npm - perimeterx-js-core - Versions diffs - 0.23.2 → 0.24.0 - Mend

perimeterx-js-core 0.23.2 → 0.24.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (61) hide show

package/lib/cjs/activities/utils.js CHANGED Viewed

@@ -86,9 +86,10 @@ function redactCookieSecret(secret) {
     return '***'.concat(secret.substring(secret.length - 3, secret.length));
 }
 var addConfigDataToDetails = function (details, config) {
-    if (config.remoteConfigVersion) {
-        details.remote_config_version = config.remoteConfigVersion;
-    }
+    (0, utils_1.transferExistingProperties)(config, details, {
+        remoteConfigId: 'remote_config_id',
+        remoteConfigVersion: 'remote_config_version',
+    });
 };
 exports.addConfigDataToDetails = addConfigDataToDetails;
 var addCustomParametersToDetails = function (details, customParameters) {

package/lib/cjs/config/ConfigurationBase.js CHANGED Viewed

@@ -717,6 +717,20 @@ var ConfigurationBase = /** @class */ (function () {
         enumerable: false,
         configurable: true
     });
+    Object.defineProperty(ConfigurationBase.prototype, "snippetInjectionEnabled", {
+        get: function () {
+            return this.configParams.px_snippet_injection_enabled;
+        },
+        enumerable: false,
+        configurable: true
+    });
+    Object.defineProperty(ConfigurationBase.prototype, "createCustomSnippet", {
+        get: function () {
+            return this.configParams.px_create_custom_snippet;
+        },
+        enumerable: false,
+        configurable: true
+    });
     Object.defineProperty(ConfigurationBase.prototype, "enableBlockedUrlOnCaptchaBlockPage", {
         get: function () {
             return true;

package/lib/cjs/config/defaults/DefaultConfigurationParams.js CHANGED Viewed

@@ -130,6 +130,8 @@ var defaultConfigurationParams = function () { return ({
     px_remote_config_retry_interval_ms: 1000,
     px_url_decode_reserved_characters: false,
     px_secured_pxhd_enabled: false,
+    px_snippet_injection_enabled: false,
+    px_create_custom_snippet: null,
     px_custom_is_sensitive_request: null,
     px_custom_is_monitored_request: null,
     px_custom_is_enforced_request: null,

package/lib/cjs/enforcer/utils.js CHANGED Viewed

@@ -23,8 +23,9 @@ var activities_1 = require("../activities");
 var logger_1 = require("../logger");
 var products_1 = require("../products");
 var utils_1 = require("../utils");
+var snippet_injection_1 = require("../snippet_injection");
 var createEnforcerInitializationBlock = function (config, options) {
-    var _a, _b;
+    var _a, _b, _c;
     var tokenVersion = config.tokenVersion;
     if (!(0, utils_1.isValidTokenVersion)(tokenVersion)) {
         throw new utils_1.EnforcerError("error initializing enforcer: token version ".concat(tokenVersion, " is invalid (must be one of ").concat(Object.values(risk_token_1.TokenVersion)
@@ -65,6 +66,8 @@ var createEnforcerInitializationBlock = function (config, options) {
                 hmacUtils: hmacUtils,
             })
             : null);
+    var snippetInjector = (_c = options.snippetInjector) !== null && _c !== void 0 ? _c : null;
+    var snippetRetriever = options.snippetRetriever || (snippetInjector ? new snippet_injection_1.DefaultSnippetRetriever(config) : null);
     var allOptions = {
         httpClient: httpClient,
         base64Utils: base64Utils,
@@ -84,6 +87,8 @@ var createEnforcerInitializationBlock = function (config, options) {
         remoteConfigStorageClient: remoteConfigStorageClient,
         remoteConfigServiceClient: remoteConfigServiceClient,
         remoteConfigUpdater: remoteConfigUpdater,
+        snippetInjector: snippetInjector,
+        snippetRetriever: snippetRetriever,
     };
     var products = (0, exports.createEnforcerProducts)(config, options.products, base64Utils, hashUtils, urlUtils, ipRangeChecker);
     return __assign({ products: products }, allOptions);

package/lib/cjs/graphql/DefaultGraphQLParser.js CHANGED Viewed

@@ -49,7 +49,7 @@ var DefaultGraphQLParser = /** @class */ (function () {
     DefaultGraphQLParser.prototype.isGraphQLRequest = function (_a) {
         var requestData = _a.requestData;
         return (requestData.method === http_1.HttpMethod.POST &&
-            (0, utils_1.isRouteInPatterns)(requestData.url.pathname, this.config.graphqlRoutes));
+            (0, utils_1.isStringInPatterns)(requestData.url.pathname, this.config.graphqlRoutes));
     };
     DefaultGraphQLParser.prototype.parseGraphQLRequest = function (context) {
         return __awaiter(this, void 0, void 0, function () {

package/lib/cjs/index.js CHANGED Viewed

@@ -23,6 +23,7 @@ __exportStar(require("./context"), exports);
 __exportStar(require("./custom_parameters"), exports);
 __exportStar(require("./sensitive_request"), exports);
 __exportStar(require("./monitored_request"), exports);
+__exportStar(require("./snippet_injection"), exports);
 __exportStar(require("./cors"), exports);
 __exportStar(require("./enforcer"), exports);
 __exportStar(require("./filter"), exports);

package/lib/cjs/monitored_request/MonitoredRequestUtils.js CHANGED Viewed

@@ -74,10 +74,10 @@ var MonitoredRequestUtils;
         });
     }); };
     MonitoredRequestUtils.isMonitoredRoute = function (url, isMonitoredRoute) {
-        return (0, utils_1.isRouteInPatterns)(url.pathname, isMonitoredRoute);
+        return (0, utils_1.isStringInPatterns)(url.pathname, isMonitoredRoute);
     };
     MonitoredRequestUtils.isEnforcedRoute = function (url, enforcedRoutes) {
-        return (0, utils_1.isRouteInPatterns)(url.pathname, enforcedRoutes);
+        return (0, utils_1.isStringInPatterns)(url.pathname, enforcedRoutes);
     };
     MonitoredRequestUtils.invokeCustomIsEnforcedRequest = function (config, context) { return __awaiter(_this, void 0, void 0, function () {
         var err_1;

package/lib/cjs/phase/flow/PostEnforceFlow.js CHANGED Viewed

@@ -20,10 +20,10 @@ var impl_1 = require("../impl");
 var PostEnforceFlow = /** @class */ (function (_super) {
     __extends(PostEnforceFlow, _super);
     function PostEnforceFlow(config, _a) {
-        var products = _a.products, activityClient = _a.activityClient;
+        var products = _a.products, activityClient = _a.activityClient, snippetRetriever = _a.snippetRetriever, snippetInjector = _a.snippetInjector;
         return _super.call(this, [
             new impl_1.EnrichContextFromResponsePhase(config, products),
-            new impl_1.ModifyOutgoingResponsePhase(config, Object.values(products)),
+            new impl_1.ModifyOutgoingResponsePhase(config, Object.values(products), snippetRetriever, snippetInjector),
             new impl_1.SendAsyncActivitiesOnResponsePhase(activityClient),
         ]) || this;
     }

