PerimeterX
diff --git a/‎.github/workflows/cd.yaml‎
Lines changed: 5 additions & 5 deletions b/‎.github/workflows/cd.yaml‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎.github/workflows/ci.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/ci.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/ci_e2e.yaml‎
Lines changed: 25 additions & 15 deletions b/‎.github/workflows/ci_e2e.yaml‎
Lines changed: 25 additions & 15 deletions
diff --git a/‎.github/workflows/ci_verify_version.yaml‎
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/ci_verify_version.yaml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/docs_enforcement.yml‎
Lines changed: 3 additions & 3 deletions b/‎.github/workflows/docs_enforcement.yml‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎.github/workflows/fuzzer.yaml‎
Lines changed: 22 additions & 16 deletions b/‎.github/workflows/fuzzer.yaml‎
Lines changed: 22 additions & 16 deletions
diff --git a/‎.gitignore‎
Lines changed: 2 additions & 1 deletion b/‎.gitignore‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎CHANGELOG.md‎
Lines changed: 12 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 12 additions & 0 deletions
diff --git a/‎ci_files/enforcer-config.json‎
Lines changed: 2 additions & 4 deletions b/‎ci_files/enforcer-config.json‎
Lines changed: 2 additions & 4 deletions
diff --git a/‎ci_files/spec-tests-values.yaml‎
Lines changed: 6 additions & 0 deletions b/‎ci_files/spec-tests-values.yaml‎
Lines changed: 6 additions & 0 deletions
@@ -11,11 +11,11 @@ jobs:
       version: ${{ steps.version.outputs.value }}
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Setup Node.js
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@v6
         with:
-          node-version: '18.x'
+          node-version: '22.x'
       - name: Get package version
         id: version
         run: echo "value=$(node -p -e "require('./px_metadata.json').version")" >> "$GITHUB_OUTPUT"
@@ -28,7 +28,7 @@ jobs:
       contents: write
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - run: gh release create v${{ needs.extract_version.outputs.version }} --generate-notes -t "Version ${{ needs.extract_version.outputs.version }}"
         env:
           GITHUB_TOKEN: ${{ github.TOKEN }}
@@ -42,7 +42,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up JDK 8
         uses: actions/setup-java@v3
 
@@ -5,7 +5,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v5
       - name: Set up JDK 8
         uses: actions/setup-java@v3
         with:
 
@@ -12,11 +12,11 @@ jobs:
       supported-features: ${{ steps.supported-features.outputs.value }}
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Setup Node.js
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@v6
         with:
-          node-version: '20.x'
+          node-version: '22.x'
       - name: extract supported features
         id: supported-features
         run: echo "value=$(node -p -e "require('./px_metadata.json').supported_features?.join(' or ') || ''")" >> "$GITHUB_OUTPUT"
@@ -25,9 +25,9 @@ jobs:
   CI:
     name: "E2E tests"
     env:
-      MOCK_COLLECTOR_IMAGE_TAG: 1.3.5
+      MOCK_COLLECTOR_IMAGE_TAG: 2.0.6
       SAMPLE_SITE_IMAGE_TAG: 1.0.0
-      ENFORCER_SPEC_TESTS_IMAGE_TAG: 1.8.1
+      ENFORCER_SPEC_TESTS_IMAGE_TAG: 1.23.3
 
     runs-on: ubuntu-latest
     timeout-minutes: 60
@@ -37,7 +37,7 @@ jobs:
     steps:
 
       - name: Checkout Repo
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up Docker
         uses: docker/setup-buildx-action@v3
@@ -50,34 +50,34 @@ jobs:
           docker build . -t localhost:5001/java-enforcer-sample-site:$SAMPLE_SITE_IMAGE_TAG && \
           docker push localhost:5001/java-enforcer-sample-site:$SAMPLE_SITE_IMAGE_TAG
 
-      - uses: azure/setup-helm@v3
+      - uses: azure/setup-helm@v4
         with:
-          version: '3.14.1'
+          version: '3.19.0'
 
       - name: Clone helm charts repo - mock-collector
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           repository: PerimeterX/connect-helm-charts
           token: ${{ secrets.CONNECT_PULL_TOKEN }}
-          ref: mock-collector-0.1.1
+          ref: mock-collector-0.1.2
           path: ./deploy_charts/mock-collector
 
 
       - name: Clone helm charts repo - enforcer-tests
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           repository: PerimeterX/connect-helm-charts
           token: ${{ secrets.CONNECT_PULL_TOKEN }}
-          ref: enforcer-spec-tests-0.7.1
+          ref: enforcer-spec-tests-0.9.1
           path: ./deploy_charts/enforcer-spec-tests
 
 
       - name: Clone helm charts repo - sample-site
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           repository: PerimeterX/connect-helm-charts
           token: ${{ secrets.CONNECT_PULL_TOKEN }}
-          ref: sample-site-0.5.0
+          ref: sample-site-0.6.1
           path: ./deploy_charts/sample-site
 
