perimeterx-js-core 0.18.2 → 0.19.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/cjs/additional_activity_handler/AdditionalActivityHandlerUtils.js +1 -1
- package/lib/cjs/blocker/utils.js +1 -3
- package/lib/cjs/config/ConfigurationBase.js +98 -91
- package/lib/cjs/config/ConfigurationBuilderBase.js +8 -7
- package/lib/cjs/config/defaults/DefaultStaticConfigurationParams.js +0 -1
- package/lib/cjs/config/remote_config/DefaultRemoteConfigUpdater.js +1 -1
- package/lib/cjs/config/remote_config/RemoteConfigUtils.js +1 -1
- package/lib/cjs/context/DefaultContext.js +4 -1
- package/lib/cjs/custom_parameters/CustomParametersUtils.js +1 -1
- package/lib/cjs/telemetry/DefaultTelemetry.js +14 -4
- package/lib/cjs/utils/constants.js +1 -1
- package/lib/cjs/utils/utils.js +25 -1
- package/lib/esm/additional_activity_handler/AdditionalActivityHandlerUtils.js +1 -1
- package/lib/esm/blocker/utils.js +1 -2
- package/lib/esm/config/ConfigurationBase.js +100 -91
- package/lib/esm/config/ConfigurationBuilderBase.js +7 -6
- package/lib/esm/config/defaults/DefaultStaticConfigurationParams.js +0 -1
- package/lib/esm/config/remote_config/DefaultRemoteConfigUpdater.js +1 -1
- package/lib/esm/config/remote_config/RemoteConfigUtils.js +1 -1
- package/lib/esm/context/DefaultContext.js +5 -2
- package/lib/esm/custom_parameters/CustomParametersUtils.js +1 -1
- package/lib/esm/telemetry/DefaultTelemetry.js +15 -5
- package/lib/esm/utils/constants.js +1 -1
- package/lib/esm/utils/utils.js +23 -0
- package/lib/types/config/ConfigurationBase.d.ts +8 -3
- package/lib/types/config/IConfiguration.d.ts +14 -6
- package/lib/types/config/params/StaticConfigurationParams.d.ts +0 -1
- package/lib/types/telemetry/model/TelemetryActivity.d.ts +7 -2
- package/lib/types/utils/constants.d.ts +1 -1
- package/lib/types/utils/utils.d.ts +1 -0
- package/package.json +1 -1
|
@@ -54,21 +54,22 @@ var ConfigurationBuilderBase = /** @class */ (function () {
|
|
|
54
54
|
}
|
|
55
55
|
ConfigurationBuilderBase.prototype.build = function (params) {
|
|
56
56
|
return __awaiter(this, void 0, void 0, function () {
|
|
57
|
-
var
|
|
57
|
+
var config, remoteConfigParams;
|
|
58
58
|
return __generator(this, function (_a) {
|
|
59
59
|
switch (_a.label) {
|
|
60
60
|
case 0:
|
|
61
|
-
|
|
62
|
-
if (!
|
|
63
|
-
return [2 /*return*/,
|
|
61
|
+
config = this.createConfiguration(params);
|
|
62
|
+
if (!config.remoteConfigAuthToken) {
|
|
63
|
+
return [2 /*return*/, config];
|
|
64
64
|
}
|
|
65
|
-
return [4 /*yield*/, this.getRemoteConfigParams(
|
|
65
|
+
return [4 /*yield*/, this.getRemoteConfigParams(config)];
|
|
66
66
|
case 1:
|
|
67
67
|
remoteConfigParams = _a.sent();
|
|
68
68
|
if (!remoteConfigParams) {
|
|
69
|
-
return [2 /*return*/,
|
|
69
|
+
return [2 /*return*/, config];
|
|
70
70
|
}
|
|
71
|
-
|
|
71
|
+
config.addRemoteConfig(remoteConfigParams);
|
|
72
|
+
return [2 /*return*/, config];
|
|
72
73
|
}
|
|
73
74
|
});
|
|
74
75
|
});
|
|
@@ -46,7 +46,7 @@ var DefaultRemoteConfigUpdater = /** @class */ (function () {
|
|
|
46
46
|
this.storageClient = options.storageClient;
|
|
47
47
|
this.timestampHmacHeaderValidator =
|
|
48
48
|
options.timestampHmacHeaderValidator ||
|
|
49
|
-
new utils_1.DefaultTimestampHmacHeaderValidator(config, config.
|
|
49
|
+
new utils_1.DefaultTimestampHmacHeaderValidator(config, config.remoteConfigAuthToken, options.base64Utils, options.hmacUtils);
|
|
50
50
|
}
|
|
51
51
|
DefaultRemoteConfigUpdater.prototype.isUpdateRemoteConfigRequest = function (context) {
|
|
52
52
|
return context.isRemoteConfigUpdateRequest;
|
|
@@ -7,7 +7,7 @@ var constants_1 = require("./constants");
|
|
|
7
7
|
var RemoteConfigUtils;
|
|
8
8
|
(function (RemoteConfigUtils) {
|
|
9
9
|
RemoteConfigUtils.isRemoteConfigUpdateRequest = function (request) {
|
|
10
|
-
return request.method === http_1.HttpMethod.
