Enforcer frameworksAWSAWS Lambda@Edge

AWS Lambda@Edge changelog

November 9, 2025

Version 4.8.0

  • Added is_sensitive_route field to risk api and async activities
  • Added request_id to telemetry activity details
  • Telemetry activity update_reason field updated to reflect the reason for telemetry activity:
    • command - incoming telemetry request received
    • risk - telemetry triggered via risk response field
August 20, 2025

Version 4.6.0

  • Support for adding a data enrichment header (new px_data_enrichment_header_name configuration)
  • Added response custom parameters to supported features and supported it in the CI workflows
  • Added Documentation enforcement workflow - verify that the documentation is up to date with the latest changes in the codebase
May 31, 2025

Version 4.5.0

  • Improvements to request RTT and Lambda execution time by sending async HTTP requests in subsequent Lambda invocations
  • Added support for interpreting regex-formatted strings (e.g., "/^/regex/path$/i") as regular expressions for the following configurations:
    • px_sensitive_routes
    • px_monitored_routes
    • px_enforced_routes
    • px_graphql_routes
    • px_filter_by_route
    • px_filter_by_user_agent
    • px_graphql_keywords
    • px_sensitive_graphql_operation_names
    • px_login_credentials_extraction object fields path (when path_type is "regex") and login_successful_body_regex
March 25, 2025

Version 4.4.0

  • Added px_token_version configuration to enable support for cookie v2 (cookie v3 is default)
  • Support for regular expressions in px_filter_by_user_agent
  • Extracting GraphQL operationName and variables even if the query field is not present
  • Fixed issue where telemetry would fail if px_cookie_secret was an array of cookie strings
July 18, 2024

Version 4.3.0

  • Added HumanSecurityFirstParty for more modular use of first party functionality within Lambdas
  • Added GraphQL query keyword extraction via string/regex (px_graphql_keywords) and custom function (px_extract_graphql_keywords)
  • Changed telemetry activity to include all types of config and include redacted sensitive configuration fields
  • Changed default value for px_bypass_monitor_header from empty string to “x-px-block”
  • Changed configuration px_sensitive_graphql_operation_names to include regular expressions and apply to extracted GraphQL keywords as well
  • Fixed issue where unvalidated _pxvid value was added to the captcha page
  • Fixed issue where configured regular expressions with the global flag (g) occasionally failed on calls to test()
April 1, 2024

Version 4.2.0

  • Added ability to pass the Context object to the Enforcer to use awsRequestId as the HUMAN request ID
  • Fixed bug where First Party XHR body was not transferred properly
  • First party handler returns response instead of throwing error on non-first party requests
  • Updated the captcha template
  • Using raw URL instead of parsed URL in block page captcha script query parameter
February 21, 2024

Version 4.1.0

  • Added base64-encoded request HTTP method to captcha script query parameters on block pages
  • Fixed JSON parsing issue with generated package.json for CommonJS library build