Changelog

Version 1.4.0

Support for enforcer_function_app_host and kind parameters in the Enforcer CLI for the HUMAN Security Azure Enforcer.
CI tool enhancements to generate Azure Function App configurations based on the selected function app kind

Configuration for adding the Secure flag to PXHD cookie.
GraphQL query keyword GraphQL query keyword extraction via string/regex (px_graphql_keywords) and custom function (px_extract_graphql_keywords)
Support for interpreting regex-formatted strings in various configurations.
Added support for Response custom parameters 11-20 for async activities.
Support for px_async_timeout configuration which applies to async activities, telemetry, remote logger, and remote configuration
Added cookie secret rotation support
Added a CLI for generating Azure Front Door resources for the HUMAN Security Azure Enforcer.
Build files for ESM, CJS, and declarations.

Updated JS Core to v0.30.1
Using raw URL instead of parsed URL in block page captcha script query parameter
converted fields: login_successful_reporting_method, sent_through of CredentialEndpointConfiguration to optional.
Aligned the telemetry activity structure to spec
Updated the captcha template

Bug fixes related to GraphQL operation name extraction and telemetry regex handling.
Fixed issue where unvalidated _pxvid value was added to the captcha page

Fixed Set-Cookie response header flattening issue, using built-in Cookie type

Normalized URL parsing
Fixed a minor bug where block pages would add “/captcha.js” when custom first party captcha endpoint was configured
Fixed occasional 502 errors on first party sensor requests due to transfer-encoding: chunked header

Added CORS support
Added custom first party endpoints support
Added Credential Intelligence, including support for:
- Credential path matching via exact route or regular expression
- Extracting credentials from body, header, query-param, or via custom callback
- Single-step (v2) and multistep (multistep_sso) hashing protocols
- Reporting on login successful via status code, body regex, header, or via custom callback
- Sending additional S2S activity automatically, via API function call, or transfer via request headers
- Sending the raw username on the additional S2S activity if configured
Added Account Defender, including support for:
- Reporting of the cross tab session cookie
- Extracting user ID and additional fields from cookie- or header-based JWT
Changed where the Enforcer context is saved from the Enforcer to the Azure execution context
- Allows for initializing the Enforcer outside the HTTP trigger function
- Requires API changes in postEnforce function, which must now receive the Azure context as a parameter

Added support for GraphQL including:
- Customized GraphQL routes
- Multiple GraphQL operations
- Sensitive GraphQL operations by name or type
Added support for batched activities
Changed API for Enforcer enforce() and postEnforce() return values to align with JS Core v0.5.0
Changed API for creating default HTTP trigger (providing ConfigurationParams rather than Enforcer instance)
Moved rollup.config.js file to example folder