@socialgouv/matomo-next
Advanced tools
@socialgouv/matomo-next - npm Package Compare versions
Comparing version 1.7.0 to 1.8.0
@@ -11,2 +11,4 @@ interface InitSettings { | ||
| onInitialization?: () => void; | ||
| nonce?: string; | ||
| trustedPolicyName?: string; | ||
| } | ||
@@ -26,4 +28,4 @@ interface Dimensions { | ||
| export declare function push(args: (Dimensions | number[] | string[] | number | string | null | undefined)[]): void; | ||
| export declare function init({ url, siteId, jsTrackerFile, phpTrackerFile, excludeUrlsPatterns, disableCookies, onRouteChangeStart, onRouteChangeComplete, onInitialization, }: InitSettings): void; | ||
| export declare function init({ url, siteId, jsTrackerFile, phpTrackerFile, excludeUrlsPatterns, disableCookies, onRouteChangeStart, onRouteChangeComplete, onInitialization, nonce, trustedPolicyName, }: InitSettings): void; | ||
| export default init; | ||
| //# sourceMappingURL=index.d.ts.map |
@@ -29,5 +29,10 @@ "use strict"; | ||
| }; | ||
| var trustedPolicyHooks = { | ||
| createScript: function (s) { return s; }, | ||
| createScriptURL: function (s) { return s; }, | ||
| }; | ||
| // initialize the tracker | ||
| function init(_a) { | ||
| var url = _a.url, siteId = _a.siteId, _b = _a.jsTrackerFile, jsTrackerFile = _b === void 0 ? "matomo.js" : _b, _c = _a.phpTrackerFile, phpTrackerFile = _c === void 0 ? "matomo.php" : _c, _d = _a.excludeUrlsPatterns, excludeUrlsPatterns = _d === void 0 ? [] : _d, _e = _a.disableCookies, disableCookies = _e === void 0 ? false : _e, _f = _a.onRouteChangeStart, onRouteChangeStart = _f === void 0 ? undefined : _f, _g = _a.onRouteChangeComplete, onRouteChangeComplete = _g === void 0 ? undefined : _g, _h = _a.onInitialization, onInitialization = _h === void 0 ? undefined : _h; | ||
| var _b, _c, _d, _e; | ||
| var url = _a.url, siteId = _a.siteId, _f = _a.jsTrackerFile, jsTrackerFile = _f === void 0 ? "matomo.js" : _f, _g = _a.phpTrackerFile, phpTrackerFile = _g === void 0 ? "matomo.php" : _g, _h = _a.excludeUrlsPatterns, excludeUrlsPatterns = _h === void 0 ? [] : _h, _j = _a.disableCookies, disableCookies = _j === void 0 ? false : _j, _k = _a.onRouteChangeStart, onRouteChangeStart = _k === void 0 ? undefined : _k, _l = _a.onRouteChangeComplete, onRouteChangeComplete = _l === void 0 ? undefined : _l, _m = _a.onInitialization, onInitialization = _m === void 0 ? undefined : _m, nonce = _a.nonce, _o = _a.trustedPolicyName, trustedPolicyName = _o === void 0 ? "matomo-next" : _o; | ||
| window._paq = window._paq !== null ? window._paq : []; | ||
@@ -38,2 +43,3 @@ if (!url) { | ||
| } | ||
| var sanitizer = (_c = (_b = window.trustedTypes) === null || _b === void 0 ? void 0 : _b.createPolicy(trustedPolicyName, trustedPolicyHooks)) !== null && _c !== void 0 ? _c : trustedPolicyHooks; | ||
| var previousPath = ""; | ||
@@ -67,6 +73,10 @@ // order is important -_- so campaign are detected | ||
| var refElement = document.getElementsByTagName("script")[0]; | ||
| if (nonce) { | ||
| scriptElement.setAttribute("nonce", nonce); | ||
| } | ||
| scriptElement.type = "text/javascript"; | ||
| scriptElement.async = true; | ||
| scriptElement.defer = true; | ||
| scriptElement.src = url + "/" + jsTrackerFile; | ||
| var fullUrl = url + "/" + jsTrackerFile; | ||
| scriptElement.src = (_e = (_d = sanitizer.createScriptURL) === null || _d === void 0 ? void 0 : _d.call(sanitizer, fullUrl)) !== null && _e !== void 0 ? _e : fullUrl; | ||
| if (refElement.parentNode) { | ||
@@ -73,0 +83,0 @@ refElement.parentNode.insertBefore(scriptElement, refElement); |
| { | ||
| "name": "@socialgouv/matomo-next", | ||
| "version": "1.7.0", | ||
| "version": "1.8.0", | ||
| "author": "Fabrique numérique des Ministères Sociaux <dsi-incubateur@sg.social.gouv.fr> (https://www.fabrique.social.gouv.fr)", | ||
@@ -10,2 +10,3 @@ "homepage": "https://github.com/SocialGouv/matomo-next#readme", | ||
| "@types/jest": "26.0.24", | ||
| "@types/trusted-types": "^2.0.4", | ||
| "eslint": "7.32.0", | ||
@@ -12,0 +13,0 @@ "jest": "26.6.3", |
@@ -82,2 +82,31 @@ <h1 align="center"> | ||
| ### Content-Security-Policy | ||
| #### [Nonce](https://developer.mozilla.org/fr/docs/Web/HTML/Global_attributes/nonce) | ||
| If you use a `Content-Security-Policy` header with a `nonce` attribute, you can pass it to the `init` function to allow the script to be executed. | ||
| ```js | ||
| init({ | ||
| url: MATOMO_URL, | ||
| siteId: MATOMO_SITE_ID, | ||
| nonce: "123456789", | ||
| }) | ||
| ``` | ||
| #### [Trusted Types](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/trusted-types) | ||
| As the `matomo-next` injects a matomo script, if you use strict Trusted Types, you need to allow the `script` tag to be created by adding our policy name to your `trusted types` directive. | ||
| ``` | ||
| Content-Security-Policy: require-trusted-types-for 'script'; trusted-types matomo-next; | ||
| ``` | ||
| You can set a custom policy name by passing it to the `init` function. | ||
| ```js | ||
| init({ | ||
| url: MATOMO_URL, | ||
| siteId: MATOMO_SITE_ID, | ||
| trustedPolicyName: "your-custom-policy-name", | ||
| }) | ||
| ``` | ||
| ### Extensibility | ||
@@ -84,0 +113,0 @@ |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by4.31%
54899
- Lines of code
- increased by2.63%
508
- Number of lines in readme file
- increased by23.97%
150
Worsened metrics
- Dev dependency count
- increased by9.09%
12
No dependency changes