perimeterx-js-core 0.4.2 → 0.4.4

package/README.md

@@ -93,7 +93,8 @@ When developing your JavaScript/TypeScript enforcer with this library, you will
 objects such that they conform to these interfaces. Of course, you are free to extend these interfaces as needed.
 
 You will also need to implement an HTTP client. You can do this however you see fit: use the platform's built-in API
-or use an external library (e.g., `phin`, `axios`) if needed.
+or use an external library if needed. This library includes implementations using `phin` (`PhinHttpClient` and `PhinIncomingResponse`)
+for Node.js-based enforcers.
 
 ### Crypto
 
@@ -128,6 +129,7 @@ can be swapped with other implementations. These classes are:
 | `cookie`          | `DefaultCookieParser`     | `ContextBase`                             |
 | `uuid`            | `DefaultUuidGenerator`    | `ContextBase`                             |
 | `ip-range-check`  | `DefaultIpRangeChecker`   | `DefaultFilter`                           |
+| `phin`            | `PhinHttpClient`, `PhinIncomingResponse` | First party, Risk API, Activities |
 
 ## For Contributors
 

package/lib/block_handler/captcha/HtmlCaptchaResponseGenerator.d.ts

@@ -1,7 +1,7 @@
 import { IConfiguration } from '../../config';
 import { IContext } from '../../context';
-import { IBlockResponseGenerator } from '../IBlockResponseGenerator';
 import { IMinimalResponse } from '../../http';
+import { IBlockResponseGenerator } from '../IBlockResponseGenerator';
 export declare class HtmlCaptchaResponseGenerator implements IBlockResponseGenerator {
     private readonly config;
     constructor(config: IConfiguration);

package/lib/block_handler/captcha/HtmlCaptchaResponseGenerator.js

@@ -4,7 +4,6 @@ exports.HtmlCaptchaResponseGenerator = void 0;
 var http_1 = require("../../http");
 var utils_1 = require("../utils");
 var captcha_template_1 = require("../templates/captcha_template");
-var http_2 = require("../../http");
 var HtmlCaptchaResponseGenerator = /** @class */ (function () {
     function HtmlCaptchaResponseGenerator(config) {
         this.config = config;
@@ -19,7 +18,7 @@ var HtmlCaptchaResponseGenerator = /** @class */ (function () {
             _a[http_1.CONTENT_TYPE_HEADER_NAME] = [http_1.ContentType.TEXT_HTML],
             _a);
         var body = (0, utils_1.renderHtml)(captcha_template_1.CAPTCHA_TEMPLATE, (0, utils_1.createBlockData)(this.config, context));
-        return new http_2.MinimalResponseImpl({
+        return new http_1.MinimalResponseImpl({
             body: body,
             status: status,
             headers: headers,

package/lib/block_handler/captcha/JsonCaptchaResponseGenerator.d.ts

@@ -1,7 +1,7 @@
 import { IConfiguration } from '../../config';
 import { IContext } from '../../context';
-import { IBlockResponseGenerator } from '../IBlockResponseGenerator';
 import { IMinimalResponse } from '../../http';
+import { IBlockResponseGenerator } from '../IBlockResponseGenerator';
 export declare class JsonCaptchaResponseGenerator implements IBlockResponseGenerator {
     private readonly config;
     constructor(config: IConfiguration);

package/lib/block_handler/captcha/JsonCaptchaResponseGenerator.js

@@ -4,7 +4,6 @@ exports.JsonCaptchaResponseGenerator = void 0;
 var BlockAction_1 = require("../BlockAction");
 var http_1 = require("../../http");
 var utils_1 = require("../utils");
-var http_2 = require("../../http");
 var JsonCaptchaResponseGenerator = /** @class */ (function () {
     function JsonCaptchaResponseGenerator(config) {
         this.config = config;
@@ -37,7 +36,7 @@ var JsonCaptchaResponseGenerator = /** @class */ (function () {
             blockScript: blockData.blockScript,
             altBlockScript: blockData.altBlockScript,
         };
-        return new http_2.MinimalResponseImpl({
+        return new http_1.MinimalResponseImpl({
             body: JSON.stringify(jsonBlockPayload),
             status: status,
             headers: headers,

