perimeter_x 2.2.1 → 2.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1cb2ccba081bcd941104fd775fc6d047b1b82f9adc6c43619ab860ab1c9685b5
-  data.tar.gz: 11b5d9a8addcbc817e7e8f30ba5216e3b16c8392088abbc6c72295b53a39720e
+  metadata.gz: 7321ac61fcf5c1b2b8a573eb23744d807e0af5e430a3468cb4704e8d36c7f8a9
+  data.tar.gz: 5bd64b4340535a52d2f91db99cabb673693dec8dbf1526dd00d2aa200743a444
 SHA512:
-  metadata.gz: 205b0471f18b749671b9f481af16d032c4559b6505e1f6a1198883ea8935f8acf11583433b14ba88a1e51e0eadd004462e49d2167e6e7bd09fe0ddcf4a2afd98
-  data.tar.gz: 5767dbf74d101d8859b5c74453d9e5ea314721d7bb3489678e0837448bca5eff1210d7fe387d0bae40c5a3ae0de0d305eb55faa4c6d28619e32b29e704c2d0f7
+  metadata.gz: 3037218a40b007fd7a0aaf93c6fe2e367b622042f2653c2e08e3c9a5d53d12d0107374d81e841d46e9320562d95c2ac4957040d7cb3a932c971ab2a1ff16aed2
+  data.tar.gz: 5de6563d962cee1d9ba90ac370ecb4a0a8679dfab9a1ab69b2dbcfaafe54d3ce05b12f31b8c57f1a5b129299e215dd0e8f7e488bbadf03308099104ec7f2ab60

data/LICENSE.txt

@@ -1,4 +1,4 @@
-Copyright © 2016 PerimeterX, Inc.
+Copyright © 2022 PerimeterX, Inc.
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/changelog.md

@@ -5,6 +5,16 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
 
+## [2.3.0] - 2022-04-10
+
+### Added
+
+- Custom logo in block JSON response
+
+### Changed
+
+- Updated block page to use new template
+
 ## [2.2.1] - 2020-09-27
 ### Fixed
  - bypass_monitor_header type validation

data/lib/perimeter_x.rb

@@ -56,19 +56,22 @@ module PxModule
           end
 
           is_mobile = px_ctx.context[:cookie_origin] == 'header' ? '1' : '0'
-          action = px_ctx.context[:block_action][0,1]          
+          action = px_ctx.context[:block_action][0,1]
+          block_script_uri = "/captcha.js?a=#{action}&u=#{px_ctx.context[:uuid]}&v=#{px_ctx.context[:vid]}&m=#{is_mobile}"
 
           if px_config[:first_party_enabled]
             px_template_object = {
             js_client_src:  "/#{px_config[:app_id][2..-1]}/init.js",
-            block_script: "/#{px_config[:app_id][2..-1]}/captcha/#{px_config[:app_id]}/captcha.js?a=#{action}&u=#{px_ctx.context[:uuid]}&v=#{px_ctx.context[:vid]}&m=#{is_mobile}",
-            host_url: "/#{px_config[:app_id][2..-1]}/xhr"
+            block_script: "/#{px_config[:app_id][2..-1]}/captcha/#{px_config[:app_id]}#{block_script_uri}",
+            host_url: "/#{px_config[:app_id][2..-1]}/xhr",
+            alt_block_script: "//#{PxModule::ALT_CAPTCHA_HOST}/#{px_config[:app_id]}#{block_script_uri}"
             }
           else
             px_template_object = {
             js_client_src: "//#{PxModule::CLIENT_HOST}/#{px_config[:app_id]}/main.min.js",
-            block_script: "//#{PxModule::CAPTCHA_HOST}/#{px_config[:app_id]}/captcha.js?a=#{action}&u=#{px_ctx.context[:uuid]}&v=#{px_ctx.context[:vid]}&m=#{is_mobile}",
-            host_url: "https://collector-#{px_config[:app_id]}.perimeterx.net"
+            block_script: "//#{PxModule::CAPTCHA_HOST}/#{px_config[:app_id]}#{block_script_uri}",
+            host_url: "https://collector-#{px_config[:app_id]}.perimeterx.net",
+            alt_block_script: "//#{PxModule::ALT_CAPTCHA_HOST}/#{px_config[:app_id]}#{block_script_uri}"
             }
           end
 
