For AI agents: a documentation index is available at the root level at /llms.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Version 1.1.0
- Added support for Hype Sale Challenge product
- Added support for URL decode reserved characters feature
- Added configuration for first party timeout
- Added configuration for adding the Secure flag to PXHD cookie
- Added configurations for custom functions to determine filtered, enforced, monitored, and sensitive requests
- Added base64-encoded URL to captcha script query parameters on block pages
- Added
risk_start_time and enforcer_start_time fields to enforcer activities
- Changed Bot Defender captcha page to include client-side first party timeout
- Fixed a bug where an empty, validated cookie v3 resulted in a pass
- Fixed inaccurate types for
px_filter_by_route, px_monitored_routes, px_enforced_routes, px_sensitive_routes, px_graphql_routes configs and changed them to be Array<string | RegExp>
- Fixed first party XHR validation issue
Version 1.0.0
- Added CORS support
- Added Custom First Party Endpoints support
- Added Credential Intelligence, including support for:
- Credential path matching via exact route or regular expression
- Extracting credentials from body, header, query-param, or via custom callback
- Single-step (
v2) and multistep (multistep_sso) hashing protocols
- Reporting on login successful via status code, body regex, header, or via custom callback
- Sending additional S2S activity automatically, via API function call, or transfer via request headers
- Sending the raw username on the additional S2S activity if configured
- Added Account Defender, including support for:
- Reporting of the cross tab session cookie
- Extracting user ID and additional fields from cookie- or header-based JWT
- Changed
postEnforce function signature to have only Response parameter
Version 0.1.0
- Initial version with support for basic and advanced features including:
- Additional activity handler
- Advanced blocking response
- Block activity
- Block page captcha
- Block page rate limit
- Bypass monitor header
- Client ip extraction
- Cookie v3
- CSS ref
- Custom cookie header
- Custom logo
- Custom parameters
- Enforced routes
- Filter by extension
- Filter by http method
- Filter by ip
- Filter by route
- Filter by user agent
- First party
- GraphQL support
- JS ref
- Logger
- Mobile support
- module enable
- Module mode
- Monitored routes
- page requested activity
- PXDE
- PXHD
- Risk API
- Sensitive headers
- Sensitive routes
- Telemetry command
- VID extraction