package/lib/context/ContextBase.d.ts

@@ -5,10 +5,9 @@ import { FilterReason } from '../filter';
 import { PXDE } from '../pxde';
 import { GraphQLData } from '../graphql';
 import { IBotDefenderToken, TokenOrigin } from '../risk_token';
+import { ReadOnlyHeaders, IIncomingRequest } from '../http';
 import { VidSource, PassReason, ICookieParser, IUuidGenerator } from '../utils';
 import { IContext, MobileData, RequestData, ResponseData, RiskApiData, ServerData, TlsData } from './IContext';
-import { IIncomingRequest } from '../http/interfaces/IIncomingRequest';
-import { ReadOnlyHeaders } from '../http';
 export declare type ContextBaseOptions = {
     cookieParser?: ICookieParser;
     uuidGenerator?: IUuidGenerator;

package/lib/context/ContextBase.js

@@ -2,8 +2,8 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ContextBase = void 0;
 var block_handler_1 = require("../block_handler");
-var http_1 = require("../http");
 var risk_token_1 = require("../risk_token");
+var http_1 = require("../http");
 var utils_1 = require("../utils");
 var ContextBase = /** @class */ (function () {
     function ContextBase(config, request, options) {
@@ -34,7 +34,7 @@ var ContextBase = /** @class */ (function () {
         var requestCookieNames = Object.keys(cookies);
         var readOnlyHeaders = (0, http_1.toReadOnlyHeaders)(headers);
         var userAgent = this.extractUserAgentFromHeader(config, readOnlyHeaders);
-        var ip = this.extractIpFromHeader(config, readOnlyHeaders);
+        var ip = this.extractIpFromHeader(config, readOnlyHeaders) || request.clientIP;
         return { url: url, method: method, headers: readOnlyHeaders, cookies: cookies, ip: ip, userAgent: userAgent, requestCookieNames: requestCookieNames, request: request };
     };
     ContextBase.prototype.getCookies = function (cookieParser) {

package/lib/context/DefaultTokenV2Context.d.ts

@@ -1,8 +1,8 @@
 import { IConfiguration } from '../config';
 import { IBotDefenderToken } from '../risk_token';
 import { IBase64Utils, IHashUtils } from '../utils';
+import { IIncomingRequest } from '../http';
 import { ContextBase, ContextBaseOptions } from './ContextBase';
-import { IIncomingRequest } from '../http/interfaces/IIncomingRequest';
 export declare type DefaultTokenV2ContextOptions = {
     base64Utils?: IBase64Utils;
     hashUtils?: IHashUtils;

package/lib/context/DefaultTokenV3Context.d.ts

@@ -1,8 +1,8 @@
 import { IConfiguration } from '../config';
 import { IBotDefenderToken } from '../risk_token';
 import { IHashUtils, ICipherUtils } from '../utils';
+import { IIncomingRequest } from '../http';
 import { ContextBase, ContextBaseOptions } from './ContextBase';
-import { IIncomingRequest } from '../http/interfaces/IIncomingRequest';
 export declare type DefaultTokenV3ContextOptions = {
     cipherUtils: ICipherUtils;
     hashUtils?: IHashUtils;

package/lib/context/index.d.ts

@@ -1,4 +1,4 @@
-export { IContext } from './IContext';
-export { ContextBase, ContextBaseOptions } from './ContextBase';
-export { DefaultTokenV2Context, DefaultTokenV2ContextOptions } from './DefaultTokenV2Context';
-export { DefaultTokenV3Context, DefaultTokenV3ContextOptions } from './DefaultTokenV3Context';
+export * from './IContext';
+export * from './ContextBase';
+export * from './DefaultTokenV2Context';
+export * from './DefaultTokenV3Context';