|
|
10
|
+
return request.method === http_1.HttpMethod.POST &&
|
|
11
11
|
request.headers.get(utils_1.PUSH_DATA_FEATURE_HEADER_NAME) === constants_1.REMOTE_CONFIG_PUSH_DATA_FEATURE_NAME &&
|
|
12
12
|
!!request.headers.get(utils_1.PUSH_DATA_HMAC_HEADER_NAME);
|
|
13
13
|
};
|
|
@@ -119,7 +119,10 @@ var DefaultContext = /** @class */ (function () {
|
|
|
119
119
|
return request.headers.get(utils_1.X_PX_AUTHORIZATION_HEADER_NAME) ? risk_token_1.TokenOrigin.HEADER : risk_token_1.TokenOrigin.COOKIE;
|
|
120
120
|
};
|
|
121
121
|
DefaultContext.prototype.setCookiesOnContext = function () {
|
|
122
|
-
|
|
122
|
+
var vidValue = this.requestData.cookies[utils_1.PXVID_COOKIE_NAME];
|
|
123
|
+
if ((0, utils_1.isValidUuid)(vidValue)) {
|
|
124
|
+
this.vid = vidValue;
|
|
125
|
+
}
|
|
123
126
|
var pxhdCookie = this.requestData.cookies[utils_1.PXHD_COOKIE_NAME];
|
|
124
127
|
if (pxhdCookie) {
|
|
125
128
|
this.pxhd = {
|
|
@@ -50,7 +50,7 @@ var CustomParametersUtils;
|
|
|
50
50
|
_a.label = 1;
|
|
51
51
|
case 1:
|
|
52
52
|
_a.trys.push([1, 3, , 4]);
|
|
53
|
-
return [4 /*yield*/, config.enrichCustomParameters(config.
|
|
53
|
+
return [4 /*yield*/, config.enrichCustomParameters(config.getActiveConfig(), context.requestData.request.getUnderlyingRequest())];
|
|
54
54
|
case 2:
|
|
55
55
|
parameters = _a.sent();
|
|
56
56
|
return [2 /*return*/, CustomParametersUtils.normalizeCustomParams(parameters)];
|
|
@@ -127,16 +127,26 @@ var DefaultTelemetry = /** @class */ (function () {
|
|
|
127
127
|
_a[http_1.AUTHORIZATION_HEADER_NAME] = [(0, utils_1.getAuthorizationHeader)(this.config.authToken)],
|
|
128
128
|
_a);
|
|
129
129
|
var activity = this.createTelemetryActivity(context);
|
|
130
|
-
|
|
130
|
+
context.logger.debug("created telemetry activity config - ".concat(JSON.stringify(activity.details.enforcer_configs, utils_1.telemetryConfigReplacer)));
|
|
131
|
+
return new http_1.OutgoingRequestImpl({
|
|
132
|
+
url: url,
|
|
133
|
+
method: method,
|
|
134
|
+
headers: headers,
|
|
135
|
+
body: JSON.stringify(activity, utils_1.telemetryConfigReplacer),
|
|
136
|
+
});
|
|
131
137
|
};
|
|
132
138
|
DefaultTelemetry.prototype.createTelemetryActivity = function (context) {
|
|
133
139
|
var SENSITIVE_CONFIG_FIELDS = [
|
|
134
140
|
'px_auth_token',
|
|
135
141
|
'px_cookie_secret',
|
|
136
142
|
'px_logger_auth_token',
|
|
143
|
+
'px_remote_config_auth_token',
|
|
137
144
|
];
|
|
138
|
-
var
|
|
139
|
-
|
|
145
|
+
var telemetryConfig = {
|
|
146
|
+
active_config: (0, utils_1.removeSensitiveFields)(this.config.getActiveConfig(), SENSITIVE_CONFIG_FIELDS),
|
|
147
|
+
static_config: (0, utils_1.removeSensitiveFields)(this.config.getStaticConfig(), SENSITIVE_CONFIG_FIELDS),
|
|
148
|
+
remote_config: (0, utils_1.removeSensitiveFields)(this.config.getRemoteConfig(), SENSITIVE_CONFIG_FIELDS),
|
|
149
|
+
};
|
|
140
150
|
var activity = {
|
|
141
151
|
type: activities_1.ActivityType.ENFORCER_TELEMETRY,
|
|
142
152
|
timestamp: Date.now(),
|
|
@@ -144,7 +154,7 @@ var DefaultTelemetry = /** @class */ (function () {
|
|
|
144
154
|
details: {
|
|
145
155
|
update_reason: constants_1.TELEMETRY_UPDATE_REASON,
|
|
146
156
|
module_version: this.config.moduleVersion,
|
|
147
|
-
enforcer_configs:
|
|
157
|
+
enforcer_configs: telemetryConfig,
|
|
148
158
|
},
|
|
149
159
|
};
|
|
150
160
|
(0, utils_1.transferExistingProperties)(context.serverData, activity.details, {
|
|
@@ -13,4 +13,4 @@ exports.PUSH_DATA_HMAC_HEADER_NAME = 'x-px-pushdata';
|
|
|
13
13
|
exports.PUSH_DATA_FEATURE_HEADER_NAME = 'x-px-feature';
|
|
14
14
|
exports.EMAIL_ADDRESS_REGEX = /^[a-zA-Z0-9_+&*-]+(?:\.[a-zA-Z0-9_+&*-]+)*@(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]{2,7}$/;
|
|
15
15
|
exports.URL_REGEX = /^(https?\:)\/\/(([^@\s:]+):?([^@\s]*)@)?(([^:\/?#]*)(?:\:([0-9]+))?)([\/]{0,1}[^?#]*)(\?[^#]*|)(#.*|)$/;
|
|
16
|
-
exports.CORE_MODULE_VERSION = 'JS Core 0.
