@vgs/collect-js
Advanced tools
Comparing version 0.4.0 to 0.5.0
@@ -7,2 +7,4 @@ 'use strict'; | ||
var Promise = _interopDefault(require('promise-polyfill')); | ||
var setAsap = _interopDefault(require('setasap')); | ||
var axios = _interopDefault(require('axios')); | ||
@@ -29,4 +31,5 @@ var uuid = require('uuid'); | ||
var MAIN_SCRIPT_DOMAIN = "https://js.verygoodvault.com"; | ||
var BACKUP_SCRIPT_DOMAIN = "https://js.verygoodvault.com"; | ||
var MAIN_SCRIPT_DOMAIN = "https://js.verygoodvault.com"; // Loading script from Fastly CDN | ||
var BACKUP_SCRIPT_DOMAIN = "https://js3.verygoodvault.com"; | ||
var VGS_COLLECT_KEEPER = "https://vgs-collect-keeper.apps.verygood.systems"; | ||
@@ -159,3 +162,3 @@ var SESSION_ID = /*#__PURE__*/uuid.v4(); | ||
target.append(elem); | ||
target.appendChild(elem); | ||
return elem; | ||
@@ -171,2 +174,34 @@ }; | ||
var parseVersionString = function parseVersionString(version) { | ||
var parts = version.split('.'); | ||
var major = parseInt(parts[0]) || 0; | ||
var minor = parseInt(parts[1]) || 0; | ||
var patch = parseInt(parts[2]) || 0; | ||
return { | ||
major: major, | ||
minor: minor, | ||
patch: patch | ||
}; | ||
}; | ||
var isVersionGreater = function isVersionGreater(current, minimal) { | ||
if (current === 'canary') return true; | ||
var currentParsed = parseVersionString(current); | ||
var minimalParsed = parseVersionString(minimal); | ||
if (currentParsed.major !== minimalParsed.major) { | ||
return currentParsed.major > minimalParsed.major; | ||
} | ||
if (currentParsed.minor !== minimalParsed.minor) { | ||
return currentParsed.minor > minimalParsed.minor; | ||
} | ||
if (currentParsed.patch !== minimalParsed.patch) { | ||
return currentParsed.patch > minimalParsed.patch; | ||
} | ||
return false; | ||
}; | ||
var scriptURL = MAIN_SCRIPT_DOMAIN; | ||
@@ -201,6 +236,12 @@ | ||
var collectPromise = new Promise(function (resolve, reject) { | ||
scriptURL = loadMainCDN ? scriptURL : BACKUP_SCRIPT_DOMAIN; | ||
var _getConfig2 = getConfig(), | ||
version = _getConfig2.version; | ||
if (scriptExists() && window.VGSCollect) { | ||
resolve(window.VGSCollect); | ||
} // Fastly fallback CDN is available starting Collect.js version 2.3.0 | ||
if (!loadMainCDN && isVersionGreater(version, '2.3.0')) { | ||
scriptURL = BACKUP_SCRIPT_DOMAIN; | ||
} | ||
@@ -270,4 +311,6 @@ | ||
Promise._immediateFn = setAsap; // side effects | ||
Promise.resolve().then(function () { | ||
if (!window.VGSCollect) { | ||
if (typeof window !== 'undefined' && !window.VGSCollect) { | ||
// DNS lookup | ||
@@ -303,3 +346,3 @@ preFetch(); // Establish connection to the server | ||
return new Promise(function (resolve, reject) { | ||
if (typeof window === undefined) { | ||
if (typeof window === 'undefined') { | ||
reject(ERROR_MESSAGE.IS_UNDEFINED('window')); | ||
@@ -306,0 +349,0 @@ return; |
@@ -1,2 +0,2 @@ | ||
"use strict";Object.defineProperty(exports,"__esModule",{value:!0});var t,n=(t=require("axios"))&&"object"==typeof t&&"default"in t?t.default:t;function e(){return(e=Object.assign||function(t){for(var n=1;n<arguments.length;n++){var e=arguments[n];for(var o in e)Object.prototype.hasOwnProperty.call(e,o)&&(t[o]=e[o])}return t}).apply(this,arguments)}var o=require("uuid").v4(),r={vaultId:"",environment:"sandbox",version:"canary"},i=function(t){return t+" is undefined."},c=r,s=function(){return c},u={vaultId:function(t){return"string"==typeof t&&/^tnt.