package/lib/cjs/phase/impl/ModifyOutgoingResponsePhase.js CHANGED Viewed

@@ -38,10 +38,13 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ModifyOutgoingResponsePhase = void 0;
 var pxhd_1 = require("../../pxhd");
+var http_1 = require("../../http");
 var ModifyOutgoingResponsePhase = /** @class */ (function () {
-    function ModifyOutgoingResponsePhase(config, products) {
+    function ModifyOutgoingResponsePhase(config, products, snippetRetriever, snippetInjector) {
         this.config = config;
         this.products = products;
+        this.snippetRetriever = snippetRetriever;
+        this.snippetInjector = snippetInjector;
     }
     ModifyOutgoingResponsePhase.prototype.execute = function (context) {
         return __awaiter(this, void 0, void 0, function () {
@@ -54,11 +57,39 @@ var ModifyOutgoingResponsePhase = /** @class */ (function () {
                         if (((_a = context.pxhd) === null || _a === void 0 ? void 0 : _a.source) === pxhd_1.PXHDSource.RISK && context.response) {
                             pxhd_1.PXHDUtils.addPxhdToOutgoingResponse(this.config, context, context.response);
                         }
+                        return [4 /*yield*/, this.handleSnippetInjection(context)];
+                    case 2:
+                        _b.sent();
                         return [2 /*return*/, { done: false }];
                 }
             });
         });
     };
+    ModifyOutgoingResponsePhase.prototype.handleSnippetInjection = function (context) {
+        return __awaiter(this, void 0, void 0, function () {
+            var snippet, _a;
+            var _b, _c, _d;
+            return __generator(this, function (_e) {
+                switch (_e.label) {
+                    case 0:
+                        if (!(this.snippetRetriever &&
+                            this.snippetInjector &&
+                            this.config.snippetInjectionEnabled &&
+                            !!((_d = (_c = (_b = context.response) === null || _b === void 0 ? void 0 : _b.headers) === null || _c === void 0 ? void 0 : _c.get(http_1.CONTENT_TYPE_HEADER_NAME)) === null || _d === void 0 ? void 0 : _d.includes(http_1.ContentType.TEXT_HTML)))) return [3 /*break*/, 3];
+                        context.logger.debug('snippet injection enabled');
+                        return [4 /*yield*/, this.snippetRetriever.retrieveSnippet(context)];
+                    case 1:
+                        snippet = _e.sent();
+                        _a = context;
+                        return [4 /*yield*/, this.snippetInjector.injectSnippet(context.response, snippet)];
+                    case 2:
+                        _a.response = _e.sent();
+                        _e.label = 3;
+                    case 3: return [2 /*return*/];
+                }
+            });
+        });
+    };
     return ModifyOutgoingResponsePhase;
 }());
 exports.ModifyOutgoingResponsePhase = ModifyOutgoingResponsePhase;

package/lib/cjs/products/bot_defender/filter/DefaultBotDefenderFilter.js CHANGED Viewed

@@ -109,10 +109,10 @@ var DefaultBotDefenderFilter = /** @class */ (function () {
         return this.config.filteredIps.some(function (range) { return _this.ipRangeChecker.isIpInRange(ip, range); });
     };
     DefaultBotDefenderFilter.prototype.shouldFilterByRoute = function (route) {
-        return (0, utils_1.isRouteInPatterns)(route, this.config.filteredRoutes);
+        return (0, utils_1.isStringInPatterns)(route, this.config.filteredRoutes);
     };
     DefaultBotDefenderFilter.prototype.shouldFilterByUserAgent = function (userAgent) {
-        return this.config.filteredUserAgents.includes(userAgent);
+        return (0, utils_1.isStringInPatterns)(userAgent, this.config.filteredUserAgents);
     };
     DefaultBotDefenderFilter.prototype.shouldFilterByCustomFunction = function (context) {
         return __awaiter(this, void 0, void 0, function () {

package/lib/cjs/sensitive_request/SensitiveRequestUtils.js CHANGED Viewed

@@ -58,7 +58,7 @@ var SensitiveRequestUtils;
         });
     }); };
     SensitiveRequestUtils.isSensitiveRoute = function (url, sensitiveRoutes) {
-        return (0, utils_1.isRouteInPatterns)(url.pathname, sensitiveRoutes);
+        return (0, utils_1.isStringInPatterns)(url.pathname, sensitiveRoutes);
     };
     SensitiveRequestUtils.isSensitiveGraphqlOperation = function (graphQLData) {
         return !!(graphQLData === null || graphQLData === void 0 ? void 0 : graphQLData.some(function (operation) { return operation.sensitive; }));

package/lib/cjs/snippet_injection/CustomSnippetFunction.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/lib/cjs/snippet_injection/index.js ADDED Viewed

@@ -0,0 +1,20 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./snippet_injector"), exports);
+__exportStar(require("./snippet_retriever"), exports);
+__exportStar(require("./utils"), exports);
+__exportStar(require("./CustomSnippetFunction"), exports);

package/lib/cjs/snippet_injection/snippet_injector/ISnippetInjector.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/lib/cjs/snippet_injection/snippet_injector/index.js ADDED Viewed

@@ -0,0 +1,17 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./ISnippetInjector"), exports);

package/lib/cjs/snippet_injection/snippet_retriever/DefaultSnippetRetriever.js ADDED Viewed