|
|
16
|
+
exports.CORE_MODULE_VERSION = 'JS Core 0.19.0';
|
package/lib/cjs/utils/utils.js
CHANGED
|
@@ -36,7 +36,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
|
36
36
|
}
|
|
37
37
|
};
|
|
38
38
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
39
|
-
exports.algoToCryptoString = exports.algoToSubtleCryptoString = exports.sleep = exports.getPropertyFromObject = exports.rejectOnTimeout = exports.transferExistingProperties = exports.isRouteMatch = exports.isRouteInPatterns = exports.removeSensitiveHeaders = exports.removeSensitiveFields = exports.getExtension = exports.getAuthorizationHeader = exports.getCollectorDomain = exports.getScoreApiDomain = exports.isEmailAddress = exports.isValidUuid = exports.isValidEnumValue = void 0;
|
|
39
|
+
exports.telemetryConfigReplacer = exports.algoToCryptoString = exports.algoToSubtleCryptoString = exports.sleep = exports.getPropertyFromObject = exports.rejectOnTimeout = exports.transferExistingProperties = exports.isRouteMatch = exports.isRouteInPatterns = exports.removeSensitiveHeaders = exports.removeSensitiveFields = exports.getExtension = exports.getAuthorizationHeader = exports.getCollectorDomain = exports.getScoreApiDomain = exports.isEmailAddress = exports.isValidUuid = exports.isValidEnumValue = void 0;
|
|
40
40
|
var http_1 = require("../http");
|
|
41
41
|
var error_1 = require("./error");
|
|
42
42
|
var constants_1 = require("./constants");
|
|
@@ -184,3 +184,27 @@ var algoToCryptoString = function (algo) {
|
|
|
184
184
|
}
|
|
185
185
|
};
|
|
186
186
|
exports.algoToCryptoString = algoToCryptoString;
|
|
187
|
+
// Hash based on https://stackoverflow.com/questions/7616461/generate-a-hash-from-string-in-javascript
|
|
188
|
+
var toHash = function (string) {
|
|
189
|
+
var hash = 0;
|
|
190
|
+
if (string.length === 0) {
|
|
191
|
+
return hash.toString();
|
|
192
|
+
}
|
|
193
|
+
for (var i = 0; i < string.length; i++) {
|
|
194
|
+
var char = string.charCodeAt(i);
|
|
195
|
+
hash = (hash << 5) - hash + char;
|
|
196
|
+
hash = hash & hash;
|
|
197
|
+
}
|
|
198
|
+
return hash.toString();
|
|
199
|
+
};
|
|
200
|
+
var telemetryConfigReplacer = function (key, value) {
|
|
201
|
+
if (value instanceof RegExp) {
|
|
202
|
+
return '_REGEXP ' + value.toString();
|
|
203
|
+
}
|
|
204
|
+
if (value instanceof Function) {
|
|
205
|
+
return '_FUNCTION_HASH' + toHash(value.toString()); // NOTE: Do not log functions
|
|
206
|
+
}
|
|
207
|
+
else
|
|
208
|
+
return value;
|
|
209
|
+
};
|
|
210
|
+
exports.telemetryConfigReplacer = telemetryConfigReplacer;
|
|
@@ -4,7 +4,7 @@ export var AdditionalActivityHandlerUtils;
|
|
|
4
4
|
if (config.additionalActivityHandler && typeof config.additionalActivityHandler === 'function') {
|
|
5
5
|
try {
|
|
6
6
|
context.logger.debug('calling additional activity handler');
|
|
7
|
-
await config.additionalActivityHandler(config.
