@constructor-io/constructorