New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →

@dcard/web-ad-tracking-sdk

Package Overview

Dependencies

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

@dcard/web-ad-tracking-sdk

The public advertising tracking SDK for web environments powered by Dcard Inc.

3.0.0
latest
Source
npm

Version published: 2 weeks ago

Weekly downloads: 681; decreased by-39.63%

Maintainers: 0

Weekly downloads

Created: 3 years ago

Source

Welcome to Dcard Web AD Tracking SDK 👋

The advertising tracking SDK for web environments powered by Dcard Inc.

🏠 Homepage

Install & Usage

Integrate tracking SDK into your codebase (Support typing automatically in IDE like vscode)

Install @dcard/web-ad-tracking-sdk

pnpm add @dcard/web-ad-tracking-sdk

Import @dcard/web-ad-tracking-sdk

import entry from '@dcard/web-ad-tracking-sdk';

// Substitute the real client ID for CLIENT_ID issued by Dcard.
entry('init', 'CLIENT_ID');
entry('track', 'PageView', { url: window.location.href });

Embed the SDK in the HTML file

Copy and paste the following script tags within the <head> tag of your HTML file to initialize the web tracking SDK.

<script
  async
  src="https://assets.dcard.tw/scripts/web-ad-tracking-sdk/latest.js"></script>
<script>
  /**
   * ===[[ Section 1 ]]===
   */
  window.dadk =
    window.dadk ||
    function dadk() {
      window.dadk.queue.push(Array.from(arguments));
    };
  window.dadk.queue = window.dadk.queue || [];

  /**
   * ===[[ Section 2 ]]===
   *
   * Change "CLIENT_ID" to your client id
   * e.g. "XXXOOO123456"
   */
  window.dadk('init', 'CLIENT_ID');
  window.dadk('track', 'PageView');
</script>

With Security Resource Integrity (SRI)

If you want to use the script with SRI, you can replace the first script with the following:

- <script async src="https://assets.dcard.tw/scripts/web-ad-tracking-sdk/latest.js"></script>
+ <script async src="https://assets.dcard.tw/scripts/web-ad-tracking-sdk/v3.0.0.js" integrity="sha384-OEa0OLZxesMGpNtP3OvBd1dUrOIEFQK0ofDakusy9o7zMeywjDcN/Ujv7gCCILBz" crossorigin="anonymous"></script>

NOTE: The script tag with SRI will fix the version of the SDK, an this may cause the SDK to be outdated. If you want to keep the SDK up-to-date, please use the latest version script tag.

Setup Content Security Policy (CSP)

Basic Setup

Security Connection

img-src: https://pixel.dcard.tw
script-src: https://pixel.dcard.tw https://assets.dcard.tw/scripts/web-ad-tracking-sdk

Insecurity Connection

img-src: pixel.dcard.tw
script-src: pixel.dcard.tw assets.dcard.tw/scripts/web-ad-tracking-sdk

With Nonce

Revice the Content Security Policy header with nonce attribute:

img-src: https://pixel.dcard.tw
script-src: 'nonce-{SERVER_GENERATED_NONCE}' https://pixel.dcard.tw https://assets.dcard.tw/scripts/web-ad-tracking-sdk

And add the nonce attribute to the script tag:

<script async nonce="SERVER_GENERATED_NONCE" crossorigin="anonymous">
  /**
   * ===[[ Section 1 ]]===
   */
  window.dadk =
    window.dadk ||
    function dadk() {
      window.dadk.queue.push(Array.from(arguments));
    };
  window.dadk.queue = window.dadk.queue || [];

  /**
   * ===[[ Section 2 ]]===
   *
   * Change "CLIENT_ID" to your client id
   * e.g. "XXXOOO123456"
   */
  window.dadk('init', 'CLIENT_ID');
  window.dadk('track', 'PageView');
</script>

FAQs

What is @dcard/web-ad-tracking-sdk?

Is @dcard/web-ad-tracking-sdk popular?

Is @dcard/web-ad-tracking-sdk well maintained?

Package last updated on 11 Feb 2025

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install