@@ -92,6 +95,8 @@ module PxModule
                   :vid => px_ctx.context[:vid],
                   :hostUrl => "https://collector-#{px_config[:app_id]}.perimeterx.net",
                   :blockScript => px_template_object[:block_script],
+                  :altBlockScript => px_template_object[:alt_block_script],
+                  :customLogo => px_config[:custom_logo]
               }
 
               render :json => hash_json

data/lib/perimeterx/utils/px_constants.rb

@@ -36,11 +36,11 @@ module PxModule
   PROP_APP_ID = :appId
   PROP_VID = :vid
   PROP_UUID = :uuid
-  PROP_LOGO_VISIBILITY = :logoVisibility
   PROP_CUSTOM_LOGO = :customLogo
   PROP_CSS_REF = :cssRef
   PROP_JS_REF = :jsRef
   PROP_BLOCK_SCRIPT = :blockScript
+  PROP_ALT_BLOCK_SCRIPT = :altBlockScript
   PROP_JS_CLIENT_SRC = :jsClientSrc
   PROP_HOST_URL = :hostUrl
   PROP_FIRST_PARTY_ENABLED = :firstPartyEnabled
@@ -48,6 +48,7 @@ module PxModule
   # Hosts
   CLIENT_HOST = 'client.perimeterx.net'
   CAPTCHA_HOST = 'captcha.px-cdn.net'
+  ALT_CAPTCHA_HOST = 'captcha.px-cloud.net'
 
   VISIBLE = 'visible'
   HIDDEN = 'hidden'

data/lib/perimeterx/utils/px_template_factory.rb

@@ -6,7 +6,7 @@ module PxModule
     def self.get_template(px_ctx, px_config, px_template_object)
       logger = px_config[:logger]
       if (px_config[:challenge_enabled] && px_ctx.context[:block_action] == 'challenge')
-        logger.debug('PxTemplateFactory[get_template]: px challange triggered')
+        logger.debug('PxTemplateFactory[get_template]: px challenge triggered')
         return px_ctx.context[:block_action_data].html_safe
       end
 
@@ -23,15 +23,14 @@ module PxModule
       Mustache.template_file =  "#{File.dirname(__FILE__) }/templates/#{template_type}#{PxModule::TEMPLATE_EXT}"
 
       view[PxModule::PROP_APP_ID] = px_config[:app_id]
-      view[PxModule::PROP_REF_ID] = px_ctx.context[:uuid]
       view[PxModule::PROP_VID] = px_ctx.context[:vid]
       view[PxModule::PROP_UUID] = px_ctx.context[:uuid]
       view[PxModule::PROP_CUSTOM_LOGO] = px_config[:custom_logo]
       view[PxModule::PROP_CSS_REF] = px_config[:css_ref]
       view[PxModule::PROP_JS_REF] = px_config[:js_ref]
       view[PxModule::PROP_HOST_URL] = px_template_object[:host_url]
-      view[PxModule::PROP_LOGO_VISIBILITY] = px_config[:custom_logo] ? PxModule::VISIBLE : PxModule::HIDDEN
       view[PxModule::PROP_BLOCK_SCRIPT] = px_template_object[:block_script]
+      view[PxModule::PROP_ALT_BLOCK_SCRIPT] = px_template_object[:alt_block_script]
       view[PxModule::PROP_JS_CLIENT_SRC] = px_template_object[:js_client_src]
       view[PxModule::PROP_FIRST_PARTY_ENABLED] = px_ctx.context[:first_party_enabled]
 

