npm - perimeterx-js-core - Versions diffs - 0.10.0 → 0.12.0 - Mend

perimeterx-js-core 0.10.0 → 0.12.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (259) hide show

package/lib/cjs/action/utils.js CHANGED Viewed

@@ -1,7 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getDecisionFromActions = exports.getProductActions = exports.getDecisionFromContext = void 0;
+exports.getReasonForHighestPriorityProduct = exports.getDecisionFromActions = exports.getProductActions = exports.getDecisionFromContext = void 0;
 var Action_1 = require("./Action");
+var products_1 = require("../products");
 var ActionPriorityOrder_1 = require("./ActionPriorityOrder");
 var getDecisionFromContext = function (context) {
     return (0, exports.getDecisionFromActions)((0, exports.getProductActions)(context));
@@ -46,3 +47,7 @@ var createDecision = function (tally) {
     }
     return { action: Action_1.Action.PASS_REQUEST };
 };
+var getReasonForHighestPriorityProduct = function (reasons) {
+    return reasons[products_1.PRODUCT_PRIORITY_ORDER.find(function (product) { return !!reasons[product]; })];
+};
+exports.getReasonForHighestPriorityProduct = getReasonForHighestPriorityProduct;

package/lib/cjs/activities/utils.js CHANGED Viewed

@@ -3,7 +3,6 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.toHeaderEntryArray = exports.createAdditionalS2SActivityDetails = exports.createBlockActivityDetails = exports.createPageRequestedActivityDetails = exports.addResponseDataToAsyncActivityCommonDetails = exports.addRiskApiDataToAsyncActivityCommonDetails = exports.addTokenDataToDetails = exports.addRequestDataToDetails = exports.addServerDataToDetails = exports.addTlsDataToDetails = exports.addProductDataToDetails = exports.addCustomParametersToDetails = exports.addConfigDataToDetails = exports.addRootContextDataToDetails = exports.createCommonActivityDetails = exports.createAsyncActivityCommonDetails = exports.createActivityDetails = exports.createAsyncActivity = void 0;
 var utils_1 = require("../utils");
 var products_1 = require("../products");
-var blocker_1 = require("../blocker");
 var action_1 = require("../action");
 var ActivityType_1 = require("./ActivityType");
 var risk_token_1 = require("../risk_token");
@@ -12,7 +11,7 @@ var createAsyncActivity = function (activityType, config, context) {
     return {
         type: activityType,
         px_app_id: config.appId,
-        url: context.requestData.rawUrl,
+        url: context.requestData.url.href,
         headers: activityType !== ActivityType_1.ActivityType.ADDITIONAL_S2S
             ? (0, exports.toHeaderEntryArray)((0, utils_1.removeSensitiveHeaders)(context.requestData.headers, config.sensitiveHeaders))
             : undefined,
@@ -75,6 +74,7 @@ var addRootContextDataToDetails = function (details, context) {
         tokenOrigin: 'cookie_origin',
         vidSource: 'enforcer_vid_source',
         graphqlData: 'graphql_operations',
+        enforcerStartTime: 'enforcer_start_time',
     });
 };
 exports.addRootContextDataToDetails = addRootContextDataToDetails;
@@ -102,6 +102,9 @@ var addProductDataToDetails = function (details, productData) {
         ciVersion: 'ci_version',
         ssoStep: 'sso_step',
     });
+    (0, utils_1.transferExistingProperties)(productData.hsc, details, {
+        isTokenHscApproved: 'cpa',
+    });
 };
 exports.addProductDataToDetails = addProductDataToDetails;
 var addTlsDataToDetails = function (details, tlsData) {
@@ -129,6 +132,9 @@ var addRequestDataToDetails = function (details, requestData) {
         method: 'http_method',
         requestCookieNames: 'request_cookie_names',
     });
+    if (requestData.isUrlDifferentFromRawUrl) {
+        details.raw_url = requestData.rawUrl;
+    }
 };
 exports.addRequestDataToDetails = addRequestDataToDetails;
 var addTokenDataToDetails = function (details, _a) {
@@ -161,6 +167,7 @@ var addRiskApiDataToAsyncActivityCommonDetails = function (details, context) {
     (0, utils_1.transferExistingProperties)(context.riskApiData, details, {
         riskRtt: 'risk_rtt',
         s2sCallReason: 's2s_call_reason',
+        riskStartTime: 'risk_start_time',
     });
     if ((_a = context.riskApiData.riskResponse) === null || _a === void 0 ? void 0 : _a.additionalRiskInfo) {
         details.additional_risk_info = context.riskApiData.riskResponse.additionalRiskInfo;
@@ -178,9 +185,7 @@ var addResponseDataToAsyncActivityCommonDetails = function (details, context) {
 exports.addResponseDataToAsyncActivityCommonDetails = addResponseDataToAsyncActivityCommonDetails;
 var createPageRequestedActivityDetails = function (context) {
     var details = {};
-    details.pass_reason = Object.values(context.reasons)
-        .filter(function (x) { return x; })
-        .join(', ');
+    details.pass_reason = (0, action_1.getReasonForHighestPriorityProduct)(context.reasons);
     (0, utils_1.transferExistingProperties)(context.riskApiData, details, {
         errorReason: 's2s_error_reason',
         errorHttpStatus: 's2s_error_http_status',
@@ -190,10 +195,8 @@ var createPageRequestedActivityDetails = function (context) {
 };
 exports.createPageRequestedActivityDetails = createPageRequestedActivityDetails;
 var createBlockActivityDetails = function (context) {
-    var _a;
     var details = {};
-    var blockingProduct = blocker_1.BLOCK_ACTION_TO_PRODUCT_MAP.get(context.blockAction);
-    details.block_reason = (_a = context.reasons) === null || _a === void 0 ? void 0 : _a[blockingProduct];
+    details.block_reason = (0, action_1.getReasonForHighestPriorityProduct)(context.reasons);
     details.simulated_block = context.action === action_1.Action.SIMULATED_BLOCK;
     (0, utils_1.transferExistingProperties)(context, details, {
         blockAction: 'block_action',

