perimeterx-js-core 0.18.2 → 0.20.0

package/lib/esm/config/ConfigurationBase.js

@@ -2,14 +2,16 @@ import { DEFAULT_CONFIGURATION_PARAMS } from './defaults';
 import { LoggerSeverity, DefaultLogger } from '../logger';
 import { ModuleMode, getScoreApiDomain, getCollectorDomain, isValidEnumValue, EnforcerError, CORE_MODULE_VERSION, } from '../utils';
 export class ConfigurationBase {
-    configParams;
+    activeConfigParams;
+    staticConfigParams;
+    remoteConfigParams;
+    defaultConfigParams;
     internalLogger;
     constructor(params, defaultParams) {
-        this.configParams = this.initialize(params, {
-            ...DEFAULT_CONFIGURATION_PARAMS,
-            ...defaultParams,
-        });
-        this.internalLogger = this.createInternalLogger(this.configParams.px_logger_severity);
+        this.defaultConfigParams = { ...DEFAULT_CONFIGURATION_PARAMS, ...defaultParams };
+        this.activeConfigParams = this.initialize(params, this.defaultConfigParams);
+        this.staticConfigParams = params;
+        this.internalLogger = this.createInternalLogger(this.activeConfigParams.px_logger_severity);
     }
     initialize(params, defaultParams) {
         this.throwIfMissingRequiredField(params);
@@ -64,8 +66,18 @@ export class ConfigurationBase {
     createInternalLogger(loggerSeverity) {
         return new DefaultLogger(loggerSeverity, false);
     }
-    toParams() {
-        return Object.assign({}, this.configParams);
+    addRemoteConfig(remoteConfigParams) {
+        this.remoteConfigParams = remoteConfigParams;
+        this.activeConfigParams = this.initialize({ ...this.staticConfigParams, ...remoteConfigParams }, this.defaultConfigParams);
+    }
+    getActiveConfig() {
+        return Object.assign({}, this.activeConfigParams);
+    }
+    getStaticConfig() {
+        return Object.assign({}, this.staticConfigParams);
+    }
+    getRemoteConfig() {
+        return Object.assign({}, this.remoteConfigParams);
     }
     get moduleVersion() {
         return `${this.getModuleVersion()} (${CORE_MODULE_VERSION})`;
@@ -74,252 +86,255 @@ export class ConfigurationBase {
         return this.internalLogger;
     }
     get appId() {
-        return this.configParams.px_app_id;
+        return this.activeConfigParams.px_app_id;
     }
     get authToken() {
-        return this.configParams.px_auth_token;
+        return this.activeConfigParams.px_auth_token;
     }
     get blockingScore() {
-        return this.configParams.px_blocking_score;
+        return this.activeConfigParams.px_blocking_score;
     }
     get bypassMonitorHeader() {
-        return this.configParams.px_bypass_monitor_header;
+        return this.activeConfigParams.px_bypass_monitor_header;
     }
     get cookieSecret() {
-        return this.configParams.px_cookie_secret;
+        return this.activeConfigParams.px_cookie_secret;
     }
     get customCookieHeader() {
-        return this.configParams.px_custom_cookie_header;
+        return this.activeConfigParams.px_custom_cookie_header;
     }
     get customLogo() {
-        return this.configParams.px_custom_logo;
+        return this.activeConfigParams.px_custom_logo;
     }
     get enforcedRoutes() {
-        return this.configParams.px_enforced_routes;
+        return this.activeConfigParams.px_enforced_routes;
     }
     get customIsEnforcedRequest() {
-        return this.configParams.px_custom_is_enforced_request;
+        return this.activeConfigParams.px_custom_is_enforced_request;
     }
     get filteredExtensions() {
-        return this.configParams.px_filter_by_extension.map((ext) => (ext.startsWith('.') ? ext : `.${ext}`));
+        return this.activeConfigParams.px_filter_by_extension.map((ext) => ext.startsWith('.') ? ext : `.${ext}`);
     }
     get filteredHttpMethods() {
-        return this.configParams.px_filter_by_http_method;
+        return this.activeConfigParams.px_filter_by_http_method;
     }
     get filteredIps() {
-        return this.configParams.px_filter_by_ip;
+        return this.activeConfigParams.px_filter_by_ip;
     }
     get filteredRoutes() {
-        return this.configParams.px_filter_by_route;
+        return this.activeConfigParams.px_filter_by_route;
     }
     get filteredUserAgents() {
-        return this.configParams.px_filter_by_user_agent;
+        return this.activeConfigParams.px_filter_by_user_agent;
     }
     get firstPartyEnabled() {
-        return this.configParams.px_first_party_enabled;
+        return this.activeConfigParams.px_first_party_enabled;
     }
     get customIsFilteredRequest() {
-        return this.configParams.px_custom_is_filtered_request;
+        return this.activeConfigParams.px_custom_is_filtered_request;
     }
     get customFirstPartyPrefix() {
-        return this.configParams.px_custom_first_party_prefix;
+        return this.activeConfigParams.px_custom_first_party_prefix;
     }
     get customFirstPartySensorEndpoint() {
-        return this.configParams.px_custom_first_party_sensor_endpoint;
+        return this.activeConfigParams.px_custom_first_party_sensor_endpoint;
     }
     get customFirstPartyXhrEndpoint() {
-        return this.configParams.px_custom_first_party_xhr_endpoint;
+        return this.activeConfigParams.px_custom_first_party_xhr_endpoint;
     }
     get customFirstPartyCaptchaEndpoint() {
-        return this.configParams.px_custom_first_party_captcha_endpoint;
+        return this.activeConfigParams.px_custom_first_party_captcha_endpoint;
     }
     get firstPartyTimeoutMs() {