package/lib/context/index.js

@@ -1,9 +1,20 @@
 "use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.DefaultTokenV3Context = exports.DefaultTokenV2Context = exports.ContextBase = void 0;
-var ContextBase_1 = require("./ContextBase");
-Object.defineProperty(exports, "ContextBase", { enumerable: true, get: function () { return ContextBase_1.ContextBase; } });
-var DefaultTokenV2Context_1 = require("./DefaultTokenV2Context");
-Object.defineProperty(exports, "DefaultTokenV2Context", { enumerable: true, get: function () { return DefaultTokenV2Context_1.DefaultTokenV2Context; } });
-var DefaultTokenV3Context_1 = require("./DefaultTokenV3Context");
-Object.defineProperty(exports, "DefaultTokenV3Context", { enumerable: true, get: function () { return DefaultTokenV3Context_1.DefaultTokenV3Context; } });
+__exportStar(require("./IContext"), exports);
+__exportStar(require("./ContextBase"), exports);
+__exportStar(require("./DefaultTokenV2Context"), exports);
+__exportStar(require("./DefaultTokenV3Context"), exports);

package/lib/enforcer/EnforcerBase.d.ts

@@ -10,9 +10,7 @@ import { IBlockResponseGenerator } from '../block_handler';
 import { TokenVersion } from '../risk_token';
 import { IActivityClient } from '../activities';
 import { IGraphQLParser } from '../graphql';
-import { IHttpClient } from '../http';
-import { IOutgoingResponse } from '../http';
-import { IMinimalResponse } from '../http';
+import { IHttpClient, IOutgoingResponse, IMinimalResponse } from '../http';
 export declare type EnforcerBaseOptions = {
     tokenVersion?: TokenVersion;
     dataEnrichment?: IDataEnrichment;
@@ -95,13 +93,13 @@ export declare abstract class EnforcerBase<EnforceArgs extends any[], Req, Res>
     /**
      * The central function that triggers enforcement on the incoming request.
      * @param args - The EnforceArgs required to enforce the incoming request.
-     * @returns Promise<Req|Res> - A Promise resolving to a either Req or Res depending on the action that should be taken.
+     * @returns Promise<Res|null> - A Promise resolving to a Res or null depending on the action that should be taken.
      */
     enforce(...args: EnforceArgs): Promise<Res | null>;
     /**
      * Performs all enforcer functionality on the incoming request context.
      * @param args - The EnforceArgs required to enforce the incoming request.
-     * @returns Promise<Req|Res> - A Promise resolving to a either Req or Res depending on the action that should be taken.
+     * @returns Promise<Res|null> -  A Promise resolving to a Res or null depending on the action that should be taken.
      * @protected
      */
     protected doEnforce(...args: EnforceArgs): Promise<Res | null>;
@@ -123,7 +121,7 @@ export declare abstract class EnforcerBase<EnforceArgs extends any[], Req, Res>
      * @param req - The Req sent to the origin.
      * @param res - The Res received from the origin.
      * @param args - The EnforceArgs required to enforce the incoming request.
-     * @returns Promise<Res> - A modified response
+     * @returns Promise<void> - The response parameter will be modified as needed
      * @protected
      */
     postEnforce(req: Req, res: Res, ...args: EnforceArgs): Promise<void>;

package/lib/enforcer/EnforcerBase.js

@@ -94,7 +94,7 @@ var EnforcerBase = /** @class */ (function () {
     /**
      * The central function that triggers enforcement on the incoming request.
      * @param args - The EnforceArgs required to enforce the incoming request.
-     * @returns Promise<Req|Res> - A Promise resolving to a either Req or Res depending on the action that should be taken.
+     * @returns Promise<Res|null> - A Promise resolving to a Res or null depending on the action that should be taken.
      */
     EnforcerBase.prototype.enforce = function () {
         var args = [];
@@ -126,7 +126,7 @@ var EnforcerBase = /** @class */ (function () {
     /**
      * Performs all enforcer functionality on the incoming request context.
      * @param args - The EnforceArgs required to enforce the incoming request.
-     * @returns Promise<Req|Res> - A Promise resolving to a either Req or Res depending on the action that should be taken.
+     * @returns Promise<Res|null> -  A Promise resolving to a Res or null depending on the action that should be taken.
      * @protected
      */
     EnforcerBase.prototype.doEnforce = function () {
@@ -353,7 +353,7 @@ var EnforcerBase = /** @class */ (function () {
      * @param req - The Req sent to the origin.
      * @param res - The Res received from the origin.
      * @param args - The EnforceArgs required to enforce the incoming request.
-     * @returns Promise<Res> - A modified response
+     * @returns Promise<void> - The response parameter will be modified as needed
      * @protected
      */
     EnforcerBase.prototype.postEnforce = function (req, res) {