package/lib/cjs/blocker/BlockerBase.js ADDED Viewed

@@ -0,0 +1,29 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BlockerBase = void 0;
+var http_1 = require("../http");
+var BlockerBase = /** @class */ (function () {
+    function BlockerBase(contentType, statusCode) {
+        if (statusCode === void 0) { statusCode = 403; }
+        this.contentType = contentType;
+        this.statusCode = statusCode;
+    }
+    BlockerBase.prototype.createBlockResponse = function (context) {
+        var status = this.statusCode;
+        var headers = this.createHeaders(context);
+        var body = this.createBlockBody(context);
+        return new http_1.MinimalResponseImpl({
+            status: status,
+            headers: headers,
+            body: body,
+        });
+    };
+    BlockerBase.prototype.createHeaders = function (context) {
+        var _a;
+        return _a = {},
+            _a[http_1.CONTENT_TYPE_HEADER_NAME] = [this.contentType],
+            _a;
+    };
+    return BlockerBase;
+}());
+exports.BlockerBase = BlockerBase;

package/lib/cjs/blocker/JsonBlockerBase.js ADDED Viewed

@@ -0,0 +1,36 @@
+"use strict";
+var __extends = (this && this.__extends) || (function () {
+    var extendStatics = function (d, b) {
+        extendStatics = Object.setPrototypeOf ||
+            ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
+            function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };
+        return extendStatics(d, b);
+    };
+    return function (d, b) {
+        if (typeof b !== "function" && b !== null)
+            throw new TypeError("Class extends value " + String(b) + " is not a constructor or null");
+        extendStatics(d, b);
+        function __() { this.constructor = d; }
+        d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.JsonBlockerBase = void 0;
+var BlockerBase_1 = require("./BlockerBase");
+var http_1 = require("../http");
+var JsonBlockerBase = /** @class */ (function (_super) {
+    __extends(JsonBlockerBase, _super);
+    function JsonBlockerBase() {
+        return _super.call(this, http_1.ContentType.APPLICATION_JSON) || this;
+    }
+    JsonBlockerBase.prototype.shouldBlock = function (context) {
+        var acceptHeaderValue = context.requestData.request.headers.get(http_1.ACCEPT_HEADER_NAME) || '';
+        var acceptHeaderContainsJson = acceptHeaderValue === null || acceptHeaderValue === void 0 ? void 0 : acceptHeaderValue.split(',').some(function (value) { return value.toLowerCase() === http_1.ContentType.APPLICATION_JSON; });
+        return !context.isMobile && acceptHeaderContainsJson;
+    };
+    JsonBlockerBase.prototype.createBlockBody = function (context) {
+        return JSON.stringify(this.createJsonPayload(context));
+    };
+    return JsonBlockerBase;
+}(BlockerBase_1.BlockerBase));
+exports.JsonBlockerBase = JsonBlockerBase;