data/lib/perimeterx/utils/templates/block_template.mustache

@@ -3,173 +3,42 @@
 <head>
     <meta charset="utf-8">
     <meta name="viewport" content="width=device-width, initial-scale=1">
-    <title>Access to this page has been denied.</title>
-    <link href="https://fonts.googleapis.com/css?family=Open+Sans:300" rel="stylesheet">
-    <style>
-        html, body {
-            margin: 0;
-            padding: 0;
-            font-family: 'Open Sans', sans-serif;
-            color: #000;
-        }
-
-        a {
-            color: #c5c5c5;
-            text-decoration: none;
-        }
-
-        .container {
-            align-items: center;
-            display: flex;
-            flex: 1;
-            justify-content: space-between;
-            flex-direction: column;
-            height: 100%;
-        }
-
-        .container > div {
-            width: 100%;
-            display: flex;
-            justify-content: center;
-        }
-
-        .container > div > div {
-            display: flex;
-            width: 80%;
-        }
-
-        .customer-logo-wrapper {
-            padding-top: 2rem;
-            flex-grow: 0;
-            background-color: #fff;
-            visibility: {{logoVisibility}};
-        }
-
-        .customer-logo {
-            border-bottom: 1px solid #000;
-        }
-
-        .customer-logo > img {
-            padding-bottom: 1rem;
-            max-height: 50px;
-            max-width: 100%;
-        }
-
-        .page-title-wrapper {
-            flex-grow: 2;
-        }
-
-        .page-title {
-            flex-direction: column-reverse;
-        }
-
-        .content-wrapper {
-            flex-grow: 5;
-        }
-
-        .content {
-            flex-direction: column;
-        }
-
-        .page-footer-wrapper {
-            align-items: center;
-            flex-grow: 0.2;
-            background-color: #000;
-            color: #c5c5c5;
-            font-size: 70%;
-        }
-
-        @media (min-width: 768px) {
-            html, body {
-                height: 100%;
-            }
-        }
-    </style>
-    <!-- Custom CSS -->
+    <meta name="description" content="px-captcha">
+    <title>Access to this page has been denied</title>
     {{#cssRef}}
         <link rel="stylesheet" type="text/css" href="{{{cssRef}}}"/>
     {{/cssRef}}
 </head>
-
 <body>
-<section class="container">
-    <div class="customer-logo-wrapper">
-        <div class="customer-logo">
-            <img src="{{customLogo}}" alt="Logo"/>
-        </div>
-    </div>
-    <div class="page-title-wrapper">
-        <div class="page-title">
-            <h1>Please verify you are a human</h1>
-        </div>
-    </div>
-    <div class="content-wrapper">
-        <div class="content">
-
-            <div id="px-captcha">
-            </div>
-            <p>
-                Access to this page has been denied because we believe you are using automation tools to browse the
-                website.
-            </p>
-            <p>
-                This may happen as a result of the following:
-            </p>
-            <ul>
-                <li>
-                    Javascript is disabled or blocked by an extension (ad blockers for example)
-                </li>
-                <li>
-                    Your browser does not support cookies
-                </li>
-            </ul>
-            <p>
-                Please make sure that Javascript and cookies are enabled on your browser and that you are not blocking
-                them from loading.
-            </p>
-            <p>
-                Reference ID: #{{refId}}
-            </p>
-        </div>
-    </div>
-    <div class="page-footer-wrapper">
-        <div class="page-footer">
-            <p>
-                Powered by
-                <a href="https://www.perimeterx.com/whywasiblocked">PerimeterX</a>
-                , Inc.
-            </p>
-        </div>
-    </div>
-</section>
-<!-- Px -->
-<script>
-    window._pxAppId = '{{appId}}';
-    window._pxJsClientSrc = '{{{jsClientSrc}}}';
-    window._pxFirstPartyEnabled = {{firstPartyEnabled}};
-    window._pxVid = '{{vid}}';
-    window._pxUuid = '{{uuid}}';
-    window._pxHostUrl = '{{{hostUrl}}}';
