
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
cookieless-analytics-consent
Advanced tools
A simple solution to request consent from a user to use analytics for pageviews only (without using cookies).
This library tries to provide general purpose components to include an analytics consent in your website. If the user accepts this consent, eg. google analytics will be included to track page-views. The structure of the components is designed for exchangeability.
Actually there are only three components available:
NextJsGaPageviews
- Google Analytics integration for NextJs with storage none and ip anonymisation to track pageviews.CookieGuard
- Cookie guard to remember whether a user has accepted or rejected a consent.SimpleConsent
- A simple small ui component with a title, text and a reject and accept button. Its displayed by default on the bottom right.npm i --save cookieless-analytics-consent
Have a look at the example!
<NextJsGaPageviews analyticsId="YOUR_ID">
{(includeAnalytics) => (
<CookieGuard onIncludeAnalytics={includeAnalytics}>
{(onAccept, onReject) => (
<SimpleConsent onAccept={onAccept} onReject={onReject} content={{
title: 'Web analysis',
text: <Text />,
buttonRejectText: 'No thanks',
buttonAcceptText: 'Accept',
}} />
)}
</CookieGuard>
)}
</NextJsGaPageviews>
If you want your own ui component, then just replace SimpleConsent
with another one.
FAQs
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.