Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
ga-localstorage
Advanced tools
Google's Universal Analytics async snippet using HTML5 `localStorage` instead of HTTP cookies.
A JavaScript Google Universal Analytics snippet that uses localStorage
, when available, instead of HTML cookies.
Do it for the bytes.
The LocalStorage option is now officially supported by Google.
You should only use this script if all of the following are true:
the site you are tracking doesn't track users on other subdomains.
the site you are tracking is always served over https or always over http, never both/either.
you pretty much just track page views, users, and/or events (since that is all I've tested myself).
Another thing to note: this script changes the global ga
function to ct
. If you call ga
in your scripts to track events, make sure you update all your ga()
calls to ct()
calls!
Did you read the Important Caveats? Make sure you do that before you read any more.
npm install ga-localstorage --save
var analyticsSnippet = require("ga-localstorage")("UA-8675309-1");
<script>
and a </script>
right before </body>
.Read Google Async Analytics using LocalStorage for the back story.
Read Use localStorage for Google Analytics tracking when available #1444 for more fun HTML5 Boilerplate.
FAQs
Google's Universal Analytics async snippet using HTML5 `localStorage` instead of HTTP cookies.
The npm package ga-localstorage receives a total of 3 weekly downloads. As such, ga-localstorage popularity was classified as not popular.
We found that ga-localstorage demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.