package/lib/cjs/blocker/MobileBlocker.js ADDED Viewed

@@ -0,0 +1,48 @@
+"use strict";
+var __extends = (this && this.__extends) || (function () {
+    var extendStatics = function (d, b) {
+        extendStatics = Object.setPrototypeOf ||
+            ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
+            function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };
+        return extendStatics(d, b);
+    };
+    return function (d, b) {
+        if (typeof b !== "function" && b !== null)
+            throw new TypeError("Class extends value " + String(b) + " is not a constructor or null");
+        extendStatics(d, b);
+        function __() { this.constructor = d; }
+        d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MobileBlocker = void 0;
+var http_1 = require("../http");
+var blocker_1 = require("../blocker");
+var BlockerBase_1 = require("./BlockerBase");
+var MobileBlocker = /** @class */ (function (_super) {
+    __extends(MobileBlocker, _super);
+    function MobileBlocker(config, base64Utils, template) {
+        var _this = _super.call(this, http_1.ContentType.APPLICATION_JSON) || this;
+        _this.config = config;
+        _this.base64Utils = base64Utils;
+        _this.template = template;
+        return _this;
+    }
+    MobileBlocker.prototype.shouldBlock = function (context) {
+        return context.isMobile;
+    };
+    MobileBlocker.prototype.createBlockBody = function (context) {
+        var blockData = (0, blocker_1.createBlockData)(this.config, context, this.base64Utils);
+        var html = (0, blocker_1.renderHtml)(this.template, blockData);
+        return JSON.stringify({
+            action: blocker_1.BLOCK_ACTION_TO_WORD_MAP.get(blockData.blockAction),
+            uuid: blockData.uuid,
+            vid: blockData.vid,
+            appId: blockData.appId,
+            page: this.base64Utils.base64Encode(html),
+            collectorHost: this.config.backendCollectorUrl,
+        });
+    };
+    return MobileBlocker;
+}(BlockerBase_1.BlockerBase));
+exports.MobileBlocker = MobileBlocker;

package/lib/cjs/blocker/index.js CHANGED Viewed

@@ -16,6 +16,8 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
 Object.defineProperty(exports, "__esModule", { value: true });
 __exportStar(require("./IConditionalBlocker"), exports);
 __exportStar(require("./IBlocker"), exports);
-__exportStar(require("./BlockAction"), exports);
-__exportStar(require("./BlockActionToProductMap"), exports);
-__exportStar(require("./BlockActionToWordMap"), exports);
+__exportStar(require("./BlockerBase"), exports);
+__exportStar(require("./JsonBlockerBase"), exports);
+__exportStar(require("./MobileBlocker"), exports);
+__exportStar(require("./model"), exports);
+__exportStar(require("./utils"), exports);

package/lib/cjs/blocker/{BlockAction.js → model/BlockAction.js} RENAMED Viewed

@@ -6,4 +6,6 @@ var BlockAction;
     BlockAction["CAPTCHA"] = "c";
     BlockAction["RATE_LIMIT"] = "r";
     BlockAction["CHALLENGE"] = "j";
+    BlockAction["HYPE_SALE_CHALLENGE"] = "hsc";
+    BlockAction["HYPE_SALE_CHALLENGE_LEGACY"] = "cp";
 })(BlockAction || (exports.BlockAction = BlockAction = {}));

package/lib/cjs/blocker/{BlockActionToWordMap.js → model/BlockActionToWordMap.js} RENAMED Viewed