|
|
7
|
+
await config.additionalActivityHandler(config.getActiveConfig(), context, context.requestData.request.getUnderlyingRequest());
|
|
8
8
|
}
|
|
9
9
|
catch (e) {
|
|
10
10
|
context.logger.error(`caught additional activity handler error - ${e}`);
|
package/lib/esm/blocker/utils.js
CHANGED
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
import { PXVID_COOKIE_NAME } from '../utils';
|
|
2
1
|
import { FirstPartySuffix, getMostCustomizedFirstPartyPath } from '../products';
|
|
3
2
|
export const renderHtml = (htmlTemplate, blockData) => {
|
|
4
3
|
if (!blockData) {
|
|
@@ -30,7 +29,7 @@ export const createBlockData = (config, context, base64Utils) => {
|
|
|
30
29
|
const jsTemplateScriptSrc = `https://captcha.px-cdn.net/${config.appId}/checkpoint.js`;
|
|
31
30
|
return {
|
|
32
31
|
appId: config.appId,
|
|
33
|
-
vid: context.vid ||
|
|
32
|
+
vid: context.vid || '',
|
|
34
33
|
uuid: context.uuid || '',
|
|
35
34
|
isMobile: context.isMobile,
|
|
36
35
|
customLogo: config.customLogo || '',
|
|
@@ -2,14 +2,16 @@ import { DEFAULT_CONFIGURATION_PARAMS } from './defaults';
|
|
|
2
2
|
import { LoggerSeverity, DefaultLogger } from '../logger';
|
|
3
3
|
import { ModuleMode, getScoreApiDomain, getCollectorDomain, isValidEnumValue, EnforcerError, CORE_MODULE_VERSION, } from '../utils';
|
|
4
4
|
export class ConfigurationBase {
|
|
5
|
-
|
|
5
|
+
activeConfigParams;
|
|
6
|
+
staticConfigParams;
|
|
7
|
+
remoteConfigParams;
|
|
8
|
+
defaultConfigParams;
|
|
6
9
|
internalLogger;
|
|
7
10
|
constructor(params, defaultParams) {
|
|
8
|
-
this.
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
this.internalLogger = this.createInternalLogger(this.configParams.px_logger_severity);
|
|
11
|
+
this.defaultConfigParams = { ...DEFAULT_CONFIGURATION_PARAMS, ...defaultParams };
|
|
12
|
+
this.activeConfigParams = this.initialize(params, this.defaultConfigParams);
|
|
13
|
+
this.staticConfigParams = params;
|
|
14
|
+
this.internalLogger = this.createInternalLogger(this.activeConfigParams.px_logger_severity);
|
|
13
15
|
}
|
|
14
16
|
initialize(params, defaultParams) {
|
|
15
17
|
this.throwIfMissingRequiredField(params);
|
|
@@ -64,8 +66,18 @@ export class ConfigurationBase {
|
|
|
64
66
|
createInternalLogger(loggerSeverity) {
|
|
65
67
|
return new DefaultLogger(loggerSeverity, false);
|
|
66
68
|
}
|
|
67
|
-
|
|
68
|
-
|
|
69
|
+
addRemoteConfig(remoteConfigParams) {
|
|
70
|
+
this.remoteConfigParams = remoteConfigParams;
|
|
71
|
+
this.activeConfigParams = this.initialize({ ...this.staticConfigParams, ...remoteConfigParams }, this.defaultConfigParams);
|
|
72
|
+
}
|
|
73
|
+
getActiveConfig() {
|
|
74
|
+
return Object.assign({}, this.activeConfigParams);
|
|
75
|
+
}
|
|
76
|
+
getStaticConfig() {
|
|
77
|
+
return Object.assign({}, this.staticConfigParams);
|
|
78
|
+
}
|
|
79
|
+
getRemoteConfig() {
|
|
80
|
+
return Object.assign({}, this.remoteConfigParams);
|
|
69
81
|
}
|
|
70
82
|
get moduleVersion() {
|
|
71
83
|
return `${this.getModuleVersion()} (${CORE_MODULE_VERSION})`;
|
|
@@ -74,252 +86,249 @@ export class ConfigurationBase {
|
|
|
74
86
|
return this.internalLogger;
|
|
75
87
|
}
|
|
76
88
|
get appId() {
|
|
77
|
-
return this.
|
|
89
|
+
return this.activeConfigParams.px_app_id;
|
|
78
90
|
}
|
|
79
91
|
get authToken() {
|
|
80
|
-
return this.
|
|
92
|
+
return this.activeConfigParams.px_auth_token;
|
|
81
93
|
}
|
|
82
94
|
get blockingScore() {
|
|
83
|
-
return this.
|
|
95
|
+
return this.activeConfigParams.px_blocking_score;
|
|
84
96
|
}
|
|
85
97
|
get bypassMonitorHeader() {
|
|
86
|
-
return this.
|
|
98
|
+
return this.activeConfigParams.px_bypass_monitor_header;
|
|
87
99
|
}
|
|
88
100
|
get cookieSecret() {
|
|
89
|
-
return this.
|
|
101
|
+
return this.activeConfigParams.px_cookie_secret;
|
|
90
102
|
}
|
|
91
103
|
get customCookieHeader() {
|
|
92
|
-
return this.
|
|
104
|
+
return this.activeConfigParams.px_custom_cookie_header;
|
|
93
105
|
}
|
|
94
106
|
get customLogo() {
|
|
95
|
-
return this.
|
|
107
|
+
return this.activeConfigParams.px_custom_logo;
|
|
96
108
|
}
|
|
97
109
|
get enforcedRoutes() {
|
|
98
|
-
return this.
|
|
110
|
+
return this.activeConfigParams.px_enforced_routes;
|
|
99
111
|
}
|
|
100
112
|
get customIsEnforcedRequest() {
|
|
101
|
-
return this.
|
|
113
|
+
return this.activeConfigParams.px_custom_is_enforced_request;
|
|
102
114
|
}
|
|
103
115
|
get filteredExtensions() {
|
|
104
|
-
return this.
