What's New

Version 7.3.2

Released 2022-06-30

  • Fix - pxhd cookie is now set with SameSite=Lax

Version 7.3.1

Released 2022-05-18

  • Fix - Update block page to support error handling for mobile.

Version 7.3.0

Released 2022-05-08

  • Added Credentials Intelligence v2 hashing protocol as the default. The new protocol normalizes and hashes credentials according to a new algorithm that improves accuracy.

Version 7.2.0

Released 2022-04-11

  • New block page implementation
  • Support for dynamic cookie signing with IP (requires PXHD)
  • Send PX cookie over risk_api on sensitive routes

Version 7.1.0

Released 2022-01-24

  • Added support for credentials intelligence protocols v1 and multistep_sso
  • Added support Support for login successful reporting methods header, status, body, and custom
  • Added support for automatic sending of additional_s2s activity
  • Added support for manual sending of additional_s2s activity via header or API call
  • Added support for sending raw username on additional_s2s activity
  • Added support for login credentials extraction via custom callback
  • Added support request_id field to all enforcer activities
  • Credentials extraction is now handles body encoding based on Content-Type request header
  • Added successful login credentials extraction automatically triggers risk_api call without needing to enable sensitive routes
  • Fixed the issue of Enforced routes didn't worked in monitor mode.
  • Fixed the issue of bypass monitor header to work with configured monitored routes.

Version 7.0.3

Released 2022-01-18

  • Added Code Defender first party XHR and first party sensor support. Proxying XHR and and sensor script using first party is used to avoid getting blocked by browser extensions such as Adblock.

Version 7.0.2

  • Added Nonce support in CSP header, this adds a validation layer to the CSP policy on your application. For more details please visit the official CSP documentation CSP nonce

Version 7.0.1

Released 2021-10-25

  • Added compromised credentials header support. This feature provides information about breached accounts and allows you to protect your users.

Version 7.0.0

Released 2021-10-18

  • Configuration fields update (PerimeterX Node Core v3.0.0)

Version 6.8.2

Released 2021-07-04

  • Fixed the issue of cookie decryption fails on mobile SDK error.

Version 6.8.0

Released 2021-06-08

  • Added new middleware for Code Defender (cdMiddleware. This enables support CSP enforcement by the Enforcer.

Version 6.7.0

Released 2021-04-07

  • Added support for regular expressions in filter by user agent.

Version 6.6.0

Released 2021-02-09

  • Added support for Custom cookie header. Custom Cookie Header feature allows you to set a header name which is used to extract PerimeterX cookies, instead of from the request cookies property.
  • Support for custom log.

Version 6.5.4

Released 2020-10-25

  • Bug fix to support the ACTIVITIES_TIMEOUT_MS.

Version 6.5.3

Released 2020-04-21

  • Added New config to support Secure flag for PXHD cookie

Version 6.5.2

Released 2020-02-11

  • Fix the bug to support custom parameters for async activities.

Version 6.5.1

Released 2020-02-11

  • Fix the bug to support the originalRequest in enrichCustomParameters.

Version 6.5.0

Released 2019-11-26

  • Added Support for filtering traffic by http method. This feature allows to filter out request from the Enforcer verification flow by its HTTP Method, avoiding unnecessary traffic in the Enforcer verification flow and reducing operation costs