{8}$/.test(t)},environment:function(t){return"string"==typeof t&&/^(sandbox|live)((-eu)-\d{1})?$/.test(t)},version:function(t){return"canary"===t||"string"==typeof t&&/^\d{1,2}\.\d{1,2}(\.\d{1,2})?$/.test(t)&&!t.startsWith("1.")}},l=function(t){throw new Error(t+" is required.")},a=function(t){(function(t){!function(t,n){if(t){var e=Object.keys(t).filter((function(e){return!t[e](n[e])})).map((function(t){return new Error(t+" is invalid.")}));if(e.length)throw e[0]}}(u,t)})(t),function(t){t&&(c=e({},t))}(t),d({type:"LoadedFromPackage"})},d=function(t){var r=s(),i="",c={env:r.environment,tnt:r.vaultId,userAgent:window.navigator.userAgent,version:r.version,timestamp:Date.now(),vgsCollectSessionId:o};try{i=window.btoa(JSON.stringify(e({},t,c)))}catch(t){return}n({method:"POST",url:"https://vgs-collect-keeper.apps.verygood.systems/vgs",data:i}).then((function(){return!0})).catch((function(){}))},v=function(t){var n=document.head||document.body;if(!n)throw new Error("Unable to find document.head or document.body");return n.append(t),t},f=function(t,n){var e=document.createElement("link");e.rel=t,e.href=n,v(e)},w="https://js.verygoodvault.com",p=function(t,n){window.VGSCollect.init=function(e){return void 0===e&&(e=function(){}),window.VGSCollect.create(t,n,e)}};Promise.resolve().then((function(){window.VGSCollect||(f("dns-prefetch","https://js.verygoodvault.com"),f("dns-prefetch","https://js.verygoodvault.com"),f("preconnect","https://js.verygoodvault.com"),f("preconnect","https://js.verygoodvault.com"))})),exports.loadVGSCollect=function(t){void 0===t&&(t=l("config"));var n=t,e=n.vaultId,c=void 0===e?l("vaultId"):e,u=n.environment,f=void 0===u?r.environment:u,m=n.version,g=void 0===m?r.version:m;return"canary"===g&&console.warn("Please explicitly set locked VGS Collect.js version before going live. Check out the changelog https://www.verygoodsecurity.com/docs/vgs-collect/js/changelog"),a({vaultId:c,environment:f,version:g}),new Promise((function(t,n){void 0!==typeof window?(window.VGSCollect&&(p(c,f),t(window.VGSCollect)),function t(n){return void 0===n&&(n=!0),new Promise((function(e,r){if(w=n?w:"https://js.verygoodvault.com",function(){try{return document.querySelectorAll('script[src^="'+w+'/vgs-collect/"]').length>0}catch(t){return!1}}()&&window.VGSCollect&&e(window.VGSCollect),!window.VGSCollect){var c=function(){var t=s(),n=t.vaultId,e=t.environment,r=t.version,i=document.createElement("script");return i.src=w+"/vgs-collect/"+r+"/vgs-collect.js?sessionId="+o+"&tenantId="+n+"&env="+e,v(i),i}();c&&(c.onload=function(){window.VGSCollect||(d({type:"InstanceUndefined",status:"OK",mainCDN:n}),r(i("VGS Collect"))),d({type:"ScriptLoad",status:"OK",mainCDN:n}),e(window.VGSCollect)},c.onerror=function(){d({type:"ScriptLoad",status:"Failed",mainCDN:n}),n?e(t(!1)):r("VGS Collect.js script was not loaded.")})}}))}().then((function(){p(c,f),t(window.VGSCollect)})).catch((function(t){n(t)}))):n(i("window"))}))}; | ||