package/lib/first_party/DefaultFirstParty.d.ts

@@ -1,8 +1,7 @@
 import { IConfiguration } from '../config';
 import { IContext } from '../context/IContext';
+import { IHttpClient, IMinimalResponse } from '../http';
 import { IFirstParty } from './IFirstParty';
-import { IHttpClient } from '../http';
-import { IMinimalResponse } from '../http';
 export declare class DefaultFirstParty implements IFirstParty {
     private readonly config;
     private readonly httpClient;

package/lib/first_party/DefaultFirstParty.js

@@ -52,8 +52,6 @@ var utils_1 = require("../utils");
 var http_1 = require("../http");
 var utils_2 = require("./utils");
 var constants_1 = require("./constants");
-var http_2 = require("../http");
-var http_3 = require("../http");
 var minimalResponseUtils = require("../http/utils/MinimalResponseUtils");
 var DefaultFirstParty = /** @class */ (function () {
     function DefaultFirstParty(config, httpClient) {
@@ -94,13 +92,13 @@ var DefaultFirstParty = /** @class */ (function () {
                 switch (_a.label) {
                     case 0:
                         if (!this.config.firstPartyEnabled) {
-                            return [2 /*return*/, new http_3.MinimalResponseImpl(constants_1.DEFAULT_CLIENT_RESPONSE_OPTIONS)];
+                            return [2 /*return*/, new http_1.MinimalResponseImpl(constants_1.DEFAULT_CLIENT_RESPONSE_OPTIONS)];
                         }
                         url = this.getThirdPartySensorScriptUrl();
                         return [4 /*yield*/, this.forwardRequest(url, context)];
                     case 1:
                         response = _a.sent();
-                        return [2 /*return*/, response ? response : new http_3.MinimalResponseImpl(constants_1.DEFAULT_CLIENT_RESPONSE_OPTIONS)];
+                        return [2 /*return*/, response ? response : new http_1.MinimalResponseImpl(constants_1.DEFAULT_CLIENT_RESPONSE_OPTIONS)];
                 }
             });
         });
@@ -127,7 +125,7 @@ var DefaultFirstParty = /** @class */ (function () {
     };
     DefaultFirstParty.getDefaultXhrResponse = function (path) {
         var _a = path.endsWith('.gif') ? constants_1.DEFAULT_GIF_RESPONSE : constants_1.DEFAULT_XHR_RESPONSE, content = _a.content, options = _a.options;
-        return new http_3.MinimalResponseImpl({
+        return new http_1.MinimalResponseImpl({
             body: content,
             status: options.status,
             headers: options.headers,
@@ -140,13 +138,13 @@ var DefaultFirstParty = /** @class */ (function () {
                 switch (_a.label) {
                     case 0:
                         if (!this.config.firstPartyEnabled) {
-                            return [2 /*return*/, new http_3.MinimalResponseImpl(constants_1.DEFAULT_CLIENT_RESPONSE_OPTIONS)];
+                            return [2 /*return*/, new http_1.MinimalResponseImpl(constants_1.DEFAULT_CLIENT_RESPONSE_OPTIONS)];
                         }
                         url = this.getThirdPartyCaptchaScriptUrl(context, prefix);
                         return [4 /*yield*/, this.forwardRequest(url, context)];
                     case 1:
                         response = _a.sent();
-                        return [2 /*return*/, response ? response : new http_3.MinimalResponseImpl(constants_1.DEFAULT_CLIENT_RESPONSE_OPTIONS)];
+                        return [2 /*return*/, response ? response : new http_1.MinimalResponseImpl(constants_1.DEFAULT_CLIENT_RESPONSE_OPTIONS)];
                 }
             });
         });
@@ -159,7 +157,7 @@ var DefaultFirstParty = /** @class */ (function () {
                 switch (_d.label) {
                     case 0:
                         _d.trys.push([0, 2, , 3]);
-                        request = new http_2.OutgoingRequestImpl({
+                        request = new http_1.OutgoingRequestImpl({
                             url: url,
                             method: requestData.request.method,
                             headers: this.prepareFirstPartyHeaders(url, requestData, vid),
@@ -179,6 +177,7 @@ var DefaultFirstParty = /** @class */ (function () {
         });
     };
     DefaultFirstParty.prototype.prepareFirstPartyHeaders = function (url, requestData, vid) {
+        var _a;
         var headers = __assign({}, requestData.headers);
         try {
             headers = (0, utils_1.removeSensitiveHeaders)(headers, this.config.sensitiveHeaders);
@@ -186,7 +185,10 @@ var DefaultFirstParty = /** @class */ (function () {
             this.setXffHeader(headers, requestData.ip);
             this.addFirstPartyHeaders(headers, requestData.ip);
             if (vid) {
-                headers[http_1.COOKIE_HEADER_NAME] = (headers[http_1.COOKIE_HEADER_NAME] || []).concat(["pxvid=".concat(vid)]);
+                var vidCookieString = "pxvid=".concat(vid);
+                var existingCookies = (_a = headers[http_1.COOKIE_HEADER_NAME]) === null || _a === void 0 ? void 0 : _a.join('; ');
+                var newCookies = existingCookies ? "".concat(existingCookies, "; ").concat(vidCookieString) : vidCookieString;
+                headers[http_1.COOKIE_HEADER_NAME] = [newCookies];
             }
         }
         catch (e) {