@@ -0,0 +1,95 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
+    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (g && (g = 0, op[0] && (_ = 0)), _) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DefaultSnippetRetriever = void 0;
+var products_1 = require("../../products");
+var utils_1 = require("../utils");
+var DefaultSnippetRetriever = /** @class */ (function () {
+    function DefaultSnippetRetriever(config) {
+        this.config = config;
+    }
+    DefaultSnippetRetriever.prototype.retrieveSnippet = function (context) {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, this.retrieveCustomSnippet(context)];
+                    case 1: return [2 /*return*/, (_a.sent()) || this.retrieveDefaultSnippet(context)];
+                }
+            });
+        });
+    };
+    DefaultSnippetRetriever.prototype.retrieveCustomSnippet = function (context) {
+        return __awaiter(this, void 0, void 0, function () {
+            var snippet, e_1;
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0:
+                        if (!this.config.createCustomSnippet) {
+                            return [2 /*return*/, null];
+                        }
+                        _a.label = 1;
+                    case 1:
+                        _a.trys.push([1, 3, , 4]);
+                        return [4 /*yield*/, this.config.createCustomSnippet(this.config.getActiveConfig(), context.requestData.request.getUnderlyingRequest(), context.response.getUnderlyingResponse())];
+                    case 2:
+                        snippet = _a.sent();
+                        if (!snippet || typeof snippet !== 'string') {
+                            context.logger.debug("invalid custom snippet of type ".concat(typeof snippet));
+                            return [2 /*return*/, null];
+                        }
+                        context.logger.debug('retrieving custom snippet');
+                        return [2 /*return*/, snippet];
+                    case 3:
+                        e_1 = _a.sent();
+                        context.logger.debug("failed retrieving custom snippet: ".concat(e_1));
+                        return [3 /*break*/, 4];
+                    case 4: return [2 /*return*/, null];
+                }
+            });
+        });
+    };
+    DefaultSnippetRetriever.prototype.retrieveDefaultSnippet = function (context) {
+        var sensorSrc = this.config.firstPartyEnabled
+            ? (0, products_1.getMostCustomizedFirstPartyPath)(this.config, products_1.FirstPartySuffix.SENSOR)
+            : "".concat(this.config.backendClientUrl, "/").concat(this.config.appId, "/main.min.js");
+        context.logger.debug("retrieving default snippet with src ".concat(sensorSrc));
+        return (0, utils_1.createDefaultSnippet)(this.config.appId, sensorSrc);
+    };
+    return DefaultSnippetRetriever;
+}());
+exports.DefaultSnippetRetriever = DefaultSnippetRetriever;

package/lib/cjs/snippet_injection/snippet_retriever/ISnippetRetriever.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/lib/cjs/snippet_injection/snippet_retriever/index.js ADDED Viewed

@@ -0,0 +1,18 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./ISnippetRetriever"), exports);
+__exportStar(require("./DefaultSnippetRetriever"), exports);

package/lib/cjs/snippet_injection/utils.js ADDED Viewed

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createDefaultSnippet = void 0;
+var createDefaultSnippet = function (appId, sensorSrc) { return "<script type=\"text/javascript\">\n    (function(){\n        window._pxAppId = '".concat(appId, "';\n        var p = document.getElementsByTagName('script')[0], s = document.createElement('script');\n        s.async = 1;\n        s.src = '").concat(sensorSrc, "';\n        p.parentNode.insertBefore(s,p);\n    }());\n</script>"); };
+exports.createDefaultSnippet = createDefaultSnippet;

package/lib/cjs/utils/constants.js CHANGED Viewed

@@ -12,6 +12,6 @@ exports.X_PX_BYPASS_REASON_HEADER_NAME = 'x-px-bypass-reason';
 exports.PUSH_DATA_HMAC_HEADER_NAME = 'x-px-pushdata';
 exports.PUSH_DATA_FEATURE_HEADER_NAME = 'x-px-feature';
 exports.EMAIL_ADDRESS_REGEX = /^[a-zA-Z0-9_+&*-]+(?:\.[a-zA-Z0-9_+&*-]+)*@(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]{2,7}$/;
-exports.URL_REGEX = /^(https?\:)\/\/(([^@\s:]+):?([^@\s]*)@)?(([^:\/?#]*)(?:\:([0-9]+))?)([\/]{0,1}[^?#]*)(\?[^#]*|)(#.*|)$/;
+exports.URL_REGEX = /^(https?:)\/\/(([^@\s:\/]+):?([^@\s\/]*)@)?(([^:\/?#]*)(?:\:([0-9]+))?)(\/?[^?#]*)(\?[^#]*|)(#.*|)$/;
 exports.REGEX_STRUCTURE = /^\/(.+?)\/([gimsuyvd]*)$/;
-exports.CORE_MODULE_VERSION = 'JS Core 0.23.2';
+exports.CORE_MODULE_VERSION = 'JS Core 0.24.0';

package/lib/cjs/utils/utils.js CHANGED Viewed

@@ -36,7 +36,7 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
     }
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.isNullOrUndefined = exports.isValidTokenVersion = exports.telemetryConfigReplacer = exports.convertRegexStringToRegex = exports.algoToCryptoString = exports.algoToSubtleCryptoString = exports.sleep = exports.getPropertyFromObject = exports.rejectOnTimeout = exports.transferExistingProperties = exports.isRouteMatch = exports.isRouteInPatterns = exports.removeSensitiveHeaders = exports.redactSensitiveFields = exports.getExtension = exports.getAuthorizationHeader = exports.getCollectorDomain = exports.getScoreApiDomain = exports.isEmailAddress = exports.isValidUuid = exports.isValidEnumValue = void 0;
+exports.isNullOrUndefined = exports.isValidTokenVersion = exports.telemetryConfigReplacer = exports.convertRegexStringToRegex = exports.algoToCryptoString = exports.algoToSubtleCryptoString = exports.sleep = exports.getPropertyFromObject = exports.rejectOnTimeout = exports.transferExistingProperties = exports.isStringMatch = exports.isStringInPatterns = exports.removeSensitiveHeaders = exports.redactSensitiveFields = exports.getExtension = exports.getAuthorizationHeader = exports.getCollectorDomain = exports.getScoreApiDomain = exports.isEmailAddress = exports.isValidUuid = exports.isValidEnumValue = void 0;
 var http_1 = require("../http");
 var error_1 = require("./error");
 var constants_1 = require("./constants");
@@ -80,21 +80,37 @@ var getExtension = function (route) {
 };
 exports.getExtension = getExtension;
 var redactSensitiveFields = function (object, sensitiveFields) {
-    var NUMBER_OF_TRAILING_CHARS_TO_EXPOSE = 5;
-    var SENSITIVE_VALUE_MINIMUM_LENGTH_TO_EXPOSE_TRAILING_CHARS = NUMBER_OF_TRAILING_CHARS_TO_EXPOSE * 10;
     var newObj = Object.assign({}, object);
     sensitiveFields.forEach(function (fieldName) {
         var sensitiveValue = object[fieldName];
         if (!sensitiveValue) {
             return;
         }
-        var trailingCharsExposed = sensitiveValue.length >= SENSITIVE_VALUE_MINIMUM_LENGTH_TO_EXPOSE_TRAILING_CHARS;
-        var trailingChars = sensitiveValue.substring(sensitiveValue.length - (trailingCharsExposed ? NUMBER_OF_TRAILING_CHARS_TO_EXPOSE : 0));
-        newObj[fieldName] = "***REDACTED***".concat(trailingChars);
+        newObj[fieldName] = redactUnknownValue(sensitiveValue);
     });
     return newObj;
 };
 exports.redactSensitiveFields = redactSensitiveFields;
+var redactUnknownValue = function (value) {
+    switch (typeof value) {
+        case 'string':
+            return redactSensitiveString(value);
+        case 'object':
+            if (Array.isArray(value)) {
+                return value.flatMap(redactUnknownValue).filter(function (v) { return !(0, exports.isNullOrUndefined)(v); });
+            }
+            return null;
+        default:
+            return null;
+    }
+};
+var redactSensitiveString = function (sensitiveValue) {
+    var NUMBER_OF_TRAILING_CHARS_TO_EXPOSE = 5;
+    var SENSITIVE_VALUE_MINIMUM_LENGTH_TO_EXPOSE_TRAILING_CHARS = NUMBER_OF_TRAILING_CHARS_TO_EXPOSE * 10;
+    var trailingCharsExposed = sensitiveValue.length >= SENSITIVE_VALUE_MINIMUM_LENGTH_TO_EXPOSE_TRAILING_CHARS;
+    var trailingChars = sensitiveValue.substring(sensitiveValue.length - (trailingCharsExposed ? NUMBER_OF_TRAILING_CHARS_TO_EXPOSE : 0));
+    return "***REDACTED***".concat(trailingChars);
+};
 var removeSensitiveHeaders = function (headers, sensitiveHeaderNames) {
     var ret = (0, http_1.toMutableHeaders)(headers);
     sensitiveHeaderNames.forEach(function (name) {
@@ -103,23 +119,23 @@ var removeSensitiveHeaders = function (headers, sensitiveHeaderNames) {
     return ret;
 };
 exports.removeSensitiveHeaders = removeSensitiveHeaders;
-var isRouteInPatterns = function (route, patterns) {
-    return patterns.some(function (pattern) { return (0, exports.isRouteMatch)(route, pattern); });
+var isStringInPatterns = function (str, patterns) {
+    return patterns.some(function (pattern) { return (0, exports.isStringMatch)(str, pattern); });
 };
-exports.isRouteInPatterns = isRouteInPatterns;
-var isRouteMatch = function (route, pattern) {
-    if (!route || !pattern) {
+exports.isStringInPatterns = isStringInPatterns;
+var isStringMatch = function (str, pattern) {
+    if (!str || !pattern) {
         return false;
     }
-    if (pattern instanceof RegExp && !!route.match(pattern)) {
+    if (pattern instanceof RegExp && !!str.match(pattern)) {
         return true;
     }
-    if (typeof pattern === 'string' && route.startsWith(pattern)) {
+    if (typeof pattern === 'string' && str.startsWith(pattern)) {
         return true;
     }
     return false;
 };
-exports.isRouteMatch = isRouteMatch;
+exports.isStringMatch = isStringMatch;
 /**
  * @deprecated this method is not typesafe. Copy the fields manually instead,
  *             unsafe - ignores compilerOptions.strictNullChecks