|
|
116
|
+
return this.activeConfigParams.px_filter_by_extension.map((ext) => ext.startsWith('.') ? ext : `.${ext}`);
|
|
105
117
|
}
|
|
106
118
|
get filteredHttpMethods() {
|
|
107
|
-
return this.
|
|
119
|
+
return this.activeConfigParams.px_filter_by_http_method;
|
|
108
120
|
}
|
|
109
121
|
get filteredIps() {
|
|
110
|
-
return this.
|
|
122
|
+
return this.activeConfigParams.px_filter_by_ip;
|
|
111
123
|
}
|
|
112
124
|
get filteredRoutes() {
|
|
113
|
-
return this.
|
|
125
|
+
return this.activeConfigParams.px_filter_by_route;
|
|
114
126
|
}
|
|
115
127
|
get filteredUserAgents() {
|
|
116
|
-
return this.
|
|
128
|
+
return this.activeConfigParams.px_filter_by_user_agent;
|
|
117
129
|
}
|
|
118
130
|
get firstPartyEnabled() {
|
|
119
|
-
return this.
|
|
131
|
+
return this.activeConfigParams.px_first_party_enabled;
|
|
120
132
|
}
|
|
121
133
|
get customIsFilteredRequest() {
|
|
122
|
-
return this.
|
|
134
|
+
return this.activeConfigParams.px_custom_is_filtered_request;
|
|
123
135
|
}
|
|
124
136
|
get customFirstPartyPrefix() {
|
|
125
|
-
return this.
|
|
137
|
+
return this.activeConfigParams.px_custom_first_party_prefix;
|
|
126
138
|
}
|
|
127
139
|
get customFirstPartySensorEndpoint() {
|
|
128
|
-
return this.
|
|
140
|
+
return this.activeConfigParams.px_custom_first_party_sensor_endpoint;
|
|
129
141
|
}
|
|
130
142
|
get customFirstPartyXhrEndpoint() {
|
|
131
|
-
return this.
|
|
143
|
+
return this.activeConfigParams.px_custom_first_party_xhr_endpoint;
|
|
132
144
|
}
|
|
133
145
|
get customFirstPartyCaptchaEndpoint() {
|
|
134
|
-
return this.
|
|
146
|
+
return this.activeConfigParams.px_custom_first_party_captcha_endpoint;
|
|
135
147
|
}
|
|
136
148
|
get firstPartyTimeoutMs() {
|
|
137
|
-
return this.
|
|
149
|
+
return this.activeConfigParams.px_first_party_timeout_ms;
|
|
138
150
|
}
|
|
139
151
|
get loggerSeverity() {
|
|
140
152
|
return this.logger.getLoggerSeverity();
|
|
141
153
|
}
|
|
142
154
|
get moduleEnabled() {
|
|
143
|
-
return this.
|
|
155
|
+
return this.activeConfigParams.px_module_enabled;
|
|
144
156
|
}
|
|
145
157
|
get moduleMode() {
|
|
146
|
-
return this.
|
|
158
|
+
return this.activeConfigParams.px_module_mode;
|
|
147
159
|
}
|
|
148
160
|
get monitoredRoutes() {
|
|
149
|
-
return this.
|
|
161
|
+
return this.activeConfigParams.px_monitored_routes;
|
|
150
162
|
}
|
|
151
163
|
get customIsMonitoredRequest() {
|
|
152
|
-
return this.
|
|
164
|
+
return this.activeConfigParams.px_custom_is_monitored_request;
|
|
153
165
|
}
|
|
154
166
|
get s2sTimeout() {
|
|
155
|
-
return this.
|
|
167
|
+
return this.activeConfigParams.px_s2s_timeout;
|
|
156
168
|
}
|
|
157
169
|
get sensitiveHeaders() {
|
|
158
|
-
return this.
|
|
170
|
+
return this.activeConfigParams.px_sensitive_headers;
|
|
159
171
|
}
|
|
160
172
|
get sensitiveRoutes() {
|
|
161
|
-
return this.
|
|
173
|
+
return this.activeConfigParams.px_sensitive_routes;
|
|
162
174
|
}
|
|
163
175
|
get customIsSensitiveRequest() {
|
|
164
|
-
return this.
|
|
176
|
+
return this.activeConfigParams.px_custom_is_sensitive_request;
|
|
165
177
|
}
|
|
166
178
|
get advancedBlockingResponseEnabled() {
|
|
167
|
-
return this.
|
|
179
|
+
return this.activeConfigParams.px_advanced_blocking_response_enabled;
|
|
168
180
|
}
|
|
169
181
|
get backendScoreApiUrl() {
|
|
170
|
-
return this.
|
|
182
|
+
return this.activeConfigParams.px_backend_url;
|
|
171
183
|
}
|
|
172
184
|
get ipHeaders() {
|
|
173
|
-
return this.
|
|
185
|
+
return this.activeConfigParams.px_ip_headers;
|
|
174
186
|
}
|
|
175
187
|
get backendCaptchaUrl() {
|
|
176
|
-
return this.
|
|
188
|
+
return this.activeConfigParams.px_backend_captcha_url;
|
|
177
189
|
}
|
|
178
190
|
get backendClientUrl() {
|
|
179
|
-
return this.