@@ -6,4 +6,5 @@ exports.BLOCK_ACTION_TO_WORD_MAP = new Map([
     [BlockAction_1.BlockAction.CAPTCHA, 'captcha'],
     [BlockAction_1.BlockAction.RATE_LIMIT, 'ratelimit'],
     [BlockAction_1.BlockAction.CHALLENGE, 'challenge'],
+    [BlockAction_1.BlockAction.HYPE_SALE_CHALLENGE, 'captcha'], // this is what mobile HSC expects
 ]);

package/lib/cjs/blocker/model/index.js ADDED Viewed

@@ -0,0 +1,19 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./BlockAction"), exports);
+__exportStar(require("./BlockActionToWordMap"), exports);
+__exportStar(require("./BlockData"), exports);

package/lib/cjs/{products/bot_defender/block → blocker}/utils.js RENAMED Viewed

@@ -1,8 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.createBlockData = exports.renderHtml = void 0;
-var utils_1 = require("../../../utils");
-var first_party_1 = require("../first_party");
+var utils_1 = require("../utils");
+var products_1 = require("../products");
 var renderHtml = function (htmlTemplate, blockData) {
     if (!blockData) {
         return htmlTemplate;
@@ -16,21 +16,23 @@ var renderHtml = function (htmlTemplate, blockData) {
     return htmlTemplate;
 };
 exports.renderHtml = renderHtml;
-var createBlockData = function (config, context) {
+var createBlockData = function (config, context, base64Utils) {
     var _a, _b;
     var captchaScriptSuffix = '/captcha.js';
-    var captchaParams = "?a=".concat(context.blockAction, "&u=").concat(context.uuid, "&v=").concat(context.vid || '', "&m=").concat(context.isMobile ? '1' : '0');
+    var b64EncodedUrl = base64Utils.base64Encode(context.requestData.url.href);
+    var captchaParams = "?a=".concat(context.blockAction, "&u=").concat(context.uuid, "&v=").concat(context.vid || '', "&m=").concat(context.isMobile ? '1' : '0', "&b=").concat(b64EncodedUrl);
     var jsClientSrc = "".concat(config.backendClientUrl, "/").concat(config.appId, "/main.min.js");
     var blockScript = "".concat(config.backendCaptchaUrl, "/").concat(config.appId).concat(captchaScriptSuffix).concat(captchaParams);
     var hostUrl = config.backendCollectorUrl;
     if (config.firstPartyEnabled && !context.isMobile) {
-        jsClientSrc = (0, first_party_1.getMostCustomizedFirstPartyPath)(config, first_party_1.FirstPartySuffix.SENSOR);
-        blockScript = "".concat((0, first_party_1.getMostCustomizedFirstPartyPath)(config, first_party_1.FirstPartySuffix.CAPTCHA)).concat(config.customFirstPartyCaptchaEndpoint ? captchaParams : "".concat(captchaScriptSuffix).concat(captchaParams));
-        hostUrl = (0, first_party_1.getMostCustomizedFirstPartyPath)(config, first_party_1.FirstPartySuffix.XHR);
+        jsClientSrc = (0, products_1.getMostCustomizedFirstPartyPath)(config, products_1.FirstPartySuffix.SENSOR);
+        blockScript = "".concat((0, products_1.getMostCustomizedFirstPartyPath)(config, products_1.FirstPartySuffix.CAPTCHA)).concat(config.customFirstPartyCaptchaEndpoint ? captchaParams : "".concat(captchaScriptSuffix).concat(captchaParams));
+        hostUrl = (0, products_1.getMostCustomizedFirstPartyPath)(config, products_1.FirstPartySuffix.XHR);
     }
     var cssRef = config.cssRef ? "<link rel=\"stylesheet\" type=\"text/css\" href=\"".concat(config.cssRef, "\" />") : '';
     var jsRef = config.jsRef ? "<script src=\"".concat(config.jsRef, "\"></script>") : '';
     var altBlockScript = "".concat(config.altBackendCaptchaUrl, "/").concat(config.appId).concat(captchaScriptSuffix).concat(captchaParams);
+    var jsTemplateScriptSrc = "https://captcha.px-cdn.net/".concat(config.appId, "/checkpoint.js");
     return {
         appId: config.appId,
         vid: context.vid || ((_b = (_a = context.requestData) === null || _a === void 0 ? void 0 : _a.cookies) === null || _b === void 0 ? void 0 : _b[utils_1.PXVID_COOKIE_NAME]) || '',
@@ -45,6 +47,7 @@ var createBlockData = function (config, context) {
         firstPartyEnabled: config.firstPartyEnabled,
         blockScript: blockScript,
         altBlockScript: altBlockScript,
+        jsTemplateScriptSrc: jsTemplateScriptSrc,
     };
 };
 exports.createBlockData = createBlockData;

