@browserless/goto
Advanced tools
@browserless/goto - npm Package Compare versions
Comparing version 5.2.5 to 5.3.0
@@ -6,2 +6,13 @@ # Change Log | ||
| # [5.3.0](https://github.com/kikobeats/browserless/tree/master/packages/goto/compare/v5.2.5...v5.3.0) (2019-04-03) | ||
| ### Features | ||
| * add builtin adblock ([e370770](https://github.com/kikobeats/browserless/tree/master/packages/goto/commit/e370770)) | ||
| ## [5.2.5](https://github.com/kikobeats/browserless/tree/master/packages/goto/compare/v5.2.4...v5.2.5) (2019-03-10) | ||
@@ -8,0 +19,0 @@ |
@@ -5,3 +5,3 @@ { | ||
| "homepage": "https://browserless.js.org", | ||
| "version": "5.2.5", | ||
| "version": "5.3.0", | ||
| "main": "src/index.js", | ||
@@ -33,7 +33,8 @@ "author": { | ||
| "@browserless/devices": "^5.2.3", | ||
| "@cliqz/adblocker": "~0.8.0", | ||
| "debug": "~4.1.0", | ||
| "extract-domain": "~2.0.4", | ||
| "is-tracking-domain": "~1.1.6", | ||
| "got": "~9.6.0", | ||
| "p-timeout": "~2.0.1", | ||
| "require-one-of": "~1.0.2" | ||
| "require-one-of": "~1.0.2", | ||
| "tldts": "~4.0.5" | ||
| }, | ||
@@ -47,5 +48,7 @@ "engines": { | ||
| "scripts": { | ||
| "postinstall": "node scripts/postinstall", | ||
| "test": "exit 0" | ||
| }, | ||
| "license": "MIT" | ||
| "license": "MIT", | ||
| "gitHead": "ba167f870d75ba79813e32ee0e62bdc9f3d194ab" | ||
| } |
| 'use strict' | ||
| const { FiltersEngine, makeRequest } = require('@cliqz/adblocker') | ||
| const { getDevice } = require('@browserless/devices') | ||
| const debug = require('debug')('browserless:goto') | ||
| const extractDomain = require('extract-domain') | ||
| const tldts = require('tldts') | ||
| const path = require('path') | ||
| const fs = require('fs') | ||
| const isTracker = require('./is-tracker') | ||
| const engine = FiltersEngine.parse(fs.readFileSync(path.resolve(__dirname, './rules.txt'), 'utf-8')) | ||
| const isEmpty = val => val == null || !(Object.keys(val) || val).length | ||
| const isExternalUrl = (domainOne, domainTwo) => domainOne !== domainTwo | ||
| const types = { | ||
| document: 'main_frame', | ||
| eventsource: 'other', | ||
| fetch: 'xhr', | ||
| font: 'font', | ||
| image: 'image', | ||
| manifest: 'other', | ||
| media: 'media', | ||
| other: 'other', | ||
| script: 'script', | ||
| stylesheet: 'stylesheet', | ||
| texttrack: 'other', | ||
| websocket: 'websocket', | ||
| xhr: 'xhr' | ||
| } | ||
| /** | ||
| * | ||
| * Mapping from puppeteer request types to adblocker. This is needed because not all | ||
| * types from puppeteer have the same name as the webRequest APIs from browsers | ||
| * (which the adblocker expects). | ||
| * | ||
| * Related: | ||
| * - https://github.com/GoogleChrome/puppeteer/blob/v1.14.0/docs/api.md#requestresourcetype | ||
| * - https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/webRequest/ResourceType | ||
| */ | ||
| const webRequestType = resourceType => { | ||
| const type = types[resourceType] | ||
| if (!type) throw Error(`Type ${resourceType} not mapped`) | ||
| return type | ||
| } | ||
| const WAIT_UNTIL = ['networkidle0'] | ||
@@ -20,3 +53,3 @@ | ||
| device, | ||
| abortTrackers, | ||
| adblock, | ||
| abortTypes = [], | ||
@@ -35,3 +68,2 @@ waitFor = 0, | ||
| const resourceUrl = req.url() | ||
| const resourceType = req.resourceType() | ||
@@ -44,10 +76,20 @@ | ||
| const urlDomain = extractDomain(url) | ||
| const resourceDomain = extractDomain(resourceUrl) | ||
| const isExternal = isExternalUrl(urlDomain, resourceDomain) | ||
| if (adblock) { | ||
| const { match: isMatch } = engine.match( | ||
| makeRequest( | ||
| { | ||
| type: webRequestType(resourceType), | ||
| sourceUrl: req.frame().url(), | ||
| url: resourceUrl | ||
| }, | ||
| url => tldts.parse(url) | ||
| ) | ||
| ) | ||
| if (abortTrackers && isExternal && isTracker(resourceDomain)) { | ||