-</script>
-<script>
-    var s = document.createElement('script');
-    s.src = '{{{blockScript}}}';
-    var p = document.getElementsByTagName('head')[0];
-    p.insertBefore(s, null);
-    if ({{firstPartyEnabled}}) {
-        s.onerror = function () {
-            s = document.createElement('script');
-            var suffixIndex = '{{{blockScript}}}'.indexOf('captcha.js');
-            var temperedBlockScript = '{{{blockScript}}}'.substring(suffixIndex);
-            s.src = '//captcha.px-cdn.net/{{appId}}/' + temperedBlockScript;
-            p.parentNode.insertBefore(s, p);
+    <script>
+        window._pxVid = '{{vid}}';
+        window._pxUuid = '{{uuid}}';
+        window._pxAppId = '{{appId}}';
+        window._pxCustomLogo = '{{customLogo}}';
+        window._pxHostUrl = '{{hostUrl}}';
+        window._pxJsClientSrc = '{{jsClientSrc}}';
+        window._pxFirstPartyEnabled = {{firstPartyEnabled}};
+        var script = document.createElement('script');
+        script.src = '{{blockScript}}';
+        document.head.appendChild(script);
+        script.onerror = function () {
+            script = document.createElement('script');
+            script.src = '{{altBlockScript}}';
+            script.onerror = window._pxDisplayErrorMessage;
+            document.head.appendChild(script);
         };
-    }
-</script>
-
-<!-- Custom Script -->
-{{#jsRef}}
-    <script src="{{{jsRef}}}"></script>
-{{/jsRef}}
+        window._pxDisplayErrorMessage = function () {
+            var style = document.createElement('style');
+            style.innerText = '@import url(https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap);body{background-color:#fafbfc}@media (max-width:480px){body{background-color:#fff}}.px-captcha-error-container{position:fixed;height:328px;background-color:#fff;font-family:Roboto,sans-serif}.px-captcha-error-header{color:#f0f1f2;font-size:29px;margin:67px 0 33px;font-weight:500;line-height:.83;text-align:center}.px-captcha-error-message{color:#f0f1f2;font-size:18px;margin:0 0 29px;line-height:1.33;text-align:center}div.px-captcha-error-button{text-align:center;line-height:50px;width:253px;margin:auto;border-radius:25px;border:solid 1px #f0f1f2;font-size:20px;color:#f0f1f2}div.px-captcha-error-wrapper{margin:23px 0 0}div.px-captcha-error{margin:auto;text-align:center;width:400px;height:30px;font-size:12px;background-color:#fcf0f2;color:#ce0e2d}img.px-captcha-error{margin:6px 10px -2px 0}@media (min-width:620px){.px-captcha-error-container{width:528px;top:50%;left:50%;margin-top:-164px;margin-left:-264px;border-radius:3px;box-shadow:0 2px 9px -1px rgba(0,0,0,.13)}}@media (min-width:481px) and (max-width:620px){.px-captcha-error-container{width:85%;top:50%;left:50%;margin-top:-164px;margin-left:-42.5%;border-radius:3px;box-shadow:0 2px 9px -1px rgba(0,0,0,.13)}}@media (max-width:480px){.px-captcha-error-container{width:528px;top:50%;left:50%;margin-top:-164px;margin-left:-264px}}';
+            document.head.appendChild(style);
+            var div = document.createElement('div');
+            div.className = 'px-captcha-error-container';
+            div.innerHTML = '<div class="px-captcha-error-header">Before we continue...</div><div class="px-captcha-error-message">Press & Hold to confirm you are<br>a human (and not a bot).</div><div class="px-captcha-error-button">Press & Hold</div><div class="px-captcha-error-wrapper"><div class="px-captcha-error"><img class="px-captcha-error" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAAQCAMAAADDGrRQAAAABGdBTUEAALGPC/xhBQAAAAFzUkdCAK7OHOkAAABFUExURUdwTNYELOEGONQILd0AONwALtwEL+AAL9MFLfkJSNQGLdMJLdQJLdQGLdQKLtYFLNcELdUGLdcBL9gFL88OLdUFLNEOLglBhT4AAAAXdFJOUwC8CqgNIRgRoAS1dWWuR4RTjzgryZpYblfkcAAAAI9JREFUGNNdj+sWhCAIhAdvqGVa1r7/oy6RZ7eaH3D4ZACBIed9wlOOMtUnSrEmZ6cHa9YAIfsbCkWrdpi/c50Bk2CO9mNLdMAu03wJA3HpEnfpxbyOg6ruyx8JJi6KNstnslp1dbPd9GnqmuYq7mmcv1zjnbQw8cV0xzkqo+fX1zkjUOO7wnrInUTxJiruC3vtBNRoQQn2AAAAAElFTkSuQmCC">Please check your network connection or disable your ad-blocker.</div></div>';
+            document.body.appendChild(div);
+        };
+    </script>
+    {{#jsRef}}
+        <script src="{{{jsRef}}}"></script>
+    {{/jsRef}}
 </body>
-</html>
+</html>