package/lib/cjs/config/ConfigurationBase.js CHANGED Viewed

@@ -620,6 +620,13 @@ var ConfigurationBase = /** @class */ (function () {
         enumerable: false,
         configurable: true
     });
+    Object.defineProperty(ConfigurationBase.prototype, "urlDecodeReservedCharacters", {
+        get: function () {
+            return this.configParams.px_url_decode_reserved_characters;
+        },
+        enumerable: false,
+        configurable: true
+    });
     return ConfigurationBase;
 }());
 exports.ConfigurationBase = ConfigurationBase;

package/lib/cjs/config/defaults/DefaultCommonConfigurationParams.js CHANGED Viewed

@@ -116,4 +116,5 @@ exports.DEFAULT_COMMON_CONFIGURATION_PARAMS = {
     px_cors_create_custom_block_response_headers: null,
     px_remote_config_max_fetch_attempts: 5,
     px_remote_config_retry_interval_ms: 1000,
+    px_url_decode_reserved_characters: false,
 };

package/lib/cjs/config/remote_config/DefaultRemoteConfigUpdater.js CHANGED Viewed

@@ -64,23 +64,25 @@ var DefaultRemoteConfigUpdater = /** @class */ (function () {
                 switch (_b.label) {
                     case 0:
                         this.config.logger.debug('identified an update remote config request');
-                        if (!this.isUpdateRequestValid(request)) {
+                        return [4 /*yield*/, this.isUpdateRequestValid(request)];
+                    case 1:
+                        if (!(_b.sent())) {
                             return [2 /*return*/, false];
                         }
                         return [4 /*yield*/, this.getUpdateRequestData(request)];
-                    case 1:
+                    case 2:
                         updateRequestData = _b.sent();
                         if (!updateRequestData) {
                             return [2 /*return*/, false];
                         }
                         return [4 /*yield*/, this.fetchRemoteConfig(updateRequestData)];
-                    case 2:
+                    case 3:
                         remoteConfig = _b.sent();
                         if (!remoteConfig) {
                             return [2 /*return*/, false];
                         }
                         return [4 /*yield*/, this.storageClient.save(remoteConfig)];
-                    case 3:
+                    case 4:
                         _b.sent();
                         this.config.logger.debug("successfully updated with remote config version ".concat(remoteConfig.version));
                         return [2 /*return*/, true];
@@ -89,14 +91,24 @@ var DefaultRemoteConfigUpdater = /** @class */ (function () {
         });
     };
     DefaultRemoteConfigUpdater.prototype.isUpdateRequestValid = function (request) {
-        var timestampHmacHeader = request.headers.get(utils_1.PUSH_DATA_HMAC_HEADER_NAME);
-        var isValid = this.timestampHmacHeaderValidator.isValid(timestampHmacHeader);
-        if (!isValid) {
-            this.config.logger.error("invalid timestamp hmac header received: ".concat(timestampHmacHeader), {
-                errorType: constants_1.WRITE_REMOTE_CONFIG_ERROR_NAME,
+        return __awaiter(this, void 0, void 0, function () {
+            var timestampHmacHeader, isValid;
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0:
+                        timestampHmacHeader = request.headers.get(utils_1.PUSH_DATA_HMAC_HEADER_NAME);
+                        return [4 /*yield*/, this.timestampHmacHeaderValidator.isValid(timestampHmacHeader)];
+                    case 1:
+                        isValid = _a.sent();
+                        if (!isValid) {
+                            this.config.logger.error("invalid timestamp hmac header received: ".concat(timestampHmacHeader), {
+                                errorType: constants_1.WRITE_REMOTE_CONFIG_ERROR_NAME,
+                            });
+                        }
+                        return [2 /*return*/, isValid];
+                }
             });
-        }
-        return isValid;
+        });
     };
     DefaultRemoteConfigUpdater.prototype.getUpdateRequestData = function (request) {
         return __awaiter(this, void 0, void 0, function () {

