Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
quiq-chat
Advanced tools
Library to help with network requests to create a webchat client for Quiq Messaging
Library to handle the communication with Quiq Messaging APIs to build a web chat app
Install quiq-chat
with
npm install --save quiq-chat
or
yarn add quiq-chat
The default export of quiq-chat
is the QuiqChatClient
singleton class which will fetch information about the current webchat, initialize a websocket connection, and allow you to register callbacks so that you can keep your app's UI in sync with the webchat state.
All the functions to register callbacks return the QuiqChatClient
object so that you can chain them together. You also need to call start()
to connect to Quiq Messaging. You will need to call the initialize(host, contactPoint)
function before calling start. The start
method returns a promise that resolves to the QuiqChatClient
, so you can add a callback that will be executed after the connection is opened;
import QuiqChatClient from 'quiq-chat';
QuiqChatClient.onNewMessages(messages => {
// Update your app with the new array of messages
})
QuiqChatClient.onAgentTyping(typing => {
// Show or hide the typing indicator
})
QuiqChatClient.onRegistration(() => {
// Hide form, or show main app
})
QuiqChatClient.onConnectionStatusChange(connected => {
// Show the connection status of the app
})
QuiqChatClient.onError(error => {
// Show some error message
})
QuiqChatClient.onRetryableError(error => {
// Show some error message
}).
QuiqChatClient.onErrorResolved(() => {
// Remove the error message
})
QuiqChatClient.start()
.then(client => {
// Run some code after the webchat app is connected
});
QuiqChat works with any browser that supports Local Storage, standard AJAX CORS requests. The standard implementation of the Chat client supports a subset of these browsers, and we recommend any custom implementations support the same browsers. The isSupportedBrowser
utility function can be used to determine if the end-user is using a browser supported by Quiq. The following browsers with versions greater than or equal to the following are supported.
Called whenever new messages are received. messages
is an array containing full transcript of the current chat
Called whenever the support agent starts or stops typing
Called whenever there is a non-retryable error or an error that has exceeded the maximum number of retries from the API.
Called whenever there is a retryable error from the API
Called whenever any error from the API has been resolved
Called when Register event is received through a websocket message
Called when a transcript is requested either through a websocket message or as a new event on the transcript
Called when the end users previous session has expired and has begun a new session. This is a good spot to have the UI reset itself to an initial state
Called when a connection is established or terminated
Called when quiq-chat gets in a fatal state and page holding webchat needs to be refreshed
Called when quiq-chat disconnects the websocket due to the chat client being inactive for a set amount of time
Retrieve all messages for the current chat. If cache
is set to true, a hit to the API is not made, and only the messages currently in memory are returned.
Email a transcript of the current conversation to the specified e-mail. If an agent has not yet responded to the conversation, a 400 will be returned.
Send a text message from the customer. Can be used to initiate a conversation if no messages have been sent.
Establishes the connection to QuiqMessaging
Disconnects the websocket from Quiq
Utility function to tell the client if quiq-chat has the capability to set its required data in a persistent way. If this returns false, quiq-chat will cease to function, and will block all requests.
Utility function to return if the end-user is using a browser supported by Quiq.
Returns whether the end-user has performed a meaningful action, such as submitting the Welcome Form, or sending a message to the agent.
Returns the last state of chat's visibility. Only includes actions that call the joinChat and leaveChat events. For instance, if your user maximizes chat, but you never call joinChat, isChatVisible won't reflect this change. Can be used to re-open webchat on page turns if the user had chat previously open. Defaults to false if user has taken no actions.
Submits a map of custom (key, value)
pairs to be included in the data for the current chat.
Method accepts a single parameter, a JavaScript object with values of type String
.
key
is limited to 80 characters and must be unique; value
is limited to 1000 characters.
Fetches a unique handle to track the session through. If a session already exists for the current user, a network request is skipped and that value is instead returned. The value of this call is cached for 10 seconds.
Fetches whether or not there are agents available for the contact point the webchat is connected to. The value of this call is cached for 10 seconds.
Sends a message to Quiq Messaging that the end user is typing and what they've typed in the message field
Sends a message to Quiq Messaging that the end user has opened the chat window
Sends a message to Quiq Messaging that the end user has closed the chat window
Returns whether the end user has triggered a registration event. This happens when the sendRegistration
API is called, and the server has confirmed the registration was valid.
{
authorType: 'Customer' | 'User' | 'System',
text: string,
id: string,
timestamp: number,
type: 'Text' | 'Join' | 'Leave',
}
{
id: string,
messages: Array<TextMessage>,
}
{
code?: number,
message?: string,
status?: number,
}
'Join' | 'Leave'
{
email: string,
originUrl: string,
timezone?: string,
};
{
id: string,
timestamp: number,
type: string,
};
FAQs
The quiq-chat library has been officially deprecated. Contact Quiq for more information.
The npm package quiq-chat receives a total of 3 weekly downloads. As such, quiq-chat popularity was classified as not popular.
We found that quiq-chat demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.