"use strict";function t(t){return t&&"object"==typeof t&&"default"in t?t.default:t}Object.defineProperty(exports,"__esModule",{value:!0});var n=t(require("promise-polyfill")),e=t(require("setasap")),o=t(require("axios"));function r(){return(r=Object.assign||function(t){for(var n=1;n<arguments.length;n++){var e=arguments[n];for(var o in e)Object.prototype.hasOwnProperty.call(e,o)&&(t[o]=e[o])}return t}).apply(this,arguments)}var i=require("uuid").v4(),c={vaultId:"",environment:"sandbox",version:"canary"},a=function(t){return t+" is undefined."},u=c,s=function(){return u},l={vaultId:function(t){return"string"==typeof t&&/^tnt.{8}$/.test(t)},environment:function(t){return"string"==typeof t&&/^(sandbox|live)((-eu)-\d{1})?$/.test(t)},version:function(t){return"canary"===t||"string"==typeof t&&/^\d{1,2}\.\d{1,2}(\.\d{1,2})?$/.test(t)&&!t.startsWith("1.")}},d=function(t){throw new Error(t+" is required.")},v=function(t){(function(t){!function(t,n){if(t){var e=Object.keys(t).filter((function(e){return!t[e](n[e])})).map((function(t){return new Error(t+" is invalid.")}));if(e.length)throw e[0]}}(l,t)})(t),function(t){t&&(u=r({},t))}(t),f({type:"LoadedFromPackage"})},f=function(t){var n=s(),e="",c={env:n.environment,tnt:n.vaultId,userAgent:window.navigator.userAgent,version:n.version,timestamp:Date.now(),vgsCollectSessionId:i};try{e=window.btoa(JSON.stringify(r({},t,c)))}catch(t){return}o({method:"POST",url:"https://vgs-collect-keeper.apps.verygood.systems/vgs",data:e}).then((function(){return!0})).catch((function(){}))},p=function(t){var n=document.head||document.body;if(!n)throw new Error("Unable to find document.head or document.body");return n.appendChild(t),t},w=function(t,n){var e=document.createElement("link");e.rel=t,e.href=n,p(e)},m=function(t){var n=t.split(".");return{major:parseInt(n[0])||0,minor:parseInt(n[1])||0,patch:parseInt(n[2])||0}},h="https://js.verygoodvault.com",y=function(t,n){window.VGSCollect.init=function(e){return void 0===e&&(e=function(){}),window.VGSCollect.create(t,n,e)}};n._immediateFn=e,n.resolve().then((function(){"undefined"==typeof window||window.VGSCollect||(w("dns-prefetch","https://js.verygoodvault.com"),w("dns-prefetch","https://js3.verygoodvault.com"),w("preconnect","https://js.verygoodvault.com"),w("preconnect","https://js3.verygoodvault.com"))})),exports.loadVGSCollect=function(t){void 0===t&&(t=d("config"));var e=t,o=e.vaultId,r=void 0===o?d("vaultId"):o,u=e.environment,l=void 0===u?c.environment:u,w=e.version,g=void 0===w?c.version:w;return"canary"===g&&console.warn("Please explicitly set locked VGS Collect.js version before going live. Check out the changelog https://www.verygoodsecurity.com/docs/vgs-collect/js/changelog"),v({vaultId:r,environment:l,version:g}),new n((function(t,e){"undefined"!=typeof window?(window.VGSCollect&&(y(r,l),t(window.VGSCollect)),function t(e){return void 0===e&&(e=!0),new n((function(n,o){var r=s().version;if(function(){try{return document.querySelectorAll('script[src^="'+h+'/vgs-collect/"]').length>0}catch(t){return!1}}()&&window.VGSCollect&&n(window.VGSCollect),!e&&function(t,n){if("canary"===t)return!0;var e=m(t),o=m("2.3.0");return e.major!==o.major?e.major>o.major:e.minor!==o.minor?e.minor>o.minor:e.patch!==o.patch&&e.patch>o.patch}(r)&&(h="https://js3.verygoodvault.com"),!window.VGSCollect){var c=function(){var t=s(),n=t.vaultId,e=t.environment,o=t.version,r=document.createElement("script");return r.src=h+"/vgs-collect/"+o+"/vgs-collect.js?sessionId="+i+"&tenantId="+n+"&env="+e,p(r),r}();c&&(c.onload=function(){window.VGSCollect||(f({type:"InstanceUndefined",status:"OK",mainCDN:e}),o(a("VGS Collect"))),f({type:"ScriptLoad",status:"OK",mainCDN:e}),n(window.VGSCollect)},c.onerror=function(){f({type:"ScriptLoad",status:"Failed",mainCDN:e}),e?n(t(!1)):o("VGS Collect.js script was not loaded.")})}}))}().then((function(){y(r,l),t(window.VGSCollect)})).catch((function(t){e(t)}))):e(a("window"))}))}; | ||