-        return this.configParams.px_first_party_timeout_ms;
+        return this.activeConfigParams.px_first_party_timeout_ms;
     }
     get loggerSeverity() {
         return this.logger.getLoggerSeverity();
     }
     get moduleEnabled() {
-        return this.configParams.px_module_enabled;
+        return this.activeConfigParams.px_module_enabled;
     }
     get moduleMode() {
-        return this.configParams.px_module_mode;
+        return this.activeConfigParams.px_module_mode;
     }
     get monitoredRoutes() {
-        return this.configParams.px_monitored_routes;
+        return this.activeConfigParams.px_monitored_routes;
     }
     get customIsMonitoredRequest() {
-        return this.configParams.px_custom_is_monitored_request;
+        return this.activeConfigParams.px_custom_is_monitored_request;
     }
     get s2sTimeout() {
-        return this.configParams.px_s2s_timeout;
+        return this.activeConfigParams.px_s2s_timeout;
     }
     get sensitiveHeaders() {
-        return this.configParams.px_sensitive_headers;
+        return this.activeConfigParams.px_sensitive_headers;
     }
     get sensitiveRoutes() {
-        return this.configParams.px_sensitive_routes;
+        return this.activeConfigParams.px_sensitive_routes;
     }
     get customIsSensitiveRequest() {
-        return this.configParams.px_custom_is_sensitive_request;
+        return this.activeConfigParams.px_custom_is_sensitive_request;
     }
     get advancedBlockingResponseEnabled() {
-        return this.configParams.px_advanced_blocking_response_enabled;
+        return this.activeConfigParams.px_advanced_blocking_response_enabled;
     }
     get backendScoreApiUrl() {
-        return this.configParams.px_backend_url;
+        return this.activeConfigParams.px_backend_url;
     }
     get ipHeaders() {
-        return this.configParams.px_ip_headers;
+        return this.activeConfigParams.px_ip_headers;
     }
     get backendCaptchaUrl() {
-        return this.configParams.px_backend_captcha_url;
+        return this.activeConfigParams.px_backend_captcha_url;
     }
     get backendClientUrl() {
-        return this.configParams.px_backend_client_url;
+        return this.activeConfigParams.px_backend_client_url;
     }
     get backendCollectorUrl() {
-        return this.configParams.px_backend_collector_url;
+        return this.activeConfigParams.px_backend_collector_url;
     }
     get cssRef() {
-        return this.configParams.px_css_ref;
+        return this.activeConfigParams.px_css_ref;
     }
     get jsRef() {
-        return this.configParams.px_js_ref;
+        return this.activeConfigParams.px_js_ref;
     }
     get riskCookieMaxIterations() {
-        return this.configParams.px_risk_cookie_max_iterations;
+        return this.activeConfigParams.px_risk_cookie_max_iterations;
     }
     get riskCookieMinIterations() {
-        return this.configParams.px_risk_cookie_min_iterations;
+        return this.activeConfigParams.px_risk_cookie_min_iterations;
     }
     get riskCookieMaxLength() {
-        return this.configParams.px_risk_cookie_max_length;
+        return this.activeConfigParams.px_risk_cookie_max_length;
     }
     get userAgentMaxLength() {
-        return this.configParams.px_user_agent_max_length;
+        return this.activeConfigParams.px_user_agent_max_length;
     }
     get maxActivityBatchSize() {
-        return this.configParams.px_max_activity_batch_size;
+        return this.activeConfigParams.px_max_activity_batch_size;
     }
     get activityBatchTimeoutMs() {
-        return this.configParams.px_batch_activities_timeout_ms;
+        return this.activeConfigParams.px_batch_activities_timeout_ms;
     }
     get graphqlEnabled() {
-        return this.configParams.px_graphql_enabled;
+        return this.activeConfigParams.px_graphql_enabled;
     }
     get graphqlRoutes() {
-        return this.configParams.px_graphql_routes;
+        return this.activeConfigParams.px_graphql_routes;
+    }
+    get graphqlKeywords() {
+        return this.activeConfigParams.px_graphql_keywords;
+    }
+    get extractGraphQLKeywords() {
+        return this.activeConfigParams.px_extract_graphql_keywords;
     }
     get sensitiveGraphqlOperationNames() {
-        return this.configParams.px_sensitive_graphql_operation_names;
+        return this.activeConfigParams.px_sensitive_graphql_operation_names;
     }
     get sensitiveGraphqlOperationTypes() {
-        return this.configParams.px_sensitive_graphql_operation_types;
+        return this.activeConfigParams.px_sensitive_graphql_operation_types;
     }
     get enrichCustomParameters() {
-        return this.configParams.px_enrich_custom_parameters || null;
+        return this.activeConfigParams.px_enrich_custom_parameters || null;
     }
     get additionalActivityHandler() {
-        return this.configParams.px_additional_activity_handler || null;
+        return this.activeConfigParams.px_additional_activity_handler || null;
     }
     get altBackendCaptchaUrl() {
         return 'https://captcha.px-cloud.net';
     }
     get corsSupportEnabled() {
-        return this.configParams.px_cors_support_enabled;
+        return this.activeConfigParams.px_cors_support_enabled;
     }
     get corsCustomPreflightHandler() {
-        return this.configParams.px_cors_custom_preflight_handler || null;
+        return this.activeConfigParams.px_cors_custom_preflight_handler || null;
     }
     get corsPreflightRequestFilterEnabled() {
