- px_sensitive_routes
- px_monitored_routes
- px_enforced_routes
- px_graphql_routes
- px_filter_by_route
- px_filter_by_user_agent
- px_graphql_keywords
- px_sensitive_graphql_operation_names
- px_login_credentials_extraction object fields path (when path_type is "regex") and login_successful_body_regex

Added px_token_version configuration to enable support for cookie v2 (cookie v3 is default)
Support for regular expressions in px_filter_by_user_agent
Extracting GraphQL operationName and variables even if the query field is not present
Fixed issue where telemetry would fail if px_cookie_secret was an array of cookie strings