@duckduckgo/autoconsent
Advanced tools
This is a library of rules for navigating through common consent popups on the web. These rules can be run in a Firefox webextension, or in a puppeteer orchestrated headless browser. Using these rules, opt-in and opt-out options can be selected automatica
This is a library of rules for navigating through common consent popups on the web. These rules can be run in a Firefox webextension, or in a puppeteer orchestrated headless browser. Using these rules, opt-in and opt-out options can be selected automatically, without requiring user-input.
The standalone addon can be built with the following steps:
# Download dependencies
npm ci
# Build JS bundles
npm run bundle
# Build consent ruleset
npm run build-rules
The standalone addon can be found in the addon directory and can be run with npm start.
Alternatively, you can use web-ext build -s addon/ to generate a packaged addon that can
be installed in an existing Firefox profile.
The library's functionality is implemented as a set of rules that define how to manage consent on a subset of sites. These generally correspond to specific Consent Management Providers (CMPs) that are installed on multiple sites. Each CMP ruleset defines:
There are currently three ways of implementing a CMP:
AutoConsent class.AutoCMP interface. This enables more complex logic than the linear AutoConsent
rulesets allow.ConsentOMaticCMP class implements
compability with rules written for the Consent-O-Matic extension.An autoconsent CMP rule can be written as either:
AutoCMP interface, orAutoConsentCMPRule type.In most cases the JSON syntax should be sufficient, unless non-linear logic is required, in which case a class is required.
Both JSON and class implementations require 5 main components:
name - to identify this CMP.detectCMP - which determines if this CMP is included on the page.detectPopup - which determines if a popup is being shown by the CMP.optOut - executes actions to do an 'opt-out' from the popup screen. i.e. denying all consents possible.optIn - execut actions for an 'opt-in' from the popup screen.Except for name this are defined as a set of checks or actions on the page. In the JSON syntax this is a list of AutoConsentRuleStep objects. For detect checks, we return true for the check if all steps return true. For opt in and out, we execute actions in order, exiting if one fails. The following checks/actions are supported:
{
"exists": "selector"
}
Returns true if document.querySelect(selector) returns elements.
{
"visible": "selector",
"check": "any" | "all" | "none"
}
Returns true if an element returned from document.querySelect(selector) is current visible on the page. If check is all, every element must be visible. If check is none, no element should be visible.
{
"eval": "code"
}
Evaluates code in the context of the page. NB: the result of this action depends on the truthiness of the evaluated expression, make sure it returns true in case of success.
{
"waitFor": "selector",
"timeout": 1000
}
Waits until selector exists in the page. After timeout ms the step fails.
{
"click": "selector",
"all": true | false,
}
Click on an element returned by selector. If all is true, all matching elements are clicked.
{
"waitForThenClick": "selector",
"timeout": 1000
}
Combines waitFor and click.
{
"wait": 1000,
}
Wait for the specified number of milliseconds.
{
"goto": "url"
}
Navigate the page to the given URL.
{
"hide": ["selector", ...]
}
Set the elements matched by the selectors to display: none.
In some cases, rules have to interact with iframes in the page. The CMP rule defintion can optionally include a frame component that should be the prefix of the expected frame URL. Checks and actions can then add "frame": true to indicate that the check or action should be done on the iframe's document (rather than main frame).
Any rule can include the "optional": true to ignore failure.
MPLv2.
FAQs
This is a library of rules for navigating through common consent popups on the web. These rules can be run in a Chrome extension, or in a Playwright-orchestrated headless browser. Using these rules, opt-in and opt-out options can be selected automatically
The npm package @duckduckgo/autoconsent receives a total of 689 weekly downloads. As such, @duckduckgo/autoconsent popularity was classified as not popular.
We found that @duckduckgo/autoconsent demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.