-        return this.configParams.px_cors_preflight_request_filter_enabled;
+        return this.activeConfigParams.px_cors_preflight_request_filter_enabled;
     }
     get corsCreateCustomBlockResponseHeaders() {
-        return this.configParams.px_cors_create_custom_block_response_headers || null;
+        return this.activeConfigParams.px_cors_create_custom_block_response_headers || null;
     }
     get jwtCookieAdditionalFieldNames() {
-        return this.configParams.px_jwt_cookie_additional_field_names;
+        return this.activeConfigParams.px_jwt_cookie_additional_field_names;
     }
     get jwtCookieName() {
-        return this.configParams.px_jwt_cookie_name;
+        return this.activeConfigParams.px_jwt_cookie_name;
     }
     get jwtCookieUserIdFieldName() {
-        return this.configParams.px_jwt_cookie_user_id_field_name;
+        return this.activeConfigParams.px_jwt_cookie_user_id_field_name;
     }
     get jwtHeaderAdditionalFieldNames() {
-        return this.configParams.px_jwt_header_additional_field_names;
+        return this.activeConfigParams.px_jwt_header_additional_field_names;
     }
     get jwtHeaderName() {
-        return this.configParams.px_jwt_header_name;
+        return this.activeConfigParams.px_jwt_header_name;
     }
     get jwtHeaderUserIdFieldName() {
-        return this.configParams.px_jwt_header_user_id_field_name;
+        return this.activeConfigParams.px_jwt_header_user_id_field_name;
     }
     get ciEnabled() {
-        return this.configParams.px_login_credentials_extraction_enabled;
+        return this.activeConfigParams.px_login_credentials_extraction_enabled;
     }
     get loggerAuthToken() {
-        return this.configParams.px_logger_auth_token;
+        return this.activeConfigParams.px_logger_auth_token;
     }
     get ciEndpoints() {
-        return this.configParams.px_login_credentials_extraction;
+        return this.activeConfigParams.px_login_credentials_extraction;
     }
     get ciCompromisedCredentialsHeaderName() {
-        return this.configParams.px_compromised_credentials_header;
+        return this.activeConfigParams.px_compromised_credentials_header;
     }
     get ciSendRawUsernameOnAdditionalS2SActivity() {
-        return this.configParams.px_send_raw_username_on_additional_s2s_activity;
+        return this.activeConfigParams.px_send_raw_username_on_additional_s2s_activity;
     }
     get ciAutomaticAdditionalS2SEnabled() {
-        return this.configParams.px_automatic_additional_s2s_activity_enabled;
+        return this.activeConfigParams.px_automatic_additional_s2s_activity_enabled;
     }
     get ciAdditionalS2SHeaderEnabled() {
-        return this.configParams.px_additional_s2s_activity_header_enabled;
+        return this.activeConfigParams.px_additional_s2s_activity_header_enabled;
     }
     get ciDefaultVersion() {
-        return this.configParams.px_credentials_intelligence_version;
+        return this.activeConfigParams.px_credentials_intelligence_version;
     }
     get ciDefaultLoginSuccessfulReportingMethod() {
-        return this.configParams.px_login_successful_reporting_method;
+        return this.activeConfigParams.px_login_successful_reporting_method;
     }
     get ciDefaultLoginSuccessfulStatus() {
-        return this.configParams.px_login_successful_status;
+        return this.activeConfigParams.px_login_successful_status;
     }
     get ciDefaultLoginSuccessfulBodyRegex() {
-        return this.configParams.px_login_successful_body_regex;
+        return this.activeConfigParams.px_login_successful_body_regex;
     }
     get ciDefaultLoginSuccessfulHeaderName() {
-        return this.configParams.px_login_successful_header_name;
+        return this.activeConfigParams.px_login_successful_header_name;
     }
     get ciDefaultLoginSuccessfulHeaderValue() {
-        return this.configParams.px_login_successful_header_value;
+        return this.activeConfigParams.px_login_successful_header_value;
     }
     get ciDefaultLoginSuccessfulCustomCallback() {
-        return this.configParams.px_login_successful_custom_callback;
+        return this.activeConfigParams.px_login_successful_custom_callback;
     }
     get remoteConfigAuthToken() {
-        return this.configParams.px_remote_config_auth_token;
-    }
-    get remoteConfigSecret() {
-        return this.configParams.px_remote_config_secret;
+        return this.activeConfigParams.px_remote_config_auth_token;
     }
     get remoteConfigVersion() {
-        return this.configParams.px_remote_config_version;
+        return this.activeConfigParams.px_remote_config_version;
     }
     get remoteConfigId() {
-        return this.configParams.px_remote_config_id;
+        return this.activeConfigParams.px_remote_config_id;
     }
     get remoteConfigRetryIntervalMs() {
-        return this.configParams.px_remote_config_retry_interval_ms;
+        return this.activeConfigParams.px_remote_config_retry_interval_ms;
     }
     get remoteConfigMaxFetchAttempts() {
-        return this.configParams.px_remote_config_max_fetch_attempts;
+        return this.activeConfigParams.px_remote_config_max_fetch_attempts;
     }
     get urlDecodeReservedCharacters() {
-        return this.configParams.px_url_decode_reserved_characters;
+        return this.activeConfigParams.px_url_decode_reserved_characters;
     }
     get securedPxhdEnabled() {
-        return this.configParams.px_secured_pxhd_enabled;
+        return this.activeConfigParams.px_secured_pxhd_enabled;
     }
 }