package/lib/esm/activities/utils.js CHANGED Viewed

@@ -75,9 +75,10 @@ export function redactCookieSecret(secret) {
     return '***'.concat(secret.substring(secret.length - 3, secret.length));
 }
 export const addConfigDataToDetails = (details, config) => {
-    if (config.remoteConfigVersion) {
-        details.remote_config_version = config.remoteConfigVersion;
-    }
+    transferExistingProperties(config, details, {
+        remoteConfigId: 'remote_config_id',
+        remoteConfigVersion: 'remote_config_version',
+    });
 };
 export const addCustomParametersToDetails = (details, customParameters) => {
     if (customParameters) {

package/lib/esm/config/ConfigurationBase.js CHANGED Viewed

@@ -363,6 +363,12 @@ export class ConfigurationBase {
     get tokenVersion() {
         return this.configParams.px_token_version;
     }
+    get snippetInjectionEnabled() {
+        return this.configParams.px_snippet_injection_enabled;
+    }
+    get createCustomSnippet() {
+        return this.configParams.px_create_custom_snippet;
+    }
     get enableBlockedUrlOnCaptchaBlockPage() {
         return true;
     }

package/lib/esm/config/defaults/DefaultConfigurationParams.js CHANGED Viewed

@@ -127,6 +127,8 @@ export const defaultConfigurationParams = () => ({
     px_remote_config_retry_interval_ms: 1000,
     px_url_decode_reserved_characters: false,
     px_secured_pxhd_enabled: false,
+    px_snippet_injection_enabled: false,
+    px_create_custom_snippet: null,
     px_custom_is_sensitive_request: null,
     px_custom_is_monitored_request: null,
     px_custom_is_enforced_request: null,

package/lib/esm/enforcer/utils.js CHANGED Viewed

@@ -9,6 +9,7 @@ import { HttpActivityClient, HttpBatchedActivityClient } from '../activities';
 import { HttpLogServiceClient } from '../logger';
 import { AccountDefender, BotDefender, CredentialIntelligence, HypeSaleChallenge, ProductName, } from '../products';
 import { EnforcerError, isValidTokenVersion } from '../utils';
+import { DefaultSnippetRetriever } from '../snippet_injection';
 export const createEnforcerInitializationBlock = (config, options) => {
     const tokenVersion = config.tokenVersion;
     if (!isValidTokenVersion(tokenVersion)) {
@@ -50,6 +51,8 @@ export const createEnforcerInitializationBlock = (config, options) => {
                 hmacUtils,
             })
             : null);
+    const snippetInjector = options.snippetInjector ?? null;
+    const snippetRetriever = options.snippetRetriever || (snippetInjector ? new DefaultSnippetRetriever(config) : null);
     const allOptions = {
         httpClient,
         base64Utils,
@@ -69,6 +72,8 @@ export const createEnforcerInitializationBlock = (config, options) => {
         remoteConfigStorageClient,
         remoteConfigServiceClient,
         remoteConfigUpdater,
+        snippetInjector,
+        snippetRetriever,
     };
     const products = createEnforcerProducts(config, options.products, base64Utils, hashUtils, urlUtils, ipRangeChecker);
     return { products, ...allOptions };

package/lib/esm/graphql/DefaultGraphQLParser.js CHANGED Viewed

@@ -1,4 +1,4 @@
-import { isNullOrUndefined, isRouteInPatterns } from '../utils';
+import { isNullOrUndefined, isStringInPatterns } from '../utils';
 import { HttpMethod } from '../http';
 import { GraphQLOperationType } from './model';
 export class DefaultGraphQLParser {
@@ -12,7 +12,7 @@ export class DefaultGraphQLParser {
     }
     isGraphQLRequest({ requestData }) {
         return (requestData.method === HttpMethod.POST &&
-            isRouteInPatterns(requestData.url.pathname, this.config.graphqlRoutes));
+            isStringInPatterns(requestData.url.pathname, this.config.graphqlRoutes));
     }
     async parseGraphQLRequest(context) {
         try {

package/lib/esm/index.js CHANGED Viewed

@@ -7,6 +7,7 @@ export * from './context';
 export * from './custom_parameters';
 export * from './sensitive_request';
 export * from './monitored_request';
+export * from './snippet_injection';
 export * from './cors';
 export * from './enforcer';
 export * from './filter';