       - name: Set up Google Cloud SDK
@@ -101,14 +101,16 @@ jobs:
           helm install mock-collector ./deploy_charts/mock-collector/charts/mock-collector \
             --set image.repository=localhost:5001/mock-collector \
             --set image.tag=$MOCK_COLLECTOR_IMAGE_TAG \
+            --set authToken=${{ secrets.PX_AUTH_TOKEN }} \
             --set imagePullPolicy=Always --wait
 
       - name: set secrets in enforcer config
         run: |
           cat ./ci_files/enforcer-config.json |\
           jq '.px_app_id="${{ secrets.PX_APP_ID }}"' |\
           jq '.px_cookie_secret="${{ secrets.TEST_COOKIE_SECRET }}"' |\
-          jq '.px_auth_token="${{ secrets.PX_AUTH_TOKEN }}"' > /tmp/enforcer-config.json
+          jq '.px_auth_token="${{ secrets.PX_AUTH_TOKEN }}"' |\
+          jq '.px_logger_auth_token="${{ secrets.PX_LOGGER_AUTH_TOKEN }}"' > /tmp/enforcer-config.json
 
       - name: log enforcer config
         run: cat /tmp/enforcer-config.json
@@ -118,6 +120,9 @@ jobs:
           helm install java-enforcer ./deploy_charts/sample-site/charts/sample-site \
           -f ./ci_files/enforcer-values.yaml \
           --set image.name=localhost:5001/java-enforcer-sample-site \
+          --set appId=${{ secrets.PX_APP_ID }} \
+          --set cookieSecret=${{ secrets.TEST_COOKIE_SECRET }} \
+          --set authToken=${{ secrets.PX_AUTH_TOKEN }} \
           --set image.tag=$SAMPLE_SITE_IMAGE_TAG \
           --set-file enforcerConfig.content=/tmp/enforcer-config.json \
           --wait
@@ -137,6 +142,7 @@ jobs:
             --set authToken="${{ secrets.PX_AUTH_TOKEN }}" \
             --set appId=${{ secrets.PX_APP_ID }} \
             --set-file enforcerMetadataContent=./px_metadata.json \
+            --set-file enforcerConfigJsonContent=/tmp/enforcer-config.json \
             -f ./ci_files/spec-tests-values.yaml \
             --wait \
             --timeout 60m0s \
@@ -145,3 +151,7 @@ jobs:
       - name: get tests results
         if: ${{ always() }}
         run: kubectl logs job/enforcer-spec-tests
+
+      - name: get enforcer logs
+        if: ${{ always() }}
+        run: kubectl logs deployment/java-enforcer-sample-site
@@ -9,7 +9,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code - ${{ github.base_ref }}
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           ref: ${{ github.base_ref }}
 
@@ -18,7 +18,7 @@ jobs:
         run: echo "project=$( mvn help:evaluate -Dexpression=project.version -q -DforceStdout )" >> "$GITHUB_OUTPUT"
 
       - name: Checkout code - current commit
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Get current SDK versions
         id: new-version
 
@@ -16,12 +16,12 @@ jobs:
       version: ${{ steps.version.outputs.value }}
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Setup Node.js
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@v6
         with:
-          node-version: '22'
+          node-version: '22.x'
 
       - name: Get package version
         id: version
 
@@ -12,11 +12,11 @@ jobs:
       supported-features: ${{ steps.version.outputs.value }}
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Setup Node.js
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@v6
         with:
-          node-version: 'latest'
+          node-version: '22.x'
       - name: Get package version
         id: version
         run: echo "value=$(node -p -e "require('./px_metadata.json').version")" >> "$GITHUB_OUTPUT"
@@ -25,8 +25,8 @@ jobs:
   Fuzzing:
     name: "Fuzzing Test"
     env:
-      MOCK_COLLECTOR_IMAGE_TAG: 1.3.6
-      FUZZER_TAG: 1.0.4
+      MOCK_COLLECTOR_IMAGE_TAG: 2.0.6
+      FUZZER_TAG: 1.1.0
       SAMPLE_SITE_IMAGE_TAG: 1.0.0
       ENFORCER_TAG: ${{ needs.extract_version.outputs.version }}
 
@@ -42,7 +42,7 @@ jobs:
     steps:
 
       - name: Checkout Repo
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up Docker
         uses: docker/setup-buildx-action@v3
@@ -55,32 +55,32 @@ jobs:
           docker build . -t localhost:5001/java-enforcer-sample-site:$SAMPLE_SITE_IMAGE_TAG && \
           docker push localhost:5001/java-enforcer-sample-site:$SAMPLE_SITE_IMAGE_TAG
 
-      - uses: azure/setup-helm@v3
+      - uses: azure/setup-helm@v4
         with:
-          version: '3.14.2'
+          version: '3.19.0'
 
       - name: Clone helm charts repo - mock-collector
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           repository: PerimeterX/connect-helm-charts
           token: ${{ secrets.CONNECT_PULL_TOKEN }}
-          ref: mock-collector-0.1.1
+          ref: mock-collector-0.1.2
           path: ./deploy_charts/mock-collector
 
