release 2.4.0

CHANGELOG.md

@@ -5,6 +5,14 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/)
 and this project adheres to [Semantic Versioning](http://semver.org/).
 
+## [2.4.0] - 2019-10-15
+### Added
+- Send HTTP method on async activities
+- Support for specific enforced routes and specific monitored routes
+
+### Fixed
+- Upgraded dependency
+
 ## [2.3.2] - 2019-10-02
 ### Fixed
 - Upgraded dependency

README.md

@@ -5,7 +5,7 @@
 [PerimeterX](http://www.perimeterx.com) Shared base for NodeJS enforcers
 =============================================================
 
-> Latest stable version: [v2.3.2](https://www.npmjs.com/package/perimeterx-node-core)
+> Latest stable version: [v2.4.0](https://www.npmjs.com/package/perimeterx-node-core)
 
 This is a shared base implementation for PerimeterX Express enforcer and future NodeJS enforcers. For a fully functioning implementation example, see the [Node-Express enforcer](https://github.com/PerimeterX/perimeterx-node-express/) implementation.
 

lib/pxapi.js

@@ -20,7 +20,7 @@ function callServer(ctx, config, callback) {
     const uri = ctx.uri || '/';
     const headers = pxUtil.formatHeaders(ctx.headers, config.SENSITIVE_HEADERS);
     const httpVersion = ctx.httpVersion;
-    const riskMode = config.MODULE_MODE === config.MONITOR_MODE.MONITOR ? 'monitor' : 'active_blocking';
+    const riskMode = (config.MODULE_MODE === config.MONITOR_MODE.MONITOR || ctx.monitoredRoute) ? 'monitor' : 'active_blocking';
 
     const data = {
         request: {

lib/pxclient.js

@@ -26,6 +26,7 @@ class PxClient {
 
         details['cookie_origin'] = ctx.cookieOrigin;
         details['module_version'] = config.MODULE_VERSION;
+        details['http_method'] = ctx.httpMethod;
         if (ctx.blockAction && activityType === 'block') {
             details['block_action'] = ctx.blockAction;
         }

lib/pxconfig.js

@@ -26,12 +26,12 @@ class PxConfig {
 
     mergeParams(params) {
         params = this.mergeConfigFileParams(params);
-        
-        const configKeyMapping = [['ENABLE_MODULE', 'enableModule'], ['PX_APP_ID', 'pxAppId'], ['COOKIE_SECRET_KEY', 'cookieSecretKey'], ['AUTH_TOKEN', 'authToken'], ['PROXY_URL', 'proxy'], 
-            ['API_TIMEOUT_MS', 'apiTimeoutMS'], ['CUSTOM_REQUEST_HANDLER', 'customRequestHandler'], ['GET_USER_IP', 'getUserIp'], ['BLOCKING_SCORE', 'blockingScore'], ['IP_HEADERS', 'ipHeaders'], 
-            ['SEND_PAGE_ACTIVITIES', 'sendPageActivities'], ['SENSITIVE_HEADERS', 'sensitiveHeaders'], ['DEBUG_MODE', 'debugMode'], ['MAX_BUFFER_LEN', 'maxBufferLength'], ['JS_REF', 'jsRef'], 
-            ['CSS_REF', 'cssRef'], ['CUSTOM_LOGO', 'customLogo'], ['SENSITIVE_ROUTES', 'sensitiveRoutes'], ['WHITELIST_ROUTES', 'whitelistRoutes'], ['DYNAMIC_CONFIGURATIONS', 'dynamicConfigurations'], 
-            ['MODULE_MODE', 'moduleMode'], ['FIRST_PARTY_ENABLED', 'firstPartyEnabled'], ['ADDITIONAL_ACTIVITY_HANDLER', 'additionalActivityHandler'], ['ENRICH_CUSTOM_PARAMETERS', 'enrichCustomParameters'], 
+
+        const configKeyMapping = [['ENABLE_MODULE', 'enableModule'], ['PX_APP_ID', 'pxAppId'], ['COOKIE_SECRET_KEY', 'cookieSecretKey'], ['AUTH_TOKEN', 'authToken'], ['PROXY_URL', 'proxy'],
+            ['API_TIMEOUT_MS', 'apiTimeoutMS'], ['CUSTOM_REQUEST_HANDLER', 'customRequestHandler'], ['GET_USER_IP', 'getUserIp'], ['BLOCKING_SCORE', 'blockingScore'], ['IP_HEADERS', 'ipHeaders'],
+            ['SEND_PAGE_ACTIVITIES', 'sendPageActivities'], ['SENSITIVE_HEADERS', 'sensitiveHeaders'], ['DEBUG_MODE', 'debugMode'], ['MAX_BUFFER_LEN', 'maxBufferLength'], ['JS_REF', 'jsRef'],
+            ['CSS_REF', 'cssRef'], ['CUSTOM_LOGO', 'customLogo'], ['SENSITIVE_ROUTES', 'sensitiveRoutes'], ['WHITELIST_ROUTES', 'whitelistRoutes'], ['ENFORCED_ROUTES', 'enforcedRoutes'], ['MONITORED_ROUTES', 'monitoredRoutes'], ['DYNAMIC_CONFIGURATIONS', 'dynamicConfigurations'],
+            ['MODULE_MODE', 'moduleMode'], ['FIRST_PARTY_ENABLED', 'firstPartyEnabled'], ['ADDITIONAL_ACTIVITY_HANDLER', 'additionalActivityHandler'], ['ENRICH_CUSTOM_PARAMETERS', 'enrichCustomParameters'],
             ['TESTING_MODE', 'testingMode'], ['WHITELIST_EXT', 'whitelistExt'], ['BYPASS_MONITOR_HEADER', 'bypassMonitorHeader'], ['ADVANCED_BLOCKING_RESPONSE', 'advancedBlockingResponse'],
             ['TELEMETRY_COMMAND_HEADER', 'telemetryCommandHeader'], ['CUSTOM_TEMPLATE_ROOT', 'customTemplateRoot'], ['CUSTOM_TEMPLATE_DATA', 'customTemplateData']];
 