package/lib/esm/monitored_request/MonitoredRequestUtils.js CHANGED Viewed

@@ -1,4 +1,4 @@
-import { BYPASS_MONITOR_HEADER_VALUE, isRouteInPatterns, ModuleMode } from '../utils';
+import { BYPASS_MONITOR_HEADER_VALUE, isStringInPatterns, ModuleMode } from '../utils';
 export var MonitoredRequestUtils;
 (function (MonitoredRequestUtils) {
     MonitoredRequestUtils.isMonitoredRequest = async (config, context) => {
@@ -10,10 +10,10 @@ export var MonitoredRequestUtils;
         return (monitorMode || monitoredRoute) && !MonitoredRequestUtils.isAllowedToBypassMonitor(config.bypassMonitorHeader, request);
     };
     MonitoredRequestUtils.isMonitoredRoute = (url, isMonitoredRoute) => {
-        return isRouteInPatterns(url.pathname, isMonitoredRoute);
+        return isStringInPatterns(url.pathname, isMonitoredRoute);
     };
     MonitoredRequestUtils.isEnforcedRoute = (url, enforcedRoutes) => {
-        return isRouteInPatterns(url.pathname, enforcedRoutes);
+        return isStringInPatterns(url.pathname, enforcedRoutes);
     };
     MonitoredRequestUtils.invokeCustomIsEnforcedRequest = async (config, context) => {
         if (config.customIsEnforcedRequest && typeof config.customIsEnforcedRequest === 'function') {

package/lib/esm/phase/flow/PostEnforceFlow.js CHANGED Viewed

@@ -1,9 +1,9 @@
 import { CompositePhase, EnrichContextFromResponsePhase, ModifyOutgoingResponsePhase, SendAsyncActivitiesOnResponsePhase, } from '../impl';
 export class PostEnforceFlow extends CompositePhase {
-    constructor(config, { products, activityClient, }) {
+    constructor(config, { products, activityClient, snippetRetriever, snippetInjector, }) {
         super([
             new EnrichContextFromResponsePhase(config, products),
-            new ModifyOutgoingResponsePhase(config, Object.values(products)),
+            new ModifyOutgoingResponsePhase(config, Object.values(products), snippetRetriever, snippetInjector),
             new SendAsyncActivitiesOnResponsePhase(activityClient),
         ]);
     }

package/lib/esm/phase/impl/ModifyOutgoingResponsePhase.js CHANGED Viewed

@@ -1,16 +1,32 @@
 import { PXHDSource, PXHDUtils } from '../../pxhd';
+import { CONTENT_TYPE_HEADER_NAME, ContentType } from '../../http';
 export class ModifyOutgoingResponsePhase {
     config;
     products;
-    constructor(config, products) {
+    snippetRetriever;
+    snippetInjector;
+    constructor(config, products, snippetRetriever, snippetInjector) {
         this.config = config;
         this.products = products;
+        this.snippetRetriever = snippetRetriever;
+        this.snippetInjector = snippetInjector;
     }
     async execute(context) {
         await Promise.all(this.products.map((product) => product?.modifyOutgoingResponse(context)));
         if (context.pxhd?.source === PXHDSource.RISK && context.response) {
             PXHDUtils.addPxhdToOutgoingResponse(this.config, context, context.response);
         }
+        await this.handleSnippetInjection(context);
         return { done: false };
     }
+    async handleSnippetInjection(context) {
+        if (this.snippetRetriever &&
+            this.snippetInjector &&
+            this.config.snippetInjectionEnabled &&
+            !!context.response?.headers?.get(CONTENT_TYPE_HEADER_NAME)?.includes(ContentType.TEXT_HTML)) {
+            context.logger.debug('snippet injection enabled');
+            const snippet = await this.snippetRetriever.retrieveSnippet(context);
+            context.response = await this.snippetInjector.injectSnippet(context.response, snippet);
+        }
+    }
 }

package/lib/esm/products/bot_defender/filter/DefaultBotDefenderFilter.js CHANGED Viewed

@@ -1,6 +1,6 @@
 import { HttpMethod } from '../../../http';
 import { FilterReason } from '../../../filter';
-import { getExtension, isRouteInPatterns } from '../../../utils';
+import { getExtension, isStringInPatterns } from '../../../utils';
 export class DefaultBotDefenderFilter {
     config;
     ipRangeChecker;
@@ -52,10 +52,10 @@ export class DefaultBotDefenderFilter {
         return this.config.filteredIps.some((range) => this.ipRangeChecker.isIpInRange(ip, range));
     }
     shouldFilterByRoute(route) {
-        return isRouteInPatterns(route, this.config.filteredRoutes);
+        return isStringInPatterns(route, this.config.filteredRoutes);
     }
     shouldFilterByUserAgent(userAgent) {
-        return this.config.filteredUserAgents.includes(userAgent);
+        return isStringInPatterns(userAgent, this.config.filteredUserAgents);
     }
     async shouldFilterByCustomFunction(context) {
         if (this.config.customIsFilteredRequest && typeof this.config.customIsFilteredRequest === 'function') {

package/lib/esm/sensitive_request/SensitiveRequestUtils.js CHANGED Viewed

@@ -1,4 +1,4 @@
-import { isRouteInPatterns } from '../utils';
+import { isStringInPatterns } from '../utils';
 export var SensitiveRequestUtils;
 (function (SensitiveRequestUtils) {
     SensitiveRequestUtils.isSensitiveRequest = async (config, context) => {
@@ -7,7 +7,7 @@ export var SensitiveRequestUtils;
             (await SensitiveRequestUtils.invokeCustomIsSensitiveRequest(config, context)));
     };
     SensitiveRequestUtils.isSensitiveRoute = (url, sensitiveRoutes) => {
-        return isRouteInPatterns(url.pathname, sensitiveRoutes);
+        return isStringInPatterns(url.pathname, sensitiveRoutes);
     };
     SensitiveRequestUtils.isSensitiveGraphqlOperation = (graphQLData) => {
         return !!graphQLData?.some((operation) => operation.sensitive);

package/lib/esm/snippet_injection/CustomSnippetFunction.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/lib/esm/snippet_injection/index.js ADDED Viewed

@@ -0,0 +1,4 @@
+export * from './snippet_injector';
+export * from './snippet_retriever';
+export * from './utils';
+export * from './CustomSnippetFunction';

package/lib/esm/snippet_injection/snippet_injector/ISnippetInjector.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/lib/esm/snippet_injection/snippet_injector/index.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export * from './ISnippetInjector';

package/lib/esm/snippet_injection/snippet_retriever/DefaultSnippetRetriever.js ADDED Viewed