| debug(`abort:tracker:${++reqCount.abort}`, resourceUrl) | ||
| return req.abort() | ||
| if (isMatch) { | ||
| debug(`abort:tracker:${++reqCount.abort}`, resourceUrl) | ||
| return req.abort() | ||
| } | ||
| } | ||
| debug(`continue:${resourceType}:${++reqCount.continue}`, resourceUrl) | ||
@@ -54,0 +96,0 @@ return req.continue() |
New alerts
Install scripts
Supply chain riskInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by60.43%
6098
- Lines of code
- increased by67.27%
92
Worsened metrics
- Dependency count
- increased by16.67%
7
- Number of high supply chain risk alerts
- increased byInfinity%
1
- Number of low supply chain risk alerts
- increased byInfinity%
1
Dependency changes
+ Added@cliqz/adblocker@~0.8.0
+ Addedgot@~9.6.0
+ Addedtldts@~4.0.5
+ Added@cliqz/adblocker@0.8.0(transitive)
+ Added@sindresorhus/is@0.14.0(transitive)
+ Added@szmarczak/http-timer@1.1.2(transitive)
+ Addedcacheable-request@6.1.0(transitive)
+ Addeddecompress-response@3.3.0(transitive)
+ Addedget-stream@4.1.0(transitive)
+ Addedgot@9.6.0(transitive)
+ Addedjson-buffer@3.0.0(transitive)
+ Addedkeyv@3.1.0(transitive)
+ Addedlowercase-keys@1.0.1(transitive)
+ Addednormalize-url@4.5.1(transitive)
+ Addedp-cancelable@1.1.0(transitive)
+ Addedprepend-http@2.0.0(transitive)
+ Addedpunycode@2.3.1(transitive)
+ Addedresponselike@1.0.2(transitive)
+ Addedtldts@4.0.6(transitive)
+ Addedto-readable-stream@1.0.0(transitive)
+ Addedtslib@1.14.1(transitive)
+ Addedurl-parse-lax@3.0.0(transitive)
- Removedextract-domain@~2.0.4
- Removedis-tracking-domain@~1.1.6
- Removed@babel/code-frame@7.26.2(transitive)
- Removed@babel/helper-validator-identifier@7.25.9(transitive)
- Removed@sindresorhus/is@1.2.0(transitive)
- Removed@szmarczak/http-timer@3.1.1(transitive)
- Removed@types/cacheable-request@6.0.3(transitive)
- Removed@types/http-cache-semantics@4.0.4(transitive)
- Removed@types/keyv@3.1.4(transitive)
- Removed@types/node@22.13.5(transitive)
- Removed@types/responselike@1.0.3(transitive)
- Removedargs-js@0.10.12(transitive)
- Removedasync@3.2.6(transitive)
- Removedcacheable-lookup@0.2.2(transitive)
- Removedcacheable-request@7.0.4(transitive)
- Removedcb2promise@1.1.1(transitive)
- Removeddecompress-response@5.0.0(transitive)
- Removeddetect-indent@6.1.0(transitive)
- Removederror-ex@1.3.2(transitive)
- Removedextract-domain@2.0.6(transitive)
- Removedfast-safe-stringify@2.1.1(transitive)
- Removedgot@10.0.4(transitive)
- Removedgraceful-fs@4.2.11(transitive)
- Removedimurmurhash@0.1.4(transitive)
- Removedis-arrayish@0.2.1(transitive)
- Removedis-plain-obj@2.1.0(transitive)
- Removedis-promise@1.0.1(transitive)
- Removedis-tracking-domain@1.1.8(transitive)
- Removedis-typedarray@1.0.0(transitive)
- Removedjs-tokens@4.0.0(transitive)
- Removedjson-buffer@3.0.1(transitive)
- Removedjson-future@2.2.21(transitive)
- Removedjson-parse-even-better-errors@2.3.1(transitive)
- Removedkeyv@4.5.4(transitive)
- Removedlines-and-columns@1.2.4(transitive)
- Removedload-json-file@6.2.0(transitive)
- Removedmake-dir@3.1.0(transitive)
- Removedmimic-fn@2.0.0(transitive)
- Removedmimic-response@2.1.0(transitive)
- Removednodeify@1.0.1(transitive)
- Removednormalize-url@6.1.0(transitive)
- Removedp-cancelable@2.1.1(transitive)
- Removedparse-json@5.2.0(transitive)
- Removedpicocolors@1.1.1(transitive)
- Removedpromise@1.3.0(transitive)
- Removedresponselike@2.0.1(transitive)
- Removedsemver@6.3.1(transitive)
- Removedsignal-exit@3.0.7(transitive)
- Removedsliced@1.0.1(transitive)
- Removedsort-keys@4.2.0(transitive)
- Removedstrip-bom@4.0.0(transitive)
- Removedto-readable-stream@2.1.0(transitive)
- Removedtype-fest@0.6.00.8.1(transitive)
- Removedtypedarray-to-buffer@3.1.5(transitive)
- Removedundici-types@6.20.0(transitive)
- Removedwrite-file-atomic@3.0.3(transitive)
- Removedwrite-json-file@4.3.0(transitive)