@constructor-io/constructorio-client-javascript 2.41.2 → 2.42.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/lib/utils/helpers.js +26 -23
  2. package/lib/utils/request-queue.js +5 -5
  3. package/package.json +1 -1
package/lib/utils/helpers.js CHANGED
@@ -6,12 +6,19 @@ var _typeof2 = _interopRequireDefault(require("@babel/runtime/helpers/typeof"));
6
6
  var CRC32 = require('crc-32');
7
7
  var store = require('./store');
8
8
  var purchaseEventStorageKey = '_constructorio_purchase_order_ids';
9
- var PII_REGEX = {
10
- email: /^[\w\-+\\.]+@([\w-]+\.)+[\w-]{2,4}$/,
11
- phoneNumber: /^(?:\+\d{11,12}|\+\d{1,3}\s\d{3}\s\d{3}\s\d{3,4}|\(\d{3}\)\d{7}|\(\d{3}\)\s\d{3}\s\d{4}|\(\d{3}\)\d{3}-\d{4}|\(\d{3}\)\s\d{3}-\d{4})$/,
12
- creditCard: /^(?:4[0-9]{15}|(?:5[1-5][0-9]{2}|222[1-9]|22[3-9][0-9]|2[3-6][0-9]{2}|27[01][0-9]|2720)[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|6(?:011|5[0-9]{2})[0-9]{12}|(?:2131|1800|35\d{3})\d{11})$/ // Visa, Mastercard, Amex, Discover, JCB and Diners Club, regex source: https://www.regular-expressions.info/creditcard.html
13
- // Add more PII REGEX
14
- };
9
+ var PII_REGEX = [{
10
+ pattern: /^[\w\-+\\.]+@([\w-]+\.)+[\w-]{2,4}$/,
11
+ replaceBy: '<email_omitted>'
12
+ }, {
13
+ pattern: /^(?:\+\d{11,12}|\+\d{1,3}\s\d{3}\s\d{3}\s\d{3,4}|\(\d{3}\)\d{7}|\(\d{3}\)\s\d{3}\s\d{4}|\(\d{3}\)\d{3}-\d{4}|\(\d{3}\)\s\d{3}-\d{4})$/,
14
+ replaceBy: '<phone_omitted>'
15
+ }, {
16
+ pattern: /^(?:4[0-9]{15}|(?:5[1-5][0-9]{2}|222[1-9]|22[3-9][0-9]|2[3-6][0-9]{2}|27[01][0-9]|2720)[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|6(?:011|5[0-9]{2})[0-9]{12}|(?:2131|1800|35\d{3})\d{11})$/,
17
+ // Visa, Mastercard, Amex, Discover, JCB and Diners Club, regex source: https://www.regular-expressions.info/creditcard.html
18
+ replaceBy: '<credit_omitted>'
19
+ }
20
+ // Add more PII REGEX
21
+ ];
15
22
 
16
23
  var utils = {
17
24
  trimNonBreakingSpaces: function trimNonBreakingSpaces(string) {
@@ -187,14 +194,12 @@ var utils = {
187
194
  });
188
195
  return snakeCasedObj;
189
196
  },
190
- containsPii: function containsPii(query) {
191
- var piiRegex = Object.values(PII_REGEX);
197
+ containsPii: function containsPii(query, piiPattern) {
192
198
  var normalizedTerm = query.toLowerCase();
193
- return piiRegex.some(function (regex) {
194
- return regex.test(normalizedTerm);
195
- });
199
+ return piiPattern.test(normalizedTerm);
196
200
  },
197
- requestContainsPii: function requestContainsPii(urlString) {
201
+ obfuscatePiiRequest: function obfuscatePiiRequest(urlString) {
202
+ var obfuscatedUrl = urlString;
198
203
  try {
199
204
  var _decodeURI, _decodeURIComponent;
200
205
  var url = new URL(urlString);
@@ -203,20 +208,18 @@ var utils = {
203
208
  var _param$split;
204
209
  return param === null || param === void 0 ? void 0 : (_param$split = param.split('=')) === null || _param$split === void 0 ? void 0 : _param$split[1];
205
210
  });
206
- if (paths.some(function (path) {
207
- return utils.containsPii(path);
208
- })) {
209
- return true;
210
- }
211
- if (paramValues.some(function (value) {
212
- return utils.containsPii(value);
213
- })) {
214
- return true;
215
- }
211
+ PII_REGEX.forEach(function (regex) {
212
+ paths.forEach(function (path) {
213
+ if (utils.containsPii(path, regex.pattern)) obfuscatedUrl = obfuscatedUrl.replaceAll(path, regex.replaceBy);
214
+ });
215
+ paramValues.forEach(function (param) {
216
+ if (utils.containsPii(param, regex.pattern)) obfuscatedUrl = obfuscatedUrl.replaceAll(param, regex.replaceBy);
217
+ });
218
+ });
216
219
  } catch (e) {
217
220
  // do nothing
218
221
  }
219
- return false;
222
+ return obfuscatedUrl;
220
223
  }
221
224
  };
222
225
  module.exports = utils;
package/lib/utils/request-queue.js CHANGED
@@ -8,7 +8,7 @@ var store = require('./store');
8
8
  var HumanityCheck = require('./humanity-check');
9
9
  var helpers = require('./helpers');
10
10
  var _require = require('./helpers'),
11
- requestContainsPii = _require.requestContainsPii;
11
+ obfuscatePiiRequest = _require.obfuscatePiiRequest;
12
12
  var storageKey = '_constructorio_requests';
13
13
  var requestTTL = 180000; // 3 minutes in milliseconds
14
14
  var RequestQueue = /*#__PURE__*/function () {
@@ -39,12 +39,12 @@ var RequestQueue = /*#__PURE__*/function () {
39
39
  var body = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : {};
40
40
  var networkParameters = arguments.length > 3 && arguments[3] !== undefined ? arguments[3] : {};
41
41
  if (this.sendTrackingEvents && !this.humanity.isBot()) {
42
- if (requestContainsPii(url, body)) {
43
- return;
44
- }
45
42
  var queue = RequestQueue.get();
43
+
44
+ // PII Detection & Obfuscation
45
+ var obfuscatedUrl = obfuscatePiiRequest(url);
46
46
  queue.push({
47
- url: url,
47
+ url: obfuscatedUrl,
48
48
  method: method,
49
49
  body: body,
50
50
  networkParameters: networkParameters
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@constructor-io/constructorio-client-javascript",
3
- "version": "2.41.2",
3
+ "version": "2.42.0",
4
4
  "description": "Constructor.io JavaScript client",
5
5
  "main": "lib/constructorio.js",
6
6
  "types": "lib/types/index.d.ts",