@@ -0,0 +1,36 @@
+import { FirstPartySuffix, getMostCustomizedFirstPartyPath } from '../../products';
+import { createDefaultSnippet } from '../utils';
+export class DefaultSnippetRetriever {
+    config;
+    constructor(config) {
+        this.config = config;
+    }
+    async retrieveSnippet(context) {
+        return (await this.retrieveCustomSnippet(context)) || this.retrieveDefaultSnippet(context);
+    }
+    async retrieveCustomSnippet(context) {
+        if (!this.config.createCustomSnippet) {
+            return null;
+        }
+        try {
+            const snippet = await this.config.createCustomSnippet(this.config.getActiveConfig(), context.requestData.request.getUnderlyingRequest(), context.response.getUnderlyingResponse());
+            if (!snippet || typeof snippet !== 'string') {
+                context.logger.debug(`invalid custom snippet of type ${typeof snippet}`);
+                return null;
+            }
+            context.logger.debug('retrieving custom snippet');
+            return snippet;
+        }
+        catch (e) {
+            context.logger.debug(`failed retrieving custom snippet: ${e}`);
+        }
+        return null;
+    }
+    retrieveDefaultSnippet(context) {
+        const sensorSrc = this.config.firstPartyEnabled
+            ? getMostCustomizedFirstPartyPath(this.config, FirstPartySuffix.SENSOR)
+            : `${this.config.backendClientUrl}/${this.config.appId}/main.min.js`;
+        context.logger.debug(`retrieving default snippet with src ${sensorSrc}`);
+        return createDefaultSnippet(this.config.appId, sensorSrc);
+    }
+}

package/lib/esm/snippet_injection/snippet_retriever/ISnippetRetriever.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/lib/esm/snippet_injection/snippet_retriever/index.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export * from './ISnippetRetriever';
2	+ export * from './DefaultSnippetRetriever';

package/lib/esm/snippet_injection/utils.js ADDED Viewed

@@ -0,0 +1,9 @@
+export const createDefaultSnippet = (appId, sensorSrc) => `<script type="text/javascript">
+    (function(){
+        window._pxAppId = '${appId}';
+        var p = document.getElementsByTagName('script')[0], s = document.createElement('script');
+        s.async = 1;
+        s.src = '${sensorSrc}';
+        p.parentNode.insertBefore(s,p);
+    }());
+</script>`;

package/lib/esm/utils/constants.js CHANGED Viewed

@@ -9,6 +9,6 @@ export const X_PX_BYPASS_REASON_HEADER_NAME = 'x-px-bypass-reason';
 export const PUSH_DATA_HMAC_HEADER_NAME = 'x-px-pushdata';
 export const PUSH_DATA_FEATURE_HEADER_NAME = 'x-px-feature';
 export const EMAIL_ADDRESS_REGEX = /^[a-zA-Z0-9_+&*-]+(?:\.[a-zA-Z0-9_+&*-]+)*@(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]{2,7}$/;
-export const URL_REGEX = /^(https?\:)\/\/(([^@\s:]+):?([^@\s]*)@)?(([^:\/?#]*)(?:\:([0-9]+))?)([\/]{0,1}[^?#]*)(\?[^#]*|)(#.*|)$/;
+export const URL_REGEX = /^(https?:)\/\/(([^@\s:\/]+):?([^@\s\/]*)@)?(([^:\/?#]*)(?:\:([0-9]+))?)(\/?[^?#]*)(\?[^#]*|)(#.*|)$/;
 export const REGEX_STRUCTURE = /^\/(.+?)\/([gimsuyvd]*)$/;
-export const CORE_MODULE_VERSION = 'JS Core 0.23.2';
+export const CORE_MODULE_VERSION = 'JS Core 0.24.0';

package/lib/esm/utils/utils.js CHANGED Viewed

@@ -33,20 +33,36 @@ export const getExtension = (route) => {
     return endOfPath.substring(extensionIndex);
 };
 export const redactSensitiveFields = (object, sensitiveFields) => {
-    const NUMBER_OF_TRAILING_CHARS_TO_EXPOSE = 5;
-    const SENSITIVE_VALUE_MINIMUM_LENGTH_TO_EXPOSE_TRAILING_CHARS = NUMBER_OF_TRAILING_CHARS_TO_EXPOSE * 10;
     const newObj = Object.assign({}, object);
     sensitiveFields.forEach((fieldName) => {
         const sensitiveValue = object[fieldName];
         if (!sensitiveValue) {
             return;
         }
-        const trailingCharsExposed = sensitiveValue.length >= SENSITIVE_VALUE_MINIMUM_LENGTH_TO_EXPOSE_TRAILING_CHARS;
-        const trailingChars = sensitiveValue.substring(sensitiveValue.length - (trailingCharsExposed ? NUMBER_OF_TRAILING_CHARS_TO_EXPOSE : 0));
-        newObj[fieldName] = `***REDACTED***${trailingChars}`;
+        newObj[fieldName] = redactUnknownValue(sensitiveValue);
     });
     return newObj;
 };
+const redactUnknownValue = (value) => {
+    switch (typeof value) {
+        case 'string':
+            return redactSensitiveString(value);
+        case 'object':
+            if (Array.isArray(value)) {
+                return value.flatMap(redactUnknownValue).filter((v) => !isNullOrUndefined(v));
+            }
+            return null;
+        default:
+            return null;
+    }
+};
+const redactSensitiveString = (sensitiveValue) => {
+    const NUMBER_OF_TRAILING_CHARS_TO_EXPOSE = 5;
+    const SENSITIVE_VALUE_MINIMUM_LENGTH_TO_EXPOSE_TRAILING_CHARS = NUMBER_OF_TRAILING_CHARS_TO_EXPOSE * 10;
+    const trailingCharsExposed = sensitiveValue.length >= SENSITIVE_VALUE_MINIMUM_LENGTH_TO_EXPOSE_TRAILING_CHARS;
+    const trailingChars = sensitiveValue.substring(sensitiveValue.length - (trailingCharsExposed ? NUMBER_OF_TRAILING_CHARS_TO_EXPOSE : 0));
+    return `***REDACTED***${trailingChars}`;
+};
 export const removeSensitiveHeaders = (headers, sensitiveHeaderNames) => {
     const ret = toMutableHeaders(headers);
     sensitiveHeaderNames.forEach((name) => {
@@ -54,17 +70,17 @@ export const removeSensitiveHeaders = (headers, sensitiveHeaderNames) => {
     });
     return ret;
 };
-export const isRouteInPatterns = (route, patterns) => {
-    return patterns.some((pattern) => isRouteMatch(route, pattern));
+export const isStringInPatterns = (str, patterns) => {
+    return patterns.some((pattern) => isStringMatch(str, pattern));
 };
-export const isRouteMatch = (route, pattern) => {
-    if (!route || !pattern) {
+export const isStringMatch = (str, pattern) => {
+    if (!str || !pattern) {
         return false;
     }
-    if (pattern instanceof RegExp && !!route.match(pattern)) {
+    if (pattern instanceof RegExp && !!str.match(pattern)) {
         return true;
     }
-    if (typeof pattern === 'string' && route.startsWith(pattern)) {
+    if (typeof pattern === 'string' && str.startsWith(pattern)) {
         return true;
     }
     return false;