|
|
191
|
+
return this.activeConfigParams.px_backend_client_url;
|
|
180
192
|
}
|
|
181
193
|
get backendCollectorUrl() {
|
|
182
|
-
return this.
|
|
194
|
+
return this.activeConfigParams.px_backend_collector_url;
|
|
183
195
|
}
|
|
184
196
|
get cssRef() {
|
|
185
|
-
return this.
|
|
197
|
+
return this.activeConfigParams.px_css_ref;
|
|
186
198
|
}
|
|
187
199
|
get jsRef() {
|
|
188
|
-
return this.
|
|
200
|
+
return this.activeConfigParams.px_js_ref;
|
|
189
201
|
}
|
|
190
202
|
get riskCookieMaxIterations() {
|
|
191
|
-
return this.
|
|
203
|
+
return this.activeConfigParams.px_risk_cookie_max_iterations;
|
|
192
204
|
}
|
|
193
205
|
get riskCookieMinIterations() {
|
|
194
|
-
return this.
|
|
206
|
+
return this.activeConfigParams.px_risk_cookie_min_iterations;
|
|
195
207
|
}
|
|
196
208
|
get riskCookieMaxLength() {
|
|
197
|
-
return this.
|
|
209
|
+
return this.activeConfigParams.px_risk_cookie_max_length;
|
|
198
210
|
}
|
|
199
211
|
get userAgentMaxLength() {
|
|
200
|
-
return this.
|
|
212
|
+
return this.activeConfigParams.px_user_agent_max_length;
|
|
201
213
|
}
|
|
202
214
|
get maxActivityBatchSize() {
|
|
203
|
-
return this.
|
|
215
|
+
return this.activeConfigParams.px_max_activity_batch_size;
|
|
204
216
|
}
|
|
205
217
|
get activityBatchTimeoutMs() {
|
|
206
|
-
return this.
|
|
218
|
+
return this.activeConfigParams.px_batch_activities_timeout_ms;
|
|
207
219
|
}
|
|
208
220
|
get graphqlEnabled() {
|
|
209
|
-
return this.
|
|
221
|
+
return this.activeConfigParams.px_graphql_enabled;
|
|
210
222
|
}
|
|
211
223
|
get graphqlRoutes() {
|
|
212
|
-
return this.
|
|
224
|
+
return this.activeConfigParams.px_graphql_routes;
|
|
213
225
|
}
|
|
214
226
|
get sensitiveGraphqlOperationNames() {
|
|
215
|
-
return this.
|
|
227
|
+
return this.activeConfigParams.px_sensitive_graphql_operation_names;
|
|
216
228
|
}
|
|
217
229
|
get sensitiveGraphqlOperationTypes() {
|
|
218
|
-
return this.
|
|
230
|
+
return this.activeConfigParams.px_sensitive_graphql_operation_types;
|
|
219
231
|
}
|
|
220
232
|
get enrichCustomParameters() {
|
|
221
|
-
return this.
|
|
233
|
+
return this.activeConfigParams.px_enrich_custom_parameters || null;
|
|
222
234
|
}
|
|
223
235
|
get additionalActivityHandler() {
|
|
224
|
-
return this.
|
|
236
|
+
return this.activeConfigParams.px_additional_activity_handler || null;
|
|
225
237
|
}
|
|
226
238
|
get altBackendCaptchaUrl() {
|
|
227
239
|
return 'https://captcha.px-cloud.net';
|
|
228
240
|
}
|
|
229
241
|
get corsSupportEnabled() {
|
|
230
|
-
return this.
|
|
242
|
+
return this.activeConfigParams.px_cors_support_enabled;
|
|
231
243
|
}
|
|
232
244
|
get corsCustomPreflightHandler() {
|
|
233
|
-
return this.
|
|
245
|
+
return this.activeConfigParams.px_cors_custom_preflight_handler || null;
|
|
234
246
|
}
|
|
235
247
|
get corsPreflightRequestFilterEnabled() {
|
|
236
|
-
return this.
|
|
248
|
+
return this.activeConfigParams.px_cors_preflight_request_filter_enabled;
|
|
237
249
|
}
|
|
238
250
|
get corsCreateCustomBlockResponseHeaders() {
|
|
239
|
-
return this.
|
|
251
|
+
return this.activeConfigParams.px_cors_create_custom_block_response_headers || null;
|
|
240
252
|
}
|
|
241
253
|
get jwtCookieAdditionalFieldNames() {
|
|
242
|
-
return this.
|
|
254
|
+
return this.activeConfigParams.px_jwt_cookie_additional_field_names;
|
|
243
255
|
}
|
|
244
256
|
get jwtCookieName() {
|
|
245
|
-
return this.
|
|
257
|
+
return this.activeConfigParams.px_jwt_cookie_name;
|
|
246
258
|
}
|
|
247
259
|
get jwtCookieUserIdFieldName() {
|
|
248
|
-
return this.
|
|
260
|
+
return this.activeConfigParams.px_jwt_cookie_user_id_field_name;
|
|
249
261
|
}
|
|
250
262
|
get jwtHeaderAdditionalFieldNames() {
|
|
251
|
-
return this.
