Skip to content

Latest commit

 

History

History
115 lines (87 loc) · 3.16 KB

changelog.md

File metadata and controls

115 lines (87 loc) · 3.16 KB

Change Log

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

[2.3.2] - 2022-xx-xx

Changed

  • Removed dependency on Active Support
  • Replaced eval() calls with JSON.parse() for improved security
  • Small spec alignment changes (risk_api and block activities)

[2.3.1] - 2022-04-11

Fixed

  • URLs with query params did not render properly on new block page

[2.3.0] - 2022-04-10

Added

  • Custom logo in block JSON response

Changed

  • Updated block page to use new template

[2.2.1] - 2020-09-27

Fixed

  • bypass_monitor_header type validation

[2.2.0] - 2020-09-15

Added

  • First Party

[2.1.0] - 2020-09-01

Added

  • Added option to set a different px configuration on each request
  • Added types validation on configuration fields

Fixed

  • New cookie logic for mobile requests
  • Renamed api_connect_timeout to api_timeout_conncection on default configuration
  • Removed unsapported configuration fields: max_buffer_len and local_proxy
  • Send cookie_origin only if there is a cookie

[2.0.0] - 2020-07-24

Added

  • Added fields to Block Activity: simulated_block, http_version, http_method, risk_rtt, px_orig_cookie
  • Added fields to page_requested activity: pass_reason, risk_rtt, px_orig_cookie
  • Added px_orig_cookie field to risk_api in case of cookie_decryption_failed
  • Added support for captcha v2
  • Added support for Advanced Blocking Response
  • Added support for whitelise routes
  • Added support for bypass monitor header
  • Added support for extracting vid from _pxvid cookie
  • Added support for rate limit
  • Added risk_cookie_max_iterations configuration

Fixed

  • Updated dependencies
  • Updated sample site dockerfile
  • Fixed monitor mode
  • Fixed send_page_activities and send_block_activities configurations
  • Updated risk to v3
  • Refactored ip header extraction
  • Renamed block_uuid field to client_uuid
  • Renamed perimeterx_server_host configuration to backend_url
  • Updated risk_response handling: pass the request if risk_response.status is -1
  • Forcing http header values to be utf8

[1.4.0] - 2018-03-18

Fixed

  • Incorrect assigment for s2s_call_reason
  • Fixed empty token result correct s2s reason

Added

  • Added support to captcha api v2
  • Mobile sdk support for special tokens 1/2/3

[1.3.0] - 2017-07-27

Added

  • Sending client_uuid on page_requested activities
  • Supporting mobile sdk

Fixed

  • Using request.env instead of env

[1.2.0] - 2017-06-04

Fixed

- Default timeouts for post api requests
- Fixed Dockerfile

Changed

- Removed httpclient and instead using typheous

Added

- Using concurrent-ruby for async post requests

[1.1.0] - 2017-06-04

Added

- Added support for sensitive routes

[1.0.5] - 2017-05-07

Fixed

  • Added request format into context for custom callbacks

[1.0.4] - 2017-04-27

Fixed

  • Constants on px_constants
  • Cookie Validation flow when cookie score was over the configured threshold
  • Using symbols instead of strings for requests body