package/lib/cjs/context/DefaultContext.js CHANGED Viewed

@@ -7,12 +7,12 @@ var risk_token_1 = require("../risk_token");
 var risk_api_1 = require("../risk_api");
 var http_1 = require("../http");
 var utils_1 = require("../utils");
-var DefaultUrlParser_1 = require("../impl/url_parser/DefaultUrlParser");
 var logger_1 = require("../logger");
 var DefaultContext = /** @class */ (function () {
     function DefaultContext(config, request, options) {
+        this.enforcerStartTime = Date.now();
         this.config = config;
-        this.urlParser = options.urlParser || new DefaultUrlParser_1.DefaultUrlParser();
+        this.urlUtils = options.urlUtils;
         this.tokenData = {
             tokenParseResult: risk_token_1.TokenParseResult.NONE,
         };
@@ -42,7 +42,8 @@ var DefaultContext = /** @class */ (function () {
     DefaultContext.prototype.createRequestData = function (config, request, cookieParser) {
         if (cookieParser === void 0) { cookieParser = new utils_1.StringSplitCookieParser(); }
         var rawUrl = request.url;
-        var url = this.urlParser.parse(rawUrl);
+        var url = this.normalizeUrl(rawUrl);
+        var isUrlDifferentFromRawUrl = rawUrl !== url.href;
         var method = request.method;
         var headers = request.headers;
         var cookies = DefaultContext.getCookies(cookieParser, request.headers.get(http_1.COOKIE_HEADER_NAME), request.headers.get(config.customCookieHeader));
@@ -62,6 +63,7 @@ var DefaultContext = /** @class */ (function () {
             requestCookieNames: requestCookieNames,
             request: request,
             httpVersion: httpVersion,
+            isUrlDifferentFromRawUrl: isUrlDifferentFromRawUrl,
         };
     };
     DefaultContext.getCookies = function (cookieParser) {
@@ -75,6 +77,19 @@ var DefaultContext = /** @class */ (function () {
         });
         return cookies;
     };
+    DefaultContext.prototype.normalizeUrl = function (rawUrl) {
+        var url = this.urlUtils.createUrl(rawUrl);
+        if (this.config.urlDecodeReservedCharacters) {
+            try {
+                url = this.urlUtils.createUrl("".concat(url.origin).concat(this.urlUtils.decodeUriComponent(url.pathname)).concat(url.search));
+            }
+            catch (e) {
+                this.config.logger.debug("unable to URL decode reserved characters: ".concat(e));
+            }
+        }
+        url.pathname = url.pathname.replace(/\/+$/, '').replace(/\/+/g, '/');
+        return url;
+    };
     DefaultContext.prototype.extractUserAgentFromHeader = function (config, headers) {
         var _a;
         var userAgent = ((_a = headers[http_1.USER_AGENT_HEADER_NAME]) === null || _a === void 0 ? void 0 : _a[0]) || '';

package/lib/cjs/custom_parameters/CustomParameters.js CHANGED Viewed

@@ -1,2 +1,3 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+var products_1 = require("../products");

package/lib/cjs/custom_parameters/CustomParametersUtils.js CHANGED Viewed

@@ -37,6 +37,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.CustomParametersUtils = void 0;
+var products_1 = require("../products");
 var CustomParametersUtils;
 (function (CustomParametersUtils) {
     var _this = this;
@@ -71,6 +72,10 @@ var CustomParametersUtils;
                     normalizedParams[param] = value;
                 }
             });
+            if (products_1.IS_HYPESALE_PARAM_NAME in customParameters &&
+                typeof customParameters[products_1.IS_HYPESALE_PARAM_NAME] === 'boolean') {
+                normalizedParams[products_1.IS_HYPESALE_PARAM_NAME] = customParameters[products_1.IS_HYPESALE_PARAM_NAME];
+            }
         }
         return Object.keys(normalizedParams).length === 0 ? null : normalizedParams;
     };

