For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Refactor old “gen.sh” script, new generate-data-group.sh script generates data-group with given parameters, can be used for generating multiple data-groups for different appIDs
Update the documentation
3.2.1 - 08/02/2026
Fixed
Added format validation for _pxvid cookie value before use in block page rendering
3.2.0 - 29/12/2025
Added
Full support for PXDE (Data Enrichment) feature
Added reserved_headers list to filter Authorization, Content-Type, and Content-Length headers from Risk API requests
Fixed
Separation between s2s_timeout and s2s_error in pass reason reporting
Malformed (including non-ASCII) cookies no longer cause errors in HSSR iRule and on backend response when sent on risk activities
3.1.3 - 15/05/2025
Added
Support for whitelisting based on URL query parameters
3.1.2 - 13/09/2024
Fixed
risk_mode/simulated_block are reported correctly when using bypass_monitor_header
3.1.1 - 09/10/2023
Fixed
Custom params sent on async activities
3.1.0 - 10/07/2023
Added
Generating request id
Support for Additional S2S for CI
Fixed
raw username is additional s2s.
3.0.0 - 10/03/2023
Added
Support for Account Defender
Support for Login Credentials Extraction
Support for Upstream Score Header
Support for domain/path based monitor mode
Fixed
is_json_response logic
2.4.0 - 06/04/2021
Added
Support for JavaScript sensor injection
2.3.0 - 07/05/2020
Added
Support for custom parameters
Support for PXHD cookie
Support for first party requests
2.2.0 - 16/03/2020
Added
Support for Advanced Blocking Response
Support for Custom Cookie Header
2.1.0 - 04/03/2019
Added
Added support for ip and CIDRs whitelist using whitelist_ips
Added Support for testing blocking flow in monitor mode
2.0.0 - 29/01/2019
Added
Added support for CaptchaV2
1.12.0 - 16/01/2019
Added
Added support for a module enabling header
1.11.0 - 15/11/2017
Added
Added support for allowed_domains
1.10.6 - 15/11/2017
Fixed
Sending all header values in right order to PerimeterX in risk, captcha and sync block
1.10.5 - 13/11/2017
Fixed
Revert how values are extracted by headers using values instead of last value
Custom function to extract IP
1.10.4 - 07/1/2017
Fixed
Sending VID/UUID on risk api
1.10.3 - 07/1/2017
Fixed
Getting correct values from headers using values instead of last value
1.10.2 - 04/09/2017
Fixed
Setting catpcha from relative to absolute
Added risk_mode to risk api
Sending missing activities for cookie block on monitor mode
By default module is set to monitor mode
1.10.1 - 04/09/2017
Added
Sending s2S_call_reason for mobile sdk pinning error
1.10.0 - 04/09/2017
Added
Support for funCaptcha
Better captcha handling in block page
1.9.1 - 28/08/2017
Fixed
Fixed the priority for sensitive route to be the last on cookie processing
Sending px_cookie on all risk apis if exists
1.9.0 - 24/08/2017
Added
Support for mobile SDK
1.8 - 07/08/2017
Supporting
Async activities (page_requested & block)
Multiple application
Async Monitor mode
Sending cookie hmac
Sending client_uuid on page_requested
Sending risk_rtt on page_requested
Added pass reason
Extracting action from risk calls
Dynamic block page rendering
Support javascript challenge
Improvements
Debug logs with per application
Responsive default block pages with new design
Fixed
Removing _pxCaptcha from browser
Sync Monitor mode now sends risk api
1.6
remove PII header using sensitive headers parameter
1.5
embed client_real_ip proc into the request handle - setup client ip once
1.4
real_ip header to control real request ip
post_activity to work with s2s endpoint
1.3
fix report endpoint to use risk api
send px_cookie when needed
update the readme with troubleshooting
1.2
remove dynamic code to to perform variable set on proc
updated px logo url for block page
updated all address to use https sapi endpoint
1.1
on expired cookie add decoded cookie on risk_api call
