Security News
Research
Supply Chain Attack on Rspack npm Packages Injects Cryptojacking Malware
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
@rudderstack/analytics-js-cookies
Advanced tools
The Customer Data Platform for Developers
Website · Documentation · Community Slack
RudderStack JavaScript SDK utilities for cookies in browser and Node.js environments. Use the appropriate functions for your environment.
getDecryptedValueBrowser
:warning: Only for browser environments
This function decrypts the provided encrypted RudderStack JavaScript cookie value using the RudderStack JavaScript SDK encryption version "v3".
If the provided value is either not encrypted or not properly encrypted, the function returns
null
.
:warning: Any errors during decryption are swallowed by the function, returning
null
.
import { getDecryptedValueBrowser } from '@rudderstack/analytics-js-cookies';
const encryptedCookieValue = 'RS_ENC_v3_InRlc3QtZGF0YSI=';
const decryptedCookieValue = getDecryptedValueBrowser(encryptedCookieValue);
console.log('Decrypted Cookie Value: ', decryptedCookieValue);
// Output:
// Decrypted Cookie Value: test-data
getDecryptedValue
:warning: Only for Node.js environments
This function decrypts the provided encrypted RudderStack JavaScript cookie value using the RudderStack JavaScript SDK encryption version "v3".
If the provided value is either not encrypted or not properly encrypted, the function returns
null
.
:warning: Any errors during decryption are swallowed by the function, returning
null
.
import { getDecryptedValue } from '@rudderstack/analytics-js-cookies';
const encryptedCookieValue = 'RS_ENC_v3_InRlc3QtZGF0YSI=';
const decryptedCookieValue = getDecryptedValue(encryptedCookieValue);
console.log('Decrypted Cookie Value: ', decryptedCookieValue);
// Output:
// Decrypted Cookie Value: test-data
getDecryptedCookieBrowser
:warning: Only for browser environments
This function takes the name of the RudderStack JavaScript SDK cookie and returns the decrypted value.
The return type is either a string
or an object
as some cookies like user ID, anonymous user ID have string values while user traits are objects.
It returns null
in either of the following scenarios:
:warning: Any errors during decryption are swallowed by the function, returning
null
.
The following cookie keys are exported which can be used with this function:
userIdKey
: The key for the user ID cookie.userTraitsKey
: The key for the user traits cookie.anonymousUserIdKey
: The key for the anonymous user ID cookie.groupIdKey
: The key for the group ID cookie.groupTraitsKey
: The key for the group traits cookie.pageInitialReferrerKey
: The key for the page initial referrer cookie.pageInitialReferringDomainKey
: The key for the page initial referring domain cookie.sessionInfoKey
: The key for the session ID cookie.authTokenKey
: The key for the auth token cookie.import {
getDecryptedCookieBrowser,
anonymousUserIdKey,
userTraitsKey,
} from '@rudderstack/analytics-js-cookies';
const anonymousId = getDecryptedCookieBrowser(anonymousUserIdKey);
console.log('Anonymous User ID: ', anonymousId);
// Output:
// Anonymous User ID: 2c5b6d48-ea90-43a2-a2f6-457d27f90328
const userTraits = getDecryptedCookieBrowser(userTraitsKey);
console.log('User Traits: ', userTraits);
// Output:
// User Traits: {"email":"abc@xyz.com","name":"John Doe"}
const invalidCookie = getDecryptedCookieBrowser('invalid-cookie-name');
console.log('Invalid Cookie: ', invalidCookie);
// Output:
// Invalid Cookie: null
As all the above APIs swallow the errors, you can set the debug
argument to true
to log the errors.
import { getDecryptedValue } from '@rudderstack/analytics-js-cookies';
const encryptedCookieValue = 'RS_ENC_v3_InRlc3QtZGF0YSI-some-random-data';
// Set the debug flag to true
const decryptedCookieValue = getDecryptedValue(encryptedCookieValue, true);
console.log('Decrypted Cookie Value: ', decryptedCookieValue);
// Output:
// Error occurred during decryption: Unexpected non-whitespace character after JSON at position 11
// Decrypted Cookie Value: null
This project is licensed under the Elastic License 2.0. See the LICENSE.md file for details. Review the license terms to understand your permissions and restrictions.
If you have any questions about licensing, please contact us or refer to the official Elastic licensing page.
We invite you to contribute to this project. For more information on how to contribute, please see here.
For more information on any of the sections covered in this readme, you can contact us or start a conversation on our Slack channel.
FAQs
RudderStack JavaScript SDK Cookies Utilities
The npm package @rudderstack/analytics-js-cookies receives a total of 367 weekly downloads. As such, @rudderstack/analytics-js-cookies popularity was classified as not popular.
We found that @rudderstack/analytics-js-cookies demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.
Security News
Sonar’s acquisition of Tidelift highlights a growing industry shift toward sustainable open source funding, addressing maintainer burnout and critical software dependencies.