data/lib/perimeterx/version.rb

@@ -1,3 +1,3 @@
 module PxModule
-  VERSION = '2.2.1'
+  VERSION = '2.3.0'
 end

data/px_metadata.json

@@ -0,0 +1,28 @@
+{
+    "version": "2.3.0",
+    "supported_features": [
+        "additional_activity_handler",
+        "advanced_blocking_response",
+        "batched_activities",
+        "block_activity",
+        "block_page_captcha",
+        "block_page_rate_limit",
+        "bypass_monitor_header",
+        "client_ip_extraction",
+        "cookie_v3",
+        "css_ref",
+        "custom_logo",
+        "logger",
+        "filter_by_route",
+        "first_party",
+        "js_ref",
+        "mobile_support",
+        "module_enable",
+        "module_mode",
+        "page_requested_activity",
+        "vid_extraction",
+        "risk_api",
+        "sensitive_headers",
+        "sensitive_routes"
+    ]
+}

data/readme.md

@@ -5,7 +5,7 @@
 [PerimeterX](http://www.perimeterx.com) Ruby SDK
 =============================================================
 
-> Latest stable version: [v2.2.1](https://rubygems.org/gems/perimeter_x)
+> Latest stable version: [v2.3.0](https://rubygems.org/gems/perimeter_x)
 
 Table of Contents
 -----------------
@@ -31,6 +31,7 @@ Table of Contents
   *   [Update Configuration on Runtime](#update-config)
   *   [First Party](#first-party)
   
+  **[Additional Information](#additional-information)**
   **[Contributing](#contributing)**
 
 <a name="Usage"></a>
@@ -350,8 +351,12 @@ Default: true
   params[:first_party_enabled] = false
 ```
 
+<a name="additional_information"></a> Additional Information 
+------------------------------
+### URI Delimiters
+PerimeterX processes URI paths with general- and sub-delimiters according to RFC 3986. General delimiters (e.g., `?`, `#`) are used to separate parts of the URI. Sub-delimiters (e.g., `$`, `&`) are not used to split the URI as they are considered valid characters in the URI path.
 
-<a name="contributing"></a># Contributing #
+<a name="contributing"></a> Contributing
 ------------------------------
 The following steps are welcome when contributing to our project.
 ###Fork/Clone

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: perimeter_x
 version: !ruby/object:Gem::Version
-  version: 2.2.1
+  version: 2.3.0
 platform: ruby
 authors:
 - Nitzan Goldfeder
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-09-27 00:00:00.000000000 Z
+date: 2022-04-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -191,6 +191,7 @@ files:
 - lib/perimeterx/utils/templates/ratelimit.mustache
 - lib/perimeterx/version.rb
 - perimeter_x.gemspec
+- px_metadata.json
 - readme.md
 homepage: https://www.perimeterx.com
 licenses:
@@ -215,7 +216,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.0.3.1
 signing_key: 
 specification_version: 4
 summary: PerimeterX ruby implmentation