package/lib/cjs/enforcer/EnforcerBase.js CHANGED Viewed

@@ -68,6 +68,7 @@ var products_1 = require("../products");
 var activities_1 = require("../activities");
 var graphql_1 = require("../graphql");
 var logger_1 = require("../logger");
+var products_2 = require("../products");
 var EnforcerBase = /** @class */ (function () {
     /**
      * The EnforcerBase constructor.
@@ -226,7 +227,7 @@ var EnforcerBase = /** @class */ (function () {
      * @protected
      */
     EnforcerBase.prototype.getInitializationBlock = function (config, options) {
-        var tokenVersion = options.tokenVersion, httpClient = options.httpClient, base64Utils = options.base64Utils, hmacUtils = options.hmacUtils, hashUtils = options.hashUtils, ipRangeChecker = options.ipRangeChecker;
+        var tokenVersion = options.tokenVersion, httpClient = options.httpClient, base64Utils = options.base64Utils, hmacUtils = options.hmacUtils, hashUtils = options.hashUtils, urlUtils = options.urlUtils, ipRangeChecker = options.ipRangeChecker;
         var cipherUtils = tokenVersion === risk_token_1.TokenVersion.V2 ? null : options.cipherUtils;
         var cors = options.cors || new cors_1.DefaultCors(config);
         var telemetry = options.telemetry || new telemetry_1.DefaultTelemetry(config, httpClient, base64Utils, hmacUtils);
@@ -262,6 +263,7 @@ var EnforcerBase = /** @class */ (function () {
             base64Utils: base64Utils,
             hmacUtils: hmacUtils,
             hashUtils: hashUtils,
+            urlUtils: urlUtils,
             ipRangeChecker: ipRangeChecker,
             cors: cors,
             telemetry: telemetry,
@@ -275,22 +277,23 @@ var EnforcerBase = /** @class */ (function () {
             remoteConfigServiceClient: remoteConfigServiceClient,
             remoteConfigUpdater: remoteConfigUpdater,
         };
-        var products = this.initializeProducts(config, options.products, base64Utils, hashUtils, ipRangeChecker);
+        var products = this.initializeProducts(config, options.products, base64Utils, hashUtils, urlUtils, ipRangeChecker);
         return __assign({ products: products }, allOptions);
     };
-    EnforcerBase.prototype.initializeProducts = function (config, products, base64Utils, hashUtils, ipRangeChecker) {
+    EnforcerBase.prototype.initializeProducts = function (config, products, base64Utils, hashUtils, urlUtils, ipRangeChecker) {
         var _a;
-        var botDefender = (products === null || products === void 0 ? void 0 : products.bd) || new products_1.BotDefender(config, { base64Utils: base64Utils, ipRangeChecker: ipRangeChecker });
+        var botDefender = (products === null || products === void 0 ? void 0 : products.bd) || new products_1.BotDefender(config, { base64Utils: base64Utils, ipRangeChecker: ipRangeChecker, urlUtils: urlUtils });
         var accountDefender = (products === null || products === void 0 ? void 0 : products.ad) || new products_1.AccountDefender(config, { base64Utils: base64Utils });
         var credentialIntelligence = config.ciEnabled
-            ? (products === null || products === void 0 ? void 0 : products.ci) || new products_1.CredentialIntelligence(config, hashUtils)
+            ? (products === null || products === void 0 ? void 0 : products.ci) || new products_1.CredentialIntelligence(config, { hashUtils: hashUtils, urlUtils: urlUtils })
             : null;
+        var hypeSaleChallenge = (products === null || products === void 0 ? void 0 : products.hsc) || new products_2.HypeSaleChallenge(config, { base64Utils: base64Utils });
         return _a = {},
             _a[products_1.ProductName.BOT_DEFENDER] = botDefender,
             _a[products_1.ProductName.ACCOUNT_DEFENDER] = accountDefender,
             _a[products_1.ProductName.CODE_DEFENDER] = products === null || products === void 0 ? void 0 : products.cd,
             _a[products_1.ProductName.CREDENTIAL_INTELLIGENCE] = credentialIntelligence,
-            _a[products_1.ProductName.HYPE_SALE_CHALLENGE] = products === null || products === void 0 ? void 0 : products.hsc,
+            _a[products_1.ProductName.HYPE_SALE_CHALLENGE] = hypeSaleChallenge,
             _a;
     };
     return EnforcerBase;

package/lib/cjs/http/interfaces/index.js CHANGED Viewed

@@ -24,5 +24,3 @@ __exportStar(require("./IBody"), exports);
 __exportStar(require("./IHeaders"), exports);
 __exportStar(require("./IFormData"), exports);
 __exportStar(require("./ReadonlyHeaders"), exports);
-__exportStar(require("./IURL"), exports);
-__exportStar(require("./IURLSearchParams"), exports);