package/lib/first_party/utils.d.ts

@@ -1,5 +1,6 @@
 import { IConfiguration } from '../config';
 export declare const getDefaultFirstPartyPrefix: (appId: string) => string;
+export declare const getFirstPartyPaths: (config: IConfiguration, callback?: (prefix: string) => string) => string[];
 export declare const getFirstPartySensorScriptPaths: (config: IConfiguration) => string[];
 export declare const getFirstPartyCaptchaScriptPathPrefixes: (config: IConfiguration) => string[];
 export declare const getFirstPartyXhrPathPrefixes: (config: IConfiguration) => string[];

package/lib/first_party/utils.js

@@ -1,22 +1,24 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getFirstPartyXhrPathPrefix = exports.getFirstPartyCaptchaScriptPathPrefix = exports.getFirstPartySensorScriptPath = exports.getFirstPartyXhrPathPrefixes = exports.getFirstPartyCaptchaScriptPathPrefixes = exports.getFirstPartySensorScriptPaths = exports.getDefaultFirstPartyPrefix = void 0;
+exports.getFirstPartyXhrPathPrefix = exports.getFirstPartyCaptchaScriptPathPrefix = exports.getFirstPartySensorScriptPath = exports.getFirstPartyXhrPathPrefixes = exports.getFirstPartyCaptchaScriptPathPrefixes = exports.getFirstPartySensorScriptPaths = exports.getFirstPartyPaths = exports.getDefaultFirstPartyPrefix = void 0;
 var getDefaultFirstPartyPrefix = function (appId) { return appId.substring(2); };
 exports.getDefaultFirstPartyPrefix = getDefaultFirstPartyPrefix;
 var getFirstPartyPaths = function (config, callback) {
     var allPrefixes = [config.firstPartyPrefix, (0, exports.getDefaultFirstPartyPrefix)(config.appId)];
-    return Array.from(new Set(allPrefixes)).map(callback);
+    var prefixes = Array.from(new Set(allPrefixes));
+    return callback ? prefixes.map(callback) : prefixes;
 };
+exports.getFirstPartyPaths = getFirstPartyPaths;
 var getFirstPartySensorScriptPaths = function (config) {
-    return getFirstPartyPaths(config, exports.getFirstPartySensorScriptPath);
+    return (0, exports.getFirstPartyPaths)(config, exports.getFirstPartySensorScriptPath);
 };
 exports.getFirstPartySensorScriptPaths = getFirstPartySensorScriptPaths;
 var getFirstPartyCaptchaScriptPathPrefixes = function (config) {
-    return getFirstPartyPaths(config, exports.getFirstPartyCaptchaScriptPathPrefix);
+    return (0, exports.getFirstPartyPaths)(config, exports.getFirstPartyCaptchaScriptPathPrefix);
 };
 exports.getFirstPartyCaptchaScriptPathPrefixes = getFirstPartyCaptchaScriptPathPrefixes;
 var getFirstPartyXhrPathPrefixes = function (config) {
-    return getFirstPartyPaths(config, exports.getFirstPartyXhrPathPrefix);
+    return (0, exports.getFirstPartyPaths)(config, exports.getFirstPartyXhrPathPrefix);
 };
 exports.getFirstPartyXhrPathPrefixes = getFirstPartyXhrPathPrefixes;
 var getFirstPartySensorScriptPath = function (prefix) { return "/".concat(prefix, "/init.js"); };