|
|
263
|
+
return this.activeConfigParams.px_jwt_header_additional_field_names;
|
|
252
264
|
}
|
|
253
265
|
get jwtHeaderName() {
|
|
254
|
-
return this.
|
|
266
|
+
return this.activeConfigParams.px_jwt_header_name;
|
|
255
267
|
}
|
|
256
268
|
get jwtHeaderUserIdFieldName() {
|
|
257
|
-
return this.
|
|
269
|
+
return this.activeConfigParams.px_jwt_header_user_id_field_name;
|
|
258
270
|
}
|
|
259
271
|
get ciEnabled() {
|
|
260
|
-
return this.
|
|
272
|
+
return this.activeConfigParams.px_login_credentials_extraction_enabled;
|
|
261
273
|
}
|
|
262
274
|
get loggerAuthToken() {
|
|
263
|
-
return this.
|
|
275
|
+
return this.activeConfigParams.px_logger_auth_token;
|
|
264
276
|
}
|
|
265
277
|
get ciEndpoints() {
|
|
266
|
-
return this.
|
|
278
|
+
return this.activeConfigParams.px_login_credentials_extraction;
|
|
267
279
|
}
|
|
268
280
|
get ciCompromisedCredentialsHeaderName() {
|
|
269
|
-
return this.
|
|
281
|
+
return this.activeConfigParams.px_compromised_credentials_header;
|
|
270
282
|
}
|
|
271
283
|
get ciSendRawUsernameOnAdditionalS2SActivity() {
|
|
272
|
-
return this.
|
|
284
|
+
return this.activeConfigParams.px_send_raw_username_on_additional_s2s_activity;
|
|
273
285
|
}
|
|
274
286
|
get ciAutomaticAdditionalS2SEnabled() {
|
|
275
|
-
return this.
|
|
287
|
+
return this.activeConfigParams.px_automatic_additional_s2s_activity_enabled;
|
|
276
288
|
}
|
|
277
289
|
get ciAdditionalS2SHeaderEnabled() {
|
|
278
|
-
return this.
|
|
290
|
+
return this.activeConfigParams.px_additional_s2s_activity_header_enabled;
|
|
279
291
|
}
|
|
280
292
|
get ciDefaultVersion() {
|
|
281
|
-
return this.
|
|
293
|
+
return this.activeConfigParams.px_credentials_intelligence_version;
|
|
282
294
|
}
|
|
283
295
|
get ciDefaultLoginSuccessfulReportingMethod() {
|
|
284
|
-
return this.
|
|
296
|
+
return this.activeConfigParams.px_login_successful_reporting_method;
|
|
285
297
|
}
|
|
286
298
|
get ciDefaultLoginSuccessfulStatus() {
|
|
287
|
-
return this.
|
|
299
|
+
return this.activeConfigParams.px_login_successful_status;
|
|
288
300
|
}
|
|
289
301
|
get ciDefaultLoginSuccessfulBodyRegex() {
|
|
290
|
-
return this.
|
|
302
|
+
return this.activeConfigParams.px_login_successful_body_regex;
|
|
291
303
|
}
|
|
292
304
|
get ciDefaultLoginSuccessfulHeaderName() {
|
|
293
|
-
return this.
|
|
305
|
+
return this.activeConfigParams.px_login_successful_header_name;
|
|
294
306
|
}
|
|
295
307
|
get ciDefaultLoginSuccessfulHeaderValue() {
|
|
296
|
-
return this.
|
|
308
|
+
return this.activeConfigParams.px_login_successful_header_value;
|
|
297
309
|
}
|
|
298
310
|
get ciDefaultLoginSuccessfulCustomCallback() {
|
|
299
|
-
return this.
|
|
311
|
+
return this.activeConfigParams.px_login_successful_custom_callback;
|
|
300
312
|
}
|
|
301
313
|
get remoteConfigAuthToken() {
|
|
302
|
-
return this.
|
|
303
|
-
}
|
|
304
|
-
get remoteConfigSecret() {
|
|
305
|
-
return this.configParams.px_remote_config_secret;
|
|
314
|
+
return this.activeConfigParams.px_remote_config_auth_token;
|
|
306
315
|
}
|
|
307
316
|
get remoteConfigVersion() {
|
|
308
|
-
return this.
|
|
317
|
+
return this.activeConfigParams.px_remote_config_version;
|
|
309
318
|
}
|
|
310
319
|
get remoteConfigId() {
|
|
311
|
-
return this.
|
|
320
|
+
return this.activeConfigParams.px_remote_config_id;
|
|
312
321
|
}
|
|
313
322
|
get remoteConfigRetryIntervalMs() {
|
|
314
|
-
return this.
|
|
323
|
+
return this.activeConfigParams.px_remote_config_retry_interval_ms;
|
|
315
324
|
}
|
|
316
325
|
get remoteConfigMaxFetchAttempts() {
|
|
317
|
-
return this.
|
|
326
|
+
return this.activeConfigParams.px_remote_config_max_fetch_attempts;
|
|
318
327
|
}
|
|
319
328
|
get urlDecodeReservedCharacters() {
|
|
320
|
-
return this.