package/lib/types/activities/model/CommonActivityDetails.d.ts CHANGED Viewed

@@ -39,6 +39,7 @@ export type CommonActivityDetails = {
     ci_version?: CredentialIntelligenceVersion;
     sso_step?: SsoStep;
     remote_config_version?: number;
+    remote_config_id?: string;
     enforcer_start_time: number;
     raw_url?: string;
     used_cookie_secret?: string;

package/lib/types/config/ConfigurationBase.d.ts CHANGED Viewed

@@ -9,6 +9,7 @@ import { CredentialEndpointConfiguration, CredentialIntelligenceVersion, CustomL
 import { CustomRequestFunction } from './CustomRequestFunction';
 import { ExtractGraphQLKeywordsFunction } from '../graphql';
 import { TokenVersion } from '../risk_token';
+import { CustomSnippetFunction } from '../snippet_injection';
 export declare abstract class ConfigurationBase<Req, Res, Added, Removed extends string> implements IConfiguration<Req, Res, Added, Removed> {
     protected configParams: RequiredAllConfigurationParams<Req, Res, Added, Removed>;
     protected readonly staticConfigParams: StaticConfigurationParams<Req, Res, Added, Removed>;
@@ -43,7 +44,7 @@ export declare abstract class ConfigurationBase<Req, Res, Added, Removed extends
     get filteredHttpMethods(): string[];
     get filteredIps(): string[];
     get filteredRoutes(): Array<string | RegExp>;
-    get filteredUserAgents(): string[];
+    get filteredUserAgents(): Array<string | RegExp>;
     get firstPartyEnabled(): boolean;
     get customIsFilteredRequest(): CustomRequestFunction<Req> | null;
     get customFirstPartyPrefix(): string;
@@ -115,5 +116,7 @@ export declare abstract class ConfigurationBase<Req, Res, Added, Removed extends
     get urlDecodeReservedCharacters(): boolean;
     get securedPxhdEnabled(): boolean;
     get tokenVersion(): `${TokenVersion}`;
+    get snippetInjectionEnabled(): boolean;
+    get createCustomSnippet(): CustomSnippetFunction<Req, Res, Added, Removed> | null;
     get enableBlockedUrlOnCaptchaBlockPage(): boolean;
 }

package/lib/types/config/IConfiguration.d.ts CHANGED Viewed

@@ -8,6 +8,7 @@ import { CredentialEndpointConfiguration, CredentialIntelligenceVersion, CustomL
 import { CustomRequestFunction } from './CustomRequestFunction';
 import { ExtractGraphQLKeywordsFunction } from '../graphql';
 import { TokenVersion } from '../risk_token';
+import { CustomSnippetFunction } from '../snippet_injection';
 export interface IConfiguration<Req, Res, Added, Removed> {
     /**
      * The application ID.
@@ -48,7 +49,7 @@ export interface IConfiguration<Req, Res, Added, Removed> {
     /**
      * An array of agents that should not go through the enforcer flow.
      */
-    readonly filteredUserAgents: string[];
+    readonly filteredUserAgents: Array<string | RegExp>;
     /**
      * An array of regular expressions or prefixes of routes that should not go through the enforcer flow.
      */
@@ -370,6 +371,14 @@ export interface IConfiguration<Req, Res, Added, Removed> {
      * Whether to add the Secure attribute when setting the PXHD cookie.
      */
     readonly securedPxhdEnabled: boolean;
+    /**
+     * Whether snippet injection on response bodies is enabled.
+     */
+    readonly snippetInjectionEnabled: boolean;
+    /**
+     * A custom function that returns a string representing the snippet to be injected.
+     */
+    readonly createCustomSnippet: CustomSnippetFunction<Req, Res, Added, Removed> | null;
     /**
      * Whether to include the request url in captcha block page
      */

package/lib/types/config/params/CoreConfigurationParams.d.ts CHANGED Viewed

@@ -7,6 +7,7 @@ import { CustomParametersFunction } from '../../custom_parameters';
 import { CustomBlockResponseHeadersHandler, CustomPreflightHandler } from '../../cors';
 import { CustomRequestFunction } from '../CustomRequestFunction';
 import { TokenVersion } from '../../risk_token';
+import { CustomSnippetFunction } from '../../snippet_injection';
 export type StaticConfigurationParamsOnly = {
     px_app_id: string;
     px_cookie_secret: string | string[];
@@ -34,7 +35,11 @@ export type TokenV3ConfigurationParamsOnly = {
     px_risk_cookie_min_iterations?: number;
     px_risk_cookie_max_iterations?: number;
 };
-export type CommonConfigurationParams<Req, Res, Added, Removed> = TokenV3ConfigurationParamsOnly & BatchedActivitiesConfigParamsOnly & {
+export type SnippetInjectionParamsOnly<Req, Res, Added, Removed> = {
+    px_snippet_injection_enabled?: boolean;
+    px_create_custom_snippet?: CustomSnippetFunction<Req, Res, Added, Removed> | null;
+};
+export type CommonConfigurationParams<Req, Res, Added, Removed> = TokenV3ConfigurationParamsOnly & BatchedActivitiesConfigParamsOnly & SnippetInjectionParamsOnly<Req, Res, Added, Removed> & {
     px_s2s_timeout?: number;
     px_backend_url?: string;
     px_user_agent_max_length?: number;
@@ -74,7 +79,7 @@ export type CommonConfigurationParams<Req, Res, Added, Removed> = TokenV3Configu
     px_filter_by_http_method?: string[];
     px_filter_by_ip?: string[];
     px_filter_by_route?: Array<string | RegExp>;
-    px_filter_by_user_agent?: string[];
+    px_filter_by_user_agent?: Array<string | RegExp>;
     px_css_ref?: string;
     px_js_ref?: string;
     px_custom_cookie_header?: string;

package/lib/types/enforcer/EnforcerOptions.d.ts CHANGED Viewed

@@ -10,6 +10,7 @@ import { Products } from '../products';
 import { IGraphQLParser } from '../graphql';
 import { ILogServiceClient } from '../logger';
 import { IRemoteConfigStorageClient, IRemoteConfigServiceClient, IRemoteConfigUpdater } from '../config';
+import { ISnippetInjector, ISnippetRetriever } from '../snippet_injection';
 export type EnforcerOptions<Req, Res, Added, Removed> = {
     httpClient: IHttpClient;
     base64Utils: IBase64Utils;
@@ -30,4 +31,6 @@ export type EnforcerOptions<Req, Res, Added, Removed> = {
     remoteConfigUpdater?: IRemoteConfigUpdater<Req, Res> | null;
     remoteConfigStorageClient?: IRemoteConfigStorageClient<Req, Res, Added, Removed> | null;
     remoteConfigServiceClient?: IRemoteConfigServiceClient<Req, Res, Added, Removed> | null;
+    snippetRetriever?: ISnippetRetriever<Req, Res> | null;
+    snippetInjector?: ISnippetInjector<Res> | null;
 };