@@ -128,9 +128,9 @@ function pxInternalConfig() {
         CE_ITERATIONS: 1000,
         CE_DIGEST: 'sha256',
         CE_ALGO: 'aes-256-cbc',
-        
+
         STATIC_FILES_EXT: ['.css', '.bmp', '.tif', '.ttf', '.docx', '.woff2', '.js', '.pict', '.tiff', '.eot', '.xlsx', '.jpg', '.csv', '.eps', '.woff', '.xls', '.jpeg', '.doc', '.ejs', '.otf', '.pptx', '.gif', '.pdf', '.swf', '.svg', '.ps', '.ico', '.pls', '.midi', '.svgz', '.class', '.png', '.ppt', '.mid', 'webp', '.jar'],
-        
+
         /* actions */
         SCORE_EVALUATE_ACTION: {
             SPECIAL_TOKEN: -6,
@@ -139,22 +139,22 @@ function pxInternalConfig() {
             NO_COOKIE: -3,
             COOKIE_INVALID: -2,
             COOKIE_EXPIRED: -1,
-        
+
             S2S_PASS_TRAFFIC: 11,
             COOKIE_PASS_TRAFFIC: 10,
             S2S_TIMEOUT_PASS: 9,
             COOKIE_BLOCK_TRAFFIC: -10,
             S2S_BLOCK_TRAFFIC: -11,
             CAPTCHA_BLOCK_TRAFFIC: -12,
             CHALLENGE_BLOCK_TRAFFIC: -13,
-        
+
             CAPTCHA_PASS: 0,
             CAPTCHA_BLOCK: 1,
-        
+
             GOOD_SCORE: 1,
             BAD_SCORE: 0
         },
-        
+
         PASS_REASON: {
             CAPTCHA_TIMEOUT: 'captcha_timeout',
             CAPTCHA: 'captcha',
@@ -165,7 +165,7 @@ function pxInternalConfig() {
             INVALID_RESPONSE: 'invalid_response',
             REQUEST_FAILED: 'request_failed'
         },
-        
+
         MONITOR_MODE: {
             MONITOR: 0,
             BLOCK: 1
@@ -197,6 +197,8 @@ function pxDefaultConfig(PX_INTERNAL) {
         LOGO_VISIBILITY: 'hidden',
         SENSITIVE_ROUTES: [],
         WHITELIST_ROUTES: [],
+        MONITORED_ROUTES: [],
+        ENFORCED_ROUTES: [],
         DYNAMIC_CONFIGURATIONS: false,
         CONFIGURATION_LOAD_INTERVAL: 5000,
         MODULE_MODE: PX_INTERNAL.MONITOR_MODE.MONITOR,
@@ -215,32 +217,32 @@ function pxDefaultConfig(PX_INTERNAL) {
 }
 