package/lib/cjs/http/utils/constants.js CHANGED Viewed

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.HOST_HEADER_NAME = exports.SET_COOKIE_HEADER_NAME = exports.ACCEPT_HEADER_NAME = exports.AUTHORIZATION_HEADER_NAME = exports.COOKIE_HEADER_NAME = exports.CONTENT_LENGTH_HEADER_NAME = exports.CONTENT_TYPE_HEADER_NAME = exports.USER_AGENT_HEADER_NAME = exports.X_FORWARDED_FOR_HEADER_NAME = void 0;
+exports.CACHE_CONTROL_HEADER_NAME = exports.HOST_HEADER_NAME = exports.SET_COOKIE_HEADER_NAME = exports.ACCEPT_HEADER_NAME = exports.AUTHORIZATION_HEADER_NAME = exports.COOKIE_HEADER_NAME = exports.CONTENT_LENGTH_HEADER_NAME = exports.CONTENT_TYPE_HEADER_NAME = exports.USER_AGENT_HEADER_NAME = exports.X_FORWARDED_FOR_HEADER_NAME = void 0;
 exports.X_FORWARDED_FOR_HEADER_NAME = 'x-forwarded-for';
 exports.USER_AGENT_HEADER_NAME = 'user-agent';
 exports.CONTENT_TYPE_HEADER_NAME = 'content-type';
@@ -10,3 +10,4 @@ exports.AUTHORIZATION_HEADER_NAME = 'authorization';
 exports.ACCEPT_HEADER_NAME = 'accept';
 exports.SET_COOKIE_HEADER_NAME = 'set-cookie';
 exports.HOST_HEADER_NAME = 'host';
+exports.CACHE_CONTROL_HEADER_NAME = 'cache-control';

package/lib/cjs/http/utils/index.js CHANGED Viewed

@@ -22,6 +22,3 @@ __exportStar(require("./MultipartFormDataUtils"), exports);
 __exportStar(require("./FormDataImpl"), exports);
 __exportStar(require("./MinimalResponseImpl"), exports);
 __exportStar(require("./OutgoingRequestImpl"), exports);
-__exportStar(require("./UrlImpl"), exports);
-__exportStar(require("./UrlSearchParamsImpl"), exports);
-__exportStar(require("./URLUtils"), exports);

package/lib/cjs/impl/cipher/CryptoCipherUtils.js CHANGED Viewed

@@ -61,6 +61,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.CryptoCipherUtils = void 0;
 var crypto = __importStar(require("crypto"));
+var utils_1 = require("../../utils");
 var CryptoCipherUtils = /** @class */ (function () {
     function CryptoCipherUtils(cryptoModule) {
         if (cryptoModule === void 0) { cryptoModule = crypto; }
@@ -72,7 +73,7 @@ var CryptoCipherUtils = /** @class */ (function () {
             return __generator(this, function (_a) {
                 keylen = (options === null || options === void 0 ? void 0 : options.keylen) || 32;
                 ivlen = (options === null || options === void 0 ? void 0 : options.ivlen) || 16;
-                derivation = this.crypto.pbkdf2Sync(secret, Buffer.from(salt, 'base64'), iterations, keylen + ivlen, 'sha256');
+                derivation = this.crypto.pbkdf2Sync(secret, Buffer.from(salt, 'base64'), iterations, keylen + ivlen, (0, utils_1.algoToCryptoString)(utils_1.Algorithm.SHA256));
                 key = derivation.subarray(0, keylen);
                 iv = derivation.subarray(keylen);
                 cipher = this.crypto.createDecipheriv('aes-256-cbc', key, iv);

package/lib/cjs/impl/hash/CryptoHashUtils.js CHANGED Viewed

@@ -61,6 +61,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.CryptoHashUtils = void 0;
 var crypto = __importStar(require("crypto"));
+var utils_1 = require("../../utils");
 var CryptoHashUtils = /** @class */ (function () {
     function CryptoHashUtils(cryptoModule) {
         if (cryptoModule === void 0) { cryptoModule = crypto; }
@@ -69,7 +70,7 @@ var CryptoHashUtils = /** @class */ (function () {
     CryptoHashUtils.prototype.hashString = function (text, algo) {
         return __awaiter(this, void 0, void 0, function () {
             return __generator(this, function (_a) {
-                return [2 /*return*/, this.crypto.createHash(algo).update(text).digest('hex')];
+                return [2 /*return*/, this.crypto.createHash((0, utils_1.algoToCryptoString)(algo)).update(text).digest('hex')];
             });
         });
     };