package/lib/esm/config/ConfigurationBuilderBase.js

@@ -4,15 +4,16 @@ export class ConfigurationBuilderBase {
         this.base64Utils = base64Utils;
     }
     async build(params) {
-        const staticConfig = this.createConfiguration(params);
-        if (!staticConfig.remoteConfigAuthToken) {
-            return staticConfig;
+        const config = this.createConfiguration(params);
+        if (!config.remoteConfigAuthToken) {
+            return config;
         }
-        const remoteConfigParams = await this.getRemoteConfigParams(staticConfig);
+        const remoteConfigParams = await this.getRemoteConfigParams(config);
         if (!remoteConfigParams) {
-            return staticConfig;
+            return config;
         }
-        return this.createConfiguration({ ...params, ...remoteConfigParams });
+        config.addRemoteConfig(remoteConfigParams);
+        return config;
     }
     async getRemoteConfigParams(staticConfig) {
         try {

package/lib/esm/config/defaults/DefaultCommonConfigurationParams.js

@@ -16,7 +16,7 @@ export const DEFAULT_COMMON_CONFIGURATION_PARAMS = {
     px_advanced_blocking_response_enabled: true,
     px_max_activity_batch_size: 0,
     px_batch_activities_timeout_ms: 1000,
-    px_bypass_monitor_header: '',
+    px_bypass_monitor_header: 'x-px-block',
     px_enforced_routes: [],
     px_first_party_enabled: true,
     px_custom_first_party_prefix: '',
@@ -94,6 +94,7 @@ export const DEFAULT_COMMON_CONFIGURATION_PARAMS = {
     px_custom_logo: '',
     px_graphql_enabled: true,
     px_graphql_routes: ['/graphql'],
+    px_graphql_keywords: [],
     px_sensitive_graphql_operation_names: [],
     px_sensitive_graphql_operation_types: [],
     px_enrich_custom_parameters: null,
@@ -115,4 +116,5 @@ export const DEFAULT_COMMON_CONFIGURATION_PARAMS = {
     px_custom_is_monitored_request: null,
     px_custom_is_enforced_request: null,
     px_custom_is_filtered_request: null,
+    px_extract_graphql_keywords: null,
 };

