What's New

Version 3.14.0

Released 2024-01-11

• Support for url decode reserved characters feature
• Support in lambda enforcer for non-reserved characters

Version 3.10.0

Released 2023-05-16

• Custom cookie header is processed in addition to (not instead of) default cookie header
• Custom cookie header default value has been set to x-human-cookies
• Added HUMANHD from risk response to the async activities

Version 3.8.0

Released 2023-01-30

• Support for CORS preflight requests and CORS headers in block responses

Version 3.7.0

Released 2023-01-26

• Support User Identifiers: CTS and JWT.

Version 3.6.0

Released 2023-1-16

• Update to Node Core v3.7.0

Version 3.5.0

Released 2022-11-17

• Support for modifying the request context via a custom function. This provides flexibility for setting the module mode or request sensitivity based on custom logic.

Version 3.4.0

Released 2022-10-23

• Support for px_custom_first_party_path configuration

Version 3.3.3

Released 2022-09-28

• Updated dependences and confirmed support of Node.js 16.x AWS Lambda runtime

Version 3.3.2

Released 2022-06-06

• Fix - GraphQL parsed operation name issue

Version 3.3.1

Released 2022-05-18

• Fix - Update block page to support error handling for mobile.

Version 3.3.0

Released 2022-05-08

• Added Credentials Intelligence v2 hashing protocol as the default. The new protocol normalizes and hashes credentials according to a new algorithm that improves accuracy.

Version 3.2.0

Released 2022-01-25

• Added additional_s2s activity to replace external activities feature. This additional activity can be sent automatically via the HUMANActivities Lambda or transferred as a header to the origin and sent directly to HUMAN via an XHR POST request.
• Added the ability to report the raw username to HUMAN on the additional_s2s activity in cases where compromised credentials were used to successfully log in
• Enhancements to the login credentials extraction feature, including automatic detection of content type via the Content-Type header, the option to define custom extraction callbacks for endpoints, and automatic sending of credentials to HUMAN upon successful extraction, and more
• Fixed an issue with enforced routes not working in monitor mode
• Fixed an issue with the bypass monitor header not working for configured monitored routes

Version 3.1.1

Released 2021-12-29

• Added the server_info_origin property to all Enforcer activities. This property indicates which CDN POP/Datacenter the specific request hits for visibility on the request origin
• Added a flow to route requests to sensitive route based on parsing the GraphQL payload

Version 3.1.0

Released 2021-11-28

• Support to add an additional activity callback function to run after sending page_requested or block activity to the collector, and before forwarding the request to the next step in the pipeline to allow customization (e.g. set the HUMAN score as a header)
• Enhancements to the login credentials extraction feature to support latest requirements of HUMAN Credential Intelligence product. Includes adding login paths as sensitive routes automatically

Version 3.0.1

Released 2021-10-25

• Support for outputting whether user credentials are compromised on an additional header as part of HUMAN Credential Intelligence product

Version 3.0.0

Released 2021-10-18

• Improved mechanism to handle asynchronous activities in a context of a Lambda function. This will reduce the response time to the end user and Lambda duration, which may also reduce operational costs
• Restructuring of the module code to enable quick and simple upgrades moving forward, which will ease efforts to keep the enforcer up to date and allow fast delivery of new capabilities by HUMAN 
• Bundling Lambda functions using Rollup which reduces the total size of the Lambda code by roughly 50%
• Configuration field changes for consistency (HUMAN Node Core v3.0.0)

Version 2.14.0

Released 2021-07-22

• Added support for the external activities feature to retrieve the http status code from the origin-response to support HUMAN Credential Intelligence product

Version 2.13.2

Released 2021-06-04

• Bug fix for cookie decryption failing on mobile SDK error

Version 2.13.1

Released 2021-05-25

• Bug fix for falsely reporting when using the bypass monitor header feature

Version 2.13.0

Released 2021-04-08

• Added support of the [data enrichment cookie (HUMANDE)](https://docs.perimeterx.com/pxconsole/docs/supported-features#pxde-cookie

Version 2.12.0

Released 2021-04-07

• Added support for filtering by user agent via regular expressions

Version 2.11.0

Released 2021-03-30

• Enhancement to extract the login credentials and attach to HUMAN activities as part of the login credentials extraction feature

Version 2.10.0

Released 2021-02-10

• Enable setting a header name to extract the HUMAN cookies as part of custom cookie header

Version 2.9.0

Released 2021-02-02

• Bug fix for the request object building

Version 2.8.2

Released 2020-10-25

• Bug fix to support the ACTIVITIES_TIMEOUT_MS

Version 2.8.1

Released 2020-07-02

• Bug fix - the Path is now sent without query params

Version 2.8.0

Released 2020-03-29

• Support for external activities by using a new lambda function on origin-response. This allow sending the status code on page_requested activities

Version 2.7.2

Released 2020-03-19

• Bug fix for for parsing query params

Version 2.7.1

Released 2020-03-04

• Bug fix - changed cache-control to no-cache for block pages