As a follow-up to our previous announcement here, we removed support for TLS versions 1.0 and 1.1 on all our API endpoints, except for two regions: eu-central-1 and us-east-1 will drop TLS 1.0 and 1.1 in the coming weeks.

• Add data_dome_auth_enable_referrer_restoration option to enable the referrer restoration
• Use the X-Forwarded-Proto header when available to define the Protocol field in payloads sent to the Protection API
• Use uppercase letters for hexadecimal values in payloads sent to the Protection API
• Make parsing case-insensitive for header names

• Add datadome_enable_replay_protection variable to prevent replay attack in case of Early-Data requests

• Improve performance (decrease TBT on slow devices)

• Internal improvements

• Add support for opening custom pop-ups from a challenge page, available upon request

• Add DATADOME_ENABLE_REFERRER_RESTORATION option to enable the referrer restoration

Breaking changes

• Add x-sigsci-no-inspection: true header on sub-requests sent to Protection API to skip inspection by Next-Gen WAF

In our ongoing commitment to security, we will progressively retire support for TLS versions 1.0 and 1.1 on our API endpoints.