package/lib/esm/config/defaults/DefaultStaticConfigurationParams.js

@@ -4,5 +4,4 @@ export const DEFAULT_STATIC_CONFIGURATION_PARAMS = {
     px_cookie_secret: '',
     px_logger_auth_token: '',
     px_remote_config_auth_token: '',
-    px_remote_config_secret: '',
 };

package/lib/esm/config/remote_config/DefaultRemoteConfigUpdater.js

@@ -11,7 +11,7 @@ export class DefaultRemoteConfigUpdater {
         this.storageClient = options.storageClient;
         this.timestampHmacHeaderValidator =
             options.timestampHmacHeaderValidator ||
-                new DefaultTimestampHmacHeaderValidator(config, config.remoteConfigSecret, options.base64Utils, options.hmacUtils);
+                new DefaultTimestampHmacHeaderValidator(config, config.remoteConfigAuthToken, options.base64Utils, options.hmacUtils);
     }
     isUpdateRemoteConfigRequest(context) {
         return context.isRemoteConfigUpdateRequest;

package/lib/esm/config/remote_config/RemoteConfigUtils.js

@@ -3,7 +3,7 @@ import { PUSH_DATA_FEATURE_HEADER_NAME, PUSH_DATA_HMAC_HEADER_NAME } from '../..
 import { REMOTE_CONFIG_PUSH_DATA_FEATURE_NAME } from './constants';
 export var RemoteConfigUtils;
 (function (RemoteConfigUtils) {
-    RemoteConfigUtils.isRemoteConfigUpdateRequest = (request) => request.method === HttpMethod.PATCH &&
+    RemoteConfigUtils.isRemoteConfigUpdateRequest = (request) => request.method === HttpMethod.POST &&
         request.headers.get(PUSH_DATA_FEATURE_HEADER_NAME) === REMOTE_CONFIG_PUSH_DATA_FEATURE_NAME &&
         !!request.headers.get(PUSH_DATA_HMAC_HEADER_NAME);
 })(RemoteConfigUtils || (RemoteConfigUtils = {}));

package/lib/esm/context/DefaultContext.js

@@ -4,7 +4,7 @@ import { PXHDSource } from '../pxhd';
 import { TokenOrigin, TokenParseResult } from '../risk_token';
 import { RiskApiCallResult } from '../risk_api';
 import { COOKIE_HEADER_NAME, toReadonlyHeaders, USER_AGENT_HEADER_NAME, } from '../http';
-import { StringSplitCookieParser, PXHD_COOKIE_NAME, PXVID_COOKIE_NAME, X_PX_AUTHORIZATION_HEADER_NAME, } from '../utils';
+import { StringSplitCookieParser, PXHD_COOKIE_NAME, PXVID_COOKIE_NAME, X_PX_AUTHORIZATION_HEADER_NAME, isValidUuid, } from '../utils';
 import { DefaultLogger, X_PX_ENFORCER_LOG_HEADER } from '../logger';
 export class DefaultContext {
     requestId;
@@ -125,7 +125,10 @@ export class DefaultContext {
         return request.headers.get(X_PX_AUTHORIZATION_HEADER_NAME) ? TokenOrigin.HEADER : TokenOrigin.COOKIE;
     }
     setCookiesOnContext() {
-        this.vid = this.requestData.cookies[PXVID_COOKIE_NAME];
+        const vidValue = this.requestData.cookies[PXVID_COOKIE_NAME];
+        if (isValidUuid(vidValue)) {
+            this.vid = vidValue;
+        }
         const pxhdCookie = this.requestData.cookies[PXHD_COOKIE_NAME];
         if (pxhdCookie) {
             this.pxhd = {

package/lib/esm/custom_parameters/CustomParametersUtils.js

@@ -4,7 +4,7 @@ export var CustomParametersUtils;
     CustomParametersUtils.createCustomParameters = async (config, context) => {
         if (config.enrichCustomParameters && typeof config.enrichCustomParameters === 'function') {
             try {
-                const parameters = await config.enrichCustomParameters(config.toParams(), context.requestData.request.getUnderlyingRequest());
+                const parameters = await config.enrichCustomParameters(config.getActiveConfig(), context.requestData.request.getUnderlyingRequest());
                 return CustomParametersUtils.normalizeCustomParams(parameters);
             }
             catch (e) {