package/lib/types/index.d.ts CHANGED Viewed

@@ -7,6 +7,7 @@ export * from './context';
 export * from './custom_parameters';
 export * from './sensitive_request';
 export * from './monitored_request';
+export * from './snippet_injection';
 export * from './cors';
 export * from './enforcer';
 export * from './filter';

package/lib/types/phase/flow/PostEnforceFlow.d.ts CHANGED Viewed

@@ -2,5 +2,5 @@ import { IConfiguration } from '../../config';
 import { EnforcerOptions } from '../../enforcer';
 import { CompositePhase } from '../impl';
 export declare class PostEnforceFlow<Req, Res, Added, Removed> extends CompositePhase<Req, Res> {
-    constructor(config: IConfiguration<Req, Res, Added, Removed>, { products, activityClient, }: Pick<Required<EnforcerOptions<Req, Res, Added, Removed>>, 'products' | 'activityClient'>);
+    constructor(config: IConfiguration<Req, Res, Added, Removed>, { products, activityClient, snippetRetriever, snippetInjector, }: Pick<Required<EnforcerOptions<Req, Res, Added, Removed>>, 'products' | 'activityClient' | 'snippetRetriever' | 'snippetInjector'>);
 }

package/lib/types/phase/impl/ModifyOutgoingResponsePhase.d.ts CHANGED Viewed

@@ -3,9 +3,13 @@ import { IProduct } from '../../products';
 import { IPhase } from '../IPhase';
 import { PhaseResult } from '../PhaseResult';
 import { IConfiguration } from '../../config';
+import { ISnippetInjector, ISnippetRetriever } from '../../snippet_injection';
 export declare class ModifyOutgoingResponsePhase<Req, Res, Added, Removed> implements IPhase<Req, Res> {
     protected readonly config: IConfiguration<Req, Res, Added, Removed>;
     protected readonly products: IProduct<any, Req, Res>[];
-    constructor(config: IConfiguration<Req, Res, Added, Removed>, products: IProduct<any, Req, Res>[]);
+    protected readonly snippetRetriever?: ISnippetRetriever<Req, Res> | null;
+    protected readonly snippetInjector?: ISnippetInjector<Res> | null;
+    constructor(config: IConfiguration<Req, Res, Added, Removed>, products: IProduct<any, Req, Res>[], snippetRetriever?: ISnippetRetriever<Req, Res> | null, snippetInjector?: ISnippetInjector<Res> | null);
     execute(context: IContext<Req, Res>): Promise<PhaseResult>;
+    protected handleSnippetInjection(context: IContext<Req, Res>): Promise<void>;
 }

package/lib/types/snippet_injection/CustomSnippetFunction.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import { ActiveConfigurationParams } from '../config';
2	+ export type CustomSnippetFunction<Req, Res, Added, Removed> = (config: ActiveConfigurationParams<Req, Res, Added, Removed>, request: Req, response: Res) => string \| Promise<string>;

package/lib/types/snippet_injection/index.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export * from './snippet_injector';
+export * from './snippet_retriever';
+export * from './utils';
+export * from './CustomSnippetFunction';

package/lib/types/snippet_injection/snippet_injector/ISnippetInjector.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import { AsyncOrSync } from 'ts-essentials';
+import { IOutgoingResponse } from '../../http';
+export interface ISnippetInjector<Res> {
+    injectSnippet(response: IOutgoingResponse<Res>, snippet: string): AsyncOrSync<IOutgoingResponse<Res>>;
+}

package/lib/types/snippet_injection/snippet_injector/index.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export * from './ISnippetInjector';

package/lib/types/snippet_injection/snippet_retriever/DefaultSnippetRetriever.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+import { IConfiguration } from '../../config';
+import { ReadonlyContext } from '../../context';
+import { ISnippetRetriever } from './ISnippetRetriever';
+export declare class DefaultSnippetRetriever<Req, Res, Added, Removed> implements ISnippetRetriever<Req, Res> {
+    protected readonly config: IConfiguration<Req, Res, Added, Removed>;
+    constructor(config: IConfiguration<Req, Res, Added, Removed>);
+    retrieveSnippet(context: ReadonlyContext<Req, Res>): Promise<string>;
+    protected retrieveCustomSnippet(context: ReadonlyContext<Req, Res>): Promise<string | null>;
+    protected retrieveDefaultSnippet(context: ReadonlyContext<Req, Res>): string;
+}

package/lib/types/snippet_injection/snippet_retriever/ISnippetRetriever.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+import { AsyncOrSync } from 'ts-essentials';
+import { ReadonlyContext } from '../../context';
+export interface ISnippetRetriever<Req, Res> {
+    retrieveSnippet(context: ReadonlyContext<Req, Res>): AsyncOrSync<string>;
+}

package/lib/types/snippet_injection/snippet_retriever/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export * from './ISnippetRetriever';
2	+ export * from './DefaultSnippetRetriever';

package/lib/types/snippet_injection/utils.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export declare const createDefaultSnippet: (appId: string, sensorSrc: string) => string;

package/lib/types/utils/constants.d.ts CHANGED Viewed

@@ -11,4 +11,4 @@ export declare const PUSH_DATA_FEATURE_HEADER_NAME = "x-px-feature";
 export declare const EMAIL_ADDRESS_REGEX: RegExp;
 export declare const URL_REGEX: RegExp;
 export declare const REGEX_STRUCTURE: RegExp;
-export declare const CORE_MODULE_VERSION = "JS Core 0.23.2";
+export declare const CORE_MODULE_VERSION = "JS Core 0.24.0";

package/lib/types/utils/utils.d.ts CHANGED Viewed

@@ -11,8 +11,8 @@ export declare const getAuthorizationHeader: (authToken: string) => string;
 export declare const getExtension: (route: string) => string;
 export declare const redactSensitiveFields: <T extends Record<string, any>>(object: T, sensitiveFields: Array<keyof T | string>) => T;
 export declare const removeSensitiveHeaders: (headers: ReadonlyHeaders, sensitiveHeaderNames: string[]) => Record<string, string[]>;
-export declare const isRouteInPatterns: (route: string, patterns: Array<string | RegExp>) => boolean;
-export declare const isRouteMatch: (route: string, pattern: string | RegExp) => boolean;
+export declare const isStringInPatterns: (str: string, patterns: Array<string | RegExp>) => boolean;
+export declare const isStringMatch: (str: string, pattern: string | RegExp) => boolean;
 /**
  * @deprecated this method is not typesafe. Copy the fields manually instead,
  *             unsafe - ignores compilerOptions.strictNullChecks

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "perimeterx-js-core",
-  "version": "0.23.2",
+  "version": "0.24.0",
   "description": "",
   "type": "module",
   "typesVersions": {