Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@wostreaming/targeting-sdk
Advanced tools
You must install the SDK from NPM even if you intend to
include it directly as a <script>
tag.
npm i @wostreaming/targeting-sdk
const client = new WOSTargetingClient(1234, true);
function initializePlayer(params) {
// Do something with `WOSTargetingParams` object
const qs = params.toString({
// ...Add extra parameters here if needed
});
// Notice that the `WOSTargetingParams` object can be
// automatically cast to a string
console.log(`?${qs}`);
// Example output:
// ?dnt=0&lptid=f412452b20820396319d8f35b14d96cb<ids=99286%2C513599%2C513593%2C513421&privacypolicy=false&user-id=5a08398c-1b8f-5230-919f-a94dc36bb5b7
}
// NOTE: A call to `getTargetingParams()` should _always_ succeed, even if something goes really wrong
client.getTargetingParams().then(initializePlayer);
The provided SDK is built as a UMD module, making it compatible with any
environment or development pattern. You can import
or require
the
module in a bundled or transpiled Node app:
// ESM
import WOSTargetingClient from "@wostreaming/targeting-sdk";
// Node require
const WOSTargetingClient = require("@wostreaming/targeting-sdk");
Or if you prefer to use it as a standard <script>
tag, that works too;
but, you'll have to serve the script tag somehow. In the packaged release,
it's available under the dist/wos-targeting-sdk.js
path. You
can serve it as a static file however you prefer.
Example express server
import express from "express";
const app = express();
app.use(
"/static/js/wos-targeting-sdk.js",
express.static(
require.resolve("@wostreaming/targeting-sdk")
)
);
app.listen(3000);
Example <script>
tag
<script
type="text/javascript"
src="/static/js/wos-targeting-sdk.js">
</script>
When you include the script tag it will make a global
variable accessible named WOSTargetingClient
. The
rest of the usage information applies regardless of how
you include the SDK.
Returns a Promise that resolves with a Lotame Profile
object containing the user's audience information for targeting.
You generally shouldn't need to call this directly.
Returns a Promise that resolves with a WOSTargetingParams
object for working with audience info parsed and managed by the WOS Targeting SDK.
NOTE: A call to
getTargetingParams()
should always succeed, even if something goes really wrong.
Profile
objectAlias of getParams()
Returns an object of key -> value
pairs representing the URL querystring parameters.
Set additional parameters or override existing ones
Returns a URL encoded querystring with all the parameters managed by this object
as well as optional additional parameters to override or add to the query string but not set
on this object. This will properly filter out private information if dnt
is overridden.
FAQs
AmperWave Streaming JavaScript SDK for Targeting
The npm package @wostreaming/targeting-sdk receives a total of 1 weekly downloads. As such, @wostreaming/targeting-sdk popularity was classified as not popular.
We found that @wostreaming/targeting-sdk demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.