package/lib/http/impl/index.d.ts

@@ -1,2 +1,3 @@
 export * from './MinimalResponseImpl';
 export * from './OutgoingRequestImpl';
+export * from './phin';

package/lib/http/impl/index.js

@@ -16,3 +16,4 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
 Object.defineProperty(exports, "__esModule", { value: true });
 __exportStar(require("./MinimalResponseImpl"), exports);
 __exportStar(require("./OutgoingRequestImpl"), exports);
+__exportStar(require("./phin"), exports);

package/lib/http/impl/phin/PhinHttpClient.d.ts

@@ -0,0 +1,6 @@
+import { HttpSendOptions, IHttpClient, IIncomingResponse, IOutgoingRequest } from '../../interfaces';
+export declare class PhinHttpClient implements IHttpClient {
+    private readonly httpsKeepAliveAgent;
+    constructor();
+    send(request: IOutgoingRequest, options?: HttpSendOptions): Promise<IIncomingResponse>;
+}

package/lib/http/impl/phin/PhinHttpClient.js

@@ -0,0 +1,81 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
+    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (_) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PhinHttpClient = void 0;
+var http_1 = require("http");
+var https_1 = require("https");
+var p = require("phin");
+var utils_1 = require("../../../utils");
+var interfaces_1 = require("../../interfaces");
+var PhinIncomingResponse_1 = require("./PhinIncomingResponse");
+var PhinHttpClient = /** @class */ (function () {
+    function PhinHttpClient() {
+        this.httpsKeepAliveAgent = new https_1.Agent({ keepAlive: true });
+    }
+    PhinHttpClient.prototype.send = function (request, options) {
+        return __awaiter(this, void 0, void 0, function () {
+            var res, e_1, isTimeout;
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0:
+                        _a.trys.push([0, 2, , 3]);
+                        return [4 /*yield*/, p({
+                                url: request.url,
+                                method: request.method,
+                                headers: (0, interfaces_1.joinHeaderValues)(request.headers),
+                                data: request.body,
+                                timeout: (options === null || options === void 0 ? void 0 : options.timeoutMs) || null,
+                                core: {
+                                    agent: request.url.startsWith('https://') ? this.httpsKeepAliveAgent : new http_1.Agent(),
+                                },
+                            })];
+                    case 1:
+                        res = _a.sent();
+                        return [2 /*return*/, new PhinIncomingResponse_1.PhinIncomingResponse(res)];
+                    case 2:
+                        e_1 = _a.sent();
+                        isTimeout = e_1.toString().toLowerCase().includes('timeout');
+                        throw isTimeout ? new utils_1.EnforcerTimeoutError(options.timeoutMs) : e_1;
+                    case 3: return [2 /*return*/];
+                }
+            });
+        });
+    };
+    return PhinHttpClient;
+}());
+exports.PhinHttpClient = PhinHttpClient;

package/lib/http/impl/phin/PhinIncomingResponse.d.ts

@@ -0,0 +1,14 @@
+/// <reference types="node" />
+import { IResponse } from 'phin';
+import { IIncomingResponse, ReadOnlyHeaders } from '../../interfaces';
+export declare class PhinIncomingResponse implements IIncomingResponse {
+    readonly status: number;
+    readonly headers: ReadOnlyHeaders;
+    readonly body: Buffer;
+    constructor(response: IResponse);
+    arrayBuffer(): Promise<ArrayBuffer>;
+    blob(): Promise<Blob>;
+    formData(): Promise<FormData>;
+    json(): Promise<any>;
+    text(): Promise<string>;
+}