//# sourceMappingURL=collect-js.cjs.production.min.js.map |
@@ -0,1 +1,3 @@ | ||
import Promise from 'promise-polyfill'; | ||
import setAsap from 'setasap'; | ||
import axios from 'axios'; | ||
@@ -22,4 +24,5 @@ import { v4 } from 'uuid'; | ||
var MAIN_SCRIPT_DOMAIN = "https://js.verygoodvault.com"; | ||
var BACKUP_SCRIPT_DOMAIN = "https://js.verygoodvault.com"; | ||
var MAIN_SCRIPT_DOMAIN = "https://js.verygoodvault.com"; // Loading script from Fastly CDN | ||
var BACKUP_SCRIPT_DOMAIN = "https://js3.verygoodvault.com"; | ||
var VGS_COLLECT_KEEPER = "https://vgs-collect-keeper.apps.verygood.systems"; | ||
@@ -152,3 +155,3 @@ var SESSION_ID = /*#__PURE__*/v4(); | ||
target.append(elem); | ||
target.appendChild(elem); | ||
return elem; | ||
@@ -164,2 +167,34 @@ }; | ||
var parseVersionString = function parseVersionString(version) { | ||
var parts = version.split('.'); | ||
var major = parseInt(parts[0]) || 0; | ||
var minor = parseInt(parts[1]) || 0; | ||
var patch = parseInt(parts[2]) || 0; | ||
return { | ||
major: major, | ||
minor: minor, | ||
patch: patch | ||
}; | ||
}; | ||
var isVersionGreater = function isVersionGreater(current, minimal) { | ||
if (current === 'canary') return true; | ||
var currentParsed = parseVersionString(current); | ||
var minimalParsed = parseVersionString(minimal); | ||
if (currentParsed.major !== minimalParsed.major) { | ||
return currentParsed.major > minimalParsed.major; | ||
} | ||
if (currentParsed.minor !== minimalParsed.minor) { | ||
return currentParsed.minor > minimalParsed.minor; | ||
} | ||
if (currentParsed.patch !== minimalParsed.patch) { | ||
return currentParsed.patch > minimalParsed.patch; | ||
} | ||
return false; | ||
}; | ||
var scriptURL = MAIN_SCRIPT_DOMAIN; | ||
@@ -194,6 +229,12 @@ | ||
var collectPromise = new Promise(function (resolve, reject) { | ||
scriptURL = loadMainCDN ? scriptURL : BACKUP_SCRIPT_DOMAIN; | ||
var _getConfig2 = getConfig(), | ||
version = _getConfig2.version; | ||
if (scriptExists() && window.VGSCollect) { | ||
resolve(window.VGSCollect); | ||
} // Fastly fallback CDN is available starting Collect.js version 2.3.0 | ||
if (!loadMainCDN && isVersionGreater(version, '2.3.0')) { | ||
scriptURL = BACKUP_SCRIPT_DOMAIN; | ||
} | ||
@@ -263,4 +304,6 @@ | ||
Promise._immediateFn = setAsap; // side effects | ||
Promise.resolve().then(function () { | ||
if (!window.VGSCollect) { | ||
if (typeof window !== 'undefined' && !window.VGSCollect) { | ||
// DNS lookup | ||
@@ -296,3 +339,3 @@ preFetch(); // Establish connection to the server | ||
return new Promise(function (resolve, reject) { | ||
if (typeof window === undefined) { | ||
if (typeof window === 'undefined') { | ||
reject(ERROR_MESSAGE.IS_UNDEFINED('window')); | ||
@@ -299,0 +342,0 @@ return; |
import { IConfig } from '../utils/IConfig'; | ||
declare const MAIN_SCRIPT_DOMAIN = "https://js.verygoodvault.com"; | ||
declare const BACKUP_SCRIPT_DOMAIN = "https://js.verygoodvault.com"; | ||
declare const BACKUP_SCRIPT_DOMAIN = "https://js3.verygoodvault.com"; | ||
declare const VGS_COLLECT_KEEPER = "https://vgs-collect-keeper.apps.verygood.systems"; | ||
@@ -5,0 +5,0 @@ declare const SESSION_ID: string; |
{ | ||
"name": "@vgs/collect-js", | ||
"version": "0.4.0", | ||