|
|
329
|
+
return this.activeConfigParams.px_url_decode_reserved_characters;
|
|
321
330
|
}
|
|
322
331
|
get securedPxhdEnabled() {
|
|
323
|
-
return this.
|
|
332
|
+
return this.activeConfigParams.px_secured_pxhd_enabled;
|
|
324
333
|
}
|
|
325
334
|
}
|
|
@@ -4,15 +4,16 @@ export class ConfigurationBuilderBase {
|
|
|
4
4
|
this.base64Utils = base64Utils;
|
|
5
5
|
}
|
|
6
6
|
async build(params) {
|
|
7
|
-
const
|
|
8
|
-
if (!
|
|
9
|
-
return
|
|
7
|
+
const config = this.createConfiguration(params);
|
|
8
|
+
if (!config.remoteConfigAuthToken) {
|
|
9
|
+
return config;
|
|
10
10
|
}
|
|
11
|
-
const remoteConfigParams = await this.getRemoteConfigParams(
|
|
11
|
+
const remoteConfigParams = await this.getRemoteConfigParams(config);
|
|
12
12
|
if (!remoteConfigParams) {
|
|
13
|
-
return
|
|
13
|
+
return config;
|
|
14
14
|
}
|
|
15
|
-
|
|
15
|
+
config.addRemoteConfig(remoteConfigParams);
|
|
16
|
+
return config;
|
|
16
17
|
}
|
|
17
18
|
async getRemoteConfigParams(staticConfig) {
|
|
18
19
|
try {
|
|
@@ -11,7 +11,7 @@ export class DefaultRemoteConfigUpdater {
|
|
|
11
11
|
this.storageClient = options.storageClient;
|
|
12
12
|
this.timestampHmacHeaderValidator =
|
|
13
13
|
options.timestampHmacHeaderValidator ||
|
|
14
|
-
new DefaultTimestampHmacHeaderValidator(config, config.
|
|
14
|
+
new DefaultTimestampHmacHeaderValidator(config, config.remoteConfigAuthToken, options.base64Utils, options.hmacUtils);
|
|
15
15
|
}
|
|
16
16
|
isUpdateRemoteConfigRequest(context) {
|
|
17
17
|
return context.isRemoteConfigUpdateRequest;
|
|
@@ -3,7 +3,7 @@ import { PUSH_DATA_FEATURE_HEADER_NAME, PUSH_DATA_HMAC_HEADER_NAME } from '../..
|
|
|
3
3
|
import { REMOTE_CONFIG_PUSH_DATA_FEATURE_NAME } from './constants';
|
|
4
4
|
export var RemoteConfigUtils;
|
|
5
5
|
(function (RemoteConfigUtils) {
|
|
6
|
-
RemoteConfigUtils.isRemoteConfigUpdateRequest = (request) => request.method === HttpMethod.
|
|
6
|
+
RemoteConfigUtils.isRemoteConfigUpdateRequest = (request) => request.method === HttpMethod.POST &&
|
|
7
7
|
request.headers.get(PUSH_DATA_FEATURE_HEADER_NAME) === REMOTE_CONFIG_PUSH_DATA_FEATURE_NAME &&
|
|
8
8
|
!!request.headers.get(PUSH_DATA_HMAC_HEADER_NAME);
|
|
9
9
|
})(RemoteConfigUtils || (RemoteConfigUtils = {}));
|
|
@@ -4,7 +4,7 @@ import { PXHDSource } from '../pxhd';
|
|
|
4
4
|
import { TokenOrigin, TokenParseResult } from '../risk_token';
|
|
5
5
|
import { RiskApiCallResult } from '../risk_api';
|
|
6
6
|
import { COOKIE_HEADER_NAME, toReadonlyHeaders, USER_AGENT_HEADER_NAME, } from '../http';
|
|
7
|
-
import { StringSplitCookieParser, PXHD_COOKIE_NAME, PXVID_COOKIE_NAME, X_PX_AUTHORIZATION_HEADER_NAME, } from '../utils';
|
|
7
|
+
import { StringSplitCookieParser, PXHD_COOKIE_NAME, PXVID_COOKIE_NAME, X_PX_AUTHORIZATION_HEADER_NAME, isValidUuid, } from '../utils';
|
|
8
8
|
import { DefaultLogger, X_PX_ENFORCER_LOG_HEADER } from '../logger';
|
|
9
9
|
export class DefaultContext {
|
|
10
10
|
requestId;
|
|
@@ -125,7 +125,10 @@ export class DefaultContext {
|
|
|
125
125
|
return request.headers.get(X_PX_AUTHORIZATION_HEADER_NAME) ? TokenOrigin.HEADER : TokenOrigin.COOKIE;
|
|
126
126
|
}
|
|
127
127
|
setCookiesOnContext() {
|
|
128
|
-
|
|
128
|
+
const vidValue = this.requestData.cookies[PXVID_COOKIE_NAME];
|
|
129
|
+
if (isValidUuid(vidValue)) {
|
|
130
|
+
this.vid = vidValue;
|
|
131
|
+
}
|
|
129
132
|
const pxhdCookie = this.requestData.cookies[PXHD_COOKIE_NAME];
|
|
130
133
|
if (pxhdCookie) {
|
|
131
134
|
this.pxhd = {
|