package/lib/http/impl/phin/PhinIncomingResponse.js

@@ -0,0 +1,86 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
+    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (_) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PhinIncomingResponse = void 0;
+var PhinIncomingResponse = /** @class */ (function () {
+    function PhinIncomingResponse(response) {
+        this.status = response.statusCode;
+        this.body = response.body;
+        this.headers = Object.fromEntries(Object.entries(response.headers).map(function (_a) {
+            var key = _a[0], val = _a[1];
+            return [key, typeof val === 'string' ? [val] : val];
+        }));
+    }
+    PhinIncomingResponse.prototype.arrayBuffer = function () {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                return [2 /*return*/, this.body];
+            });
+        });
+    };
+    PhinIncomingResponse.prototype.blob = function () {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                throw 'not implemented';
+            });
+        });
+    };
+    PhinIncomingResponse.prototype.formData = function () {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                throw 'not implemented';
+            });
+        });
+    };
+    PhinIncomingResponse.prototype.json = function () {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                return [2 /*return*/, JSON.parse(this.body.toString())];
+            });
+        });
+    };
+    PhinIncomingResponse.prototype.text = function () {
+        return __awaiter(this, void 0, void 0, function () {
+            return __generator(this, function (_a) {
+                return [2 /*return*/, this.body.toString()];
+            });
+        });
+    };
+    return PhinIncomingResponse;
+}());
+exports.PhinIncomingResponse = PhinIncomingResponse;

package/lib/http/impl/phin/index.d.ts

@@ -0,0 +1,2 @@
+export * from './PhinIncomingResponse';
+export * from './PhinHttpClient';

package/lib/http/impl/phin/index.js

@@ -0,0 +1,18 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./PhinIncomingResponse"), exports);
+__exportStar(require("./PhinHttpClient"), exports);

package/lib/pxhd/PXHDUtils.d.ts

@@ -1,6 +1,5 @@
 import { IContext } from '../context';
-import { IOutgoingResponse } from '../http';
-import { IMinimalResponse } from '../http';
+import { IOutgoingResponse, IMinimalResponse } from '../http';
 export declare namespace PXHDUtils {
     const PXHD_SAMESITE_VALUE = "Lax";
     const PXHD_PATH_VALUE = "/";

package/lib/utils/constants.d.ts

@@ -7,4 +7,4 @@ export declare const BYPASS_MONITOR_HEADER_VALUE = "1";
 export declare const X_PX_AUTHORIZATION_HEADER_NAME = "x-px-authorization";
 export declare const X_PX_ORIGINAL_TOKEN_HEADER_NAME = "x-px-original-token";
 export declare const X_PX_BYPASS_REASON_HEADER_NAME = "x-px-bypass-reason";
-export declare const CORE_MODULE_VERSION = "JS Core 0.4.2";
+export declare const CORE_MODULE_VERSION = "JS Core 0.4.4";

package/lib/utils/constants.js

@@ -10,4 +10,4 @@ exports.BYPASS_MONITOR_HEADER_VALUE = '1';
 exports.X_PX_AUTHORIZATION_HEADER_NAME = 'x-px-authorization';
 exports.X_PX_ORIGINAL_TOKEN_HEADER_NAME = 'x-px-original-token';
 exports.X_PX_BYPASS_REASON_HEADER_NAME = 'x-px-bypass-reason';
-exports.CORE_MODULE_VERSION = 'JS Core 0.4.2';
+exports.CORE_MODULE_VERSION = 'JS Core 0.4.4';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "perimeterx-js-core",
-  "version": "0.4.2",
+  "version": "0.4.4",
   "description": "",
   "main": "lib/index.js",
   "types": "lib/index.d.ts",
@@ -22,6 +22,7 @@
     "crypto-js": "^4.1.1",
     "ip-range-check": "^0.2.0",
     "js-base64": "^3.7.2",
+    "phin": "^3.7.0",
     "uuid": "^9.0.0"
   },
   "devDependencies": {