![Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack](https://cdn.sanity.io/images/cgdhsj6q/production/6af25114feaaac7179b18127c83327568ff592d1-1024x1024.webp?w=800&fit=max&auto=format)
Security News
Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
soundcloud-iframe-analytics
Advanced tools
Readme
A minimal library that attaches Google Analytics event tracking to user interactions performed on embedded SoundCloud iframes, both on single tracks as well as playlists. It should work from IE8 upwards - though the real concern with compatibility is probably restricted to the requirements of the SoundCloud embed itself -
This allows you to track user behaviour as well as have the events act as beacons to more accurately see page session duration. It also helps you in finding out how popular some of your tracks are ;)
Several versions of Google Analytics trackers are supported, namely:
See the library in action here.
You can install this repository as a node module using npm:
npm install soundcloud-iframe-analytics --save-dev
Firstly, embed the Analytics tracking code as provided by Google into your template(s).
Embed the SoundCloud iframes according to the embed code provided by SoundCloud. You do not need to make any changes to your markup. E.g. simply inject one or more instances of:
<iframe width="100%" height="300"
scrolling="no" frameborder="no"
src="https://w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/playlists/{STRING_ID}&color=%23ff5500&auto_play=false&hide_related=false&show_comments=true&show_user=true&show_reposts=false&show_teaser=true">
</iframe>
Include the minimized production version of the script (./dist/sia.min.js) at the bottom of your page and the script will automatically attach event listeners to the iframes.
Alternatively, you can import the ES6 modules from the ./src folder and embed the library within your custom application code. You can use this in case you already use the SoundCloud Widget API to inject/control SoundCloud content in your page.
You can attach Analytics triggers to Widget events by passing an existing instance of SC.Widget to the attachSoundCloudAnalytics() function of the SoundCloud.js file, e.g.:
import { attachSoundCloudAnalytics } from "soundcloud-iframe-analytics/soundcloud/SoundCloud.js";
const existingWidget = ...; // SC.Widget instance created elsewhere in your application
attachSoundCloudAnalytics( existingWidget );
Bob's your uncle.
Install dependencies as usual:
npm install
Launching a local server (webpack-dev-server) with livereload and automatic recompilation on changes. Server will be available at http://localhost:8080
npm run dev
npm run build
Build output will be stored in ./dist-folder.
Unit tests are run via Mocha, which is installed as a dependency, along with Chai as the assertion library. You can run the tests by using:
npm test
Unit tests go in the ./test-folder. The file name for a unit test must be equal to the file it is testing, but contain the suffix ".test", e.g. Functions.js will have a test file Functions.test.js.
Tests will be available at http://localhost:8080/test/test.html.
Configurations for all target environments are in the root of the repository in the webpack.config.{TARGET}.js files.
FAQs
Google Analytics tracking of user interaction on embedded SoundCloud iframes
The npm package soundcloud-iframe-analytics receives a total of 1 weekly downloads. As such, soundcloud-iframe-analytics popularity was classified as not popular.
We found that soundcloud-iframe-analytics demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
Security News
OpenSSF is warning open source maintainers to stay vigilant against reputation farming on GitHub, where users artificially inflate their status by manipulating interactions on closed issues and PRs.
Security News
A JavaScript library maintainer is under fire after merging a controversial PR to support legacy versions of Node.js.