 const configSchemaMapper = {
-    px_enable_module: 'enableModule', 
-    px_app_id: 'pxAppId', 
-    px_cookie_secret: 'cookieSecretKey', 
-    px_auth_token: 'authToken', 
-    px_proxy_url: 'proxy', 
+    px_enable_module: 'enableModule',
+    px_app_id: 'pxAppId',
+    px_cookie_secret: 'cookieSecretKey',
+    px_auth_token: 'authToken',
+    px_proxy_url: 'proxy',
     px_sync_request_timeout_ms: 'apiTimeoutMS',
-    px_custom_request_handler: 'customRequestHandler', 
-    px_get_user_ip: 'getUserIp', 
-    px_blocking_score: 'blockingScore', 
-    px_ip_headers: 'ipHeaders', 
+    px_custom_request_handler: 'customRequestHandler',
+    px_get_user_ip: 'getUserIp',
+    px_blocking_score: 'blockingScore',
+    px_ip_headers: 'ipHeaders',
     px_send_async_activities: 'sendPageActivities',
-    px_sensitive_headers: 'sensitiveHeaders', 
+    px_sensitive_headers: 'sensitiveHeaders',
     px_debug_mode: 'debugMode',
     px_max_buffer_length: 'maxBufferLength',
-    px_js_ref: 'jsRef', 
-    px_css_ref: 'cssRef', 
-    px_custom_logo: 'customLogo', 
-    px_sensitive_routes: 'sensitiveRoutes', 
-    px_whitelist_uri_full: 'whitelistRoutes', 
-    px_dynamic_configurations: 'dynamicConfigurations', 
-    px_module_mode: 'moduleMode', 
-    px_first_party_enabled: 'firstPartyEnabled', 
-    px_additional_activity_handler: 'additionalActivityHandler', 
-    px_enrich_custom_parameters: 'enrichCustomParameters', 
-    px_test_mode: 'testingMode', 
-    px_whitelist_extensions: 'whitelistExt', 
+    px_js_ref: 'jsRef',
+    px_css_ref: 'cssRef',
+    px_custom_logo: 'customLogo',
+    px_sensitive_routes: 'sensitiveRoutes',
+    px_whitelist_uri_full: 'whitelistRoutes',
+    px_dynamic_configurations: 'dynamicConfigurations',
+    px_module_mode: 'moduleMode',
+    px_first_party_enabled: 'firstPartyEnabled',
+    px_additional_activity_handler: 'additionalActivityHandler',
+    px_enrich_custom_parameters: 'enrichCustomParameters',
+    px_test_mode: 'testingMode',
+    px_whitelist_extensions: 'whitelistExt',
     px_bypass_monitor_header: 'bypassMonitorHeader',
     px_advanced_blocking_response: 'advancedBlockingResponse',
     px_telemetry_command: 'telemetryCommandHeader'

lib/pxcontext.js

@@ -20,7 +20,9 @@ class PxContext {
         this.httpVersion = req.httpVersion || '';
         this.httpMethod = req.method || '';
         this.sensitiveRoute = this.isSpecialRoute(config.SENSITIVE_ROUTES, this.uri);
+        this.enforcedRoute = this.isSpecialRoute(config.ENFORCED_ROUTES, this.uri);
         this.whitelistRoute = this.isSpecialRoute(config.WHITELIST_ROUTES, this.uri);
+        this.monitoredRoute = !this.enforcedRoute && this.isSpecialRoute(config.MONITORED_ROUTES, this.uri);
         this.cookieOrigin = 'cookie';
         const mobileHeader = this.headers[mobileSdkHeader];
         if (mobileHeader !== undefined) {

lib/pxenforcer.js

@@ -65,6 +65,7 @@ class PxEnforcer {
 
         try {
             const ctx = new PxContext(this._config, req, this.logger);
+
             this.logger.debug('Request context created successfully');
             ctx.collectorUrl = `https://collector-${this._config.PX_APP_ID}.perimeterx.net`;
 
@@ -184,7 +185,7 @@ class PxEnforcer {
 
         // If verified, pass the request here
         const shouldBypassMonitor = this._config.BYPASS_MONITOR_HEADER && req.headers[this._config.BYPASS_MONITOR_HEADER] === '1';
-        if (verified || (this._config.MODULE_MODE === this._config.MONITOR_MODE.MONITOR && !shouldBypassMonitor)) {
+        if (verified || ctx.monitoredRoute || (this._config.MODULE_MODE === this._config.MONITOR_MODE.MONITOR && !shouldBypassMonitor)) {
             return cb();
         }
 
@@ -273,7 +274,7 @@ class PxEnforcer {
             block_module: 'px-node-express',
             block_score: ctx.score,
             module_version: this.pxConfig.conf.MODULE_VERSION,
-            simulated_block: this._config.MODULE_MODE === this._config.MONITOR_MODE.MONITOR
+            simulated_block: this._config.MODULE_MODE === this._config.MONITOR_MODE.MONITOR || ctx.monitoredRoute
         };
 
         this.logger.debug(`Sending block activity`);

package.json

@@ -1,6 +1,6 @@
 {
   "name": "perimeterx-node-core",
-  "version": "2.3.2",
+  "version": "2.4.0",
   "description": "PerimeterX NodeJS shared core for various applications to monitor and block traffic according to PerimeterX risk score",
   "main": "index.js",
   "scripts": {
@@ -21,14 +21,15 @@
   "dependencies": {
     "agent-phin": "^1.0.4",
     "content-type": "^1.0.4",
-    "https-proxy-agent": "^2.2.1",
+    "https-proxy-agent": "^3.0.0",
     "mu2": "^0.5.21",
     "raw-body": "^2.3.2"
   },
   "devDependencies": {
     "eslint": "^6.3.0",
     "eslint-config-perimeterx": "^0.3.0",
     "mocha": "^5.2.0",
+    "proxyquire": "^2.1.3",
     "rewire": "^2.5.2",
     "should": "^8.3.0",
     "sinon": "^2.1.0"