       - name: Clone helm charts repo - fuzzer
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           repository: PerimeterX/connect-helm-charts
           token: ${{ secrets.CONNECT_PULL_TOKEN }}
-          ref: fuzzer-0.2.0
+          ref: fuzzer-0.3.1
           path: ./deploy_charts/fuzzer
 
       - name: Clone helm charts repo - sample-site
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           repository: PerimeterX/connect-helm-charts
           token: ${{ secrets.CONNECT_PULL_TOKEN }}
-          ref: sample-site-0.5.0
+          ref: sample-site-0.6.1
           path: ./deploy_charts/sample-site
 
       - name: Set up Google Cloud SDK
@@ -104,14 +104,17 @@ jobs:
           helm install mock-collector ./deploy_charts/mock-collector/charts/mock-collector \
             --set image.repository=localhost:5001/mock-collector \
             --set image.tag=$MOCK_COLLECTOR_IMAGE_TAG \
-            --set imagePullPolicy=Always --wait
+            --set authToken=${{ secrets.PX_AUTH_TOKEN }} \
+            --set imagePullPolicy=Always \
+            --wait
 
       - name: set secrets in enforcer config
         run: |
           cat ./ci_files/enforcer-config.json |\
           jq '.px_app_id="${{ secrets.PX_APP_ID }}"' |\
           jq '.px_cookie_secret="${{ secrets.TEST_COOKIE_SECRET }}"' |\
-          jq '.px_auth_token="${{ secrets.PX_AUTH_TOKEN }}"' > /tmp/enforcer-config.json
+          jq '.px_auth_token="${{ secrets.PX_AUTH_TOKEN }}"' |\
+          jq '.px_logger_auth_token="${{ secrets.PX_LOGGER_AUTH_TOKEN }}"' > /tmp/enforcer-config.json
 
       - name: log enforcer config
         run: cat /tmp/enforcer-config.json
@@ -122,6 +125,9 @@ jobs:
           -f ./ci_files/enforcer-values.yaml \
           --set image.name=localhost:5001/java-enforcer-sample-site \
           --set image.tag=$SAMPLE_SITE_IMAGE_TAG \
+          --set appId=${{ secrets.PX_APP_ID }} \
+          --set cookieSecret=${{ secrets.TEST_COOKIE_SECRET }} \
+          --set authToken=${{ secrets.PX_AUTH_TOKEN }} \
           --set-file enforcerConfig.content=/tmp/enforcer-config.json \
           --wait
 
 
@@ -10,4 +10,5 @@ examples/examples.iml
 .DS_Store
 .classpath
 .project
-.factorypath
+.factorypath
+.smarttomcat
@@ -1,4 +1,16 @@
 # Change Log
+## [x.x.x] - YYYY-MM-DD
+- Added `px_secured_pxhd_enabled` configuration option to enable secure flag on `pxhd` cookie
+- Added `is_sensitive_route` to risk api and async activities
+- Added `additional_token_info` to risk api and async activities
+- Updated telemetry activity to new format (`static_config` and `active_config`; `remote_config` is not supported)
+- Updated telemetry activity to include `request_id`
+- Updated captcha page template to newest version
+- Updated dependencies minor and patch versions (major versions unchanged)
+- Changed custom parameters to be of type `Object` instead of `String` to allow more flexibility
+- Changed first party block script in captcha template to end with expected `/captcha.js`
+- Fixed possible connection leak issue due to unclosed responses in first party and telemetry requests
+- Fixed first party fuzzing errors by returning 400 on first party requests with URL length > 1000 characters
 
 ## [v6.15.1](https://github.com/PerimeterX/perimeterx-java-sdk/compare/6.15.1...HEAD) (2025-09-08)
 - Added additional updateReason RISK to Telemetry flow 
 
@@ -19,9 +19,6 @@
   "px_custom_first_party_xhr_endpoint": "/custom_first_party_xhr_endpoint",
   "px_custom_first_party_captcha_endpoint": "/custom_first_party_captcha_endpoint",
   "px_custom_first_party_prefix": "/custom_first_party_prefix",
-  "px_filter_by_route": [
-    "/filtered_route"
-  ],
   "px_monitored_routes": [
     "/monitored_route",
     "/monitored_route/suffix",
@@ -116,5 +113,6 @@
   ],
   "px_cors_support_enabled": true,
   "px_cors_preflight_request_filter_enabled": true,
-  "px_url_decode_reserved_characters": true
+  "px_url_decode_reserved_characters": true,
+  "px_secured_pxhd_enabled": true
 }
@@ -1,3 +1,9 @@
+additionalArgs:
+  - "--retries"
+  - "3"
+  - "--retry-delay"
+  - "10"
+
 internalMockCollectorURL: "http://mock-collector-mock-collector:3001"
 siteURL: "http://java-enforcer-sample-site:3000"