"version": "0.5.0", | ||
"description": "VGS Collect.js script loading module", | ||
@@ -43,6 +43,10 @@ "license": "MIT", | ||
"dependencies": { | ||
"@types/promise-polyfill": "^6.0.4", | ||
"@types/setasap": "^2.0.0", | ||
"@types/uuid": "^8.3.0", | ||
"axios": "^0.21.1", | ||
"promise-polyfill": "8.2.0", | ||
"setasap": "^2.0.1", | ||
"uuid": "^8.3.2" | ||
} | ||
} |
@@ -123,2 +123,10 @@ <p align="center"> | ||
## CSP directives | ||
We strongly recommend to add the CSP to your application. Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. Please create CSP directives for the following domains: | ||
`connect-src https://js.verygoodvault.com https://js3.verygoodvault.com` | ||
`frame-src https://js.verygoodvault.com https://js3.verygoodvault.com` | ||
`script-src https://js.verygoodvault.com https://js3.verygoodvault.com` | ||
## Examples | ||
@@ -125,0 +133,0 @@ |
import { v4 as uuidv4 } from 'uuid'; | ||
import { IConfig } from '../utils/IConfig'; | ||
// Loading script from CloudFront CDN | ||
const MAIN_SCRIPT_DOMAIN = `https://js.verygoodvault.com`; | ||
const BACKUP_SCRIPT_DOMAIN = `https://js.verygoodvault.com`; | ||
// Loading script from Fastly CDN | ||
const BACKUP_SCRIPT_DOMAIN = `https://js3.verygoodvault.com`; | ||
const VGS_COLLECT_KEEPER = `https://vgs-collect-keeper.apps.verygood.systems`; | ||
@@ -7,0 +9,0 @@ const SESSION_ID = uuidv4(); |
@@ -0,1 +1,4 @@ | ||
import Promise from 'promise-polyfill'; | ||
import setAsap from 'setasap'; | ||
import { loadScript } from './utils/loadScript'; | ||
@@ -12,5 +15,7 @@ import { registerScriptLoading } from './utils/trackEvent'; | ||
Promise._immediateFn = setAsap; | ||
// side effects | ||
Promise.resolve().then(() => { | ||
if (!window.VGSCollect) { | ||
if (typeof window !== 'undefined' && !window.VGSCollect) { | ||
// DNS lookup | ||
@@ -37,3 +42,3 @@ preFetch(); | ||
return new Promise((resolve, reject) => { | ||
if (typeof window === undefined) { | ||
if (typeof window === 'undefined') { | ||
reject(ERROR_MESSAGE.IS_UNDEFINED('window')); | ||
@@ -40,0 +45,0 @@ return; |
@@ -12,3 +12,3 @@ import { ERROR_MESSAGE } from '../constants'; | ||
target.append(elem); | ||
target.appendChild(elem); | ||
return elem; | ||
@@ -15,0 +15,0 @@ }; |
@@ -0,1 +1,2 @@ | ||
import Promise from 'promise-polyfill'; | ||
import { trackEvent } from './trackEvent'; | ||
@@ -11,2 +12,3 @@ import { getConfig } from './config'; | ||
import { appendElement } from './appendElement'; | ||
import { isVersionGreater } from './parseVersion'; | ||
@@ -38,3 +40,3 @@ let scriptURL = MAIN_SCRIPT_DOMAIN; | ||
const collectPromise = new Promise((resolve, reject) => { | ||
scriptURL = loadMainCDN ? scriptURL : BACKUP_SCRIPT_DOMAIN; | ||
const { version } = getConfig(); | ||
@@ -45,2 +47,7 @@ if (scriptExists() && window.VGSCollect) { | ||
// Fastly fallback CDN is available starting Collect.js version 2.3.0 | ||
if (!loadMainCDN && isVersionGreater(version, '2.3.0')) { | ||
scriptURL = BACKUP_SCRIPT_DOMAIN; | ||
} | ||
if (!window.VGSCollect) { | ||
@@ -47,0 +54,0 @@ const script = appendScript(); |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
99432
33
1012
142
7
+ Added@types/setasap@^2.0.0
+ Addedpromise-polyfill@8.2.0
+ Addedsetasap@^2.0.1
+ Added@types/promise-polyfill@6.0.6(transitive)
+ Added@types/setasap@2.0.2(transitive)
+ Addedpromise-polyfill@8.2.0(transitive)
+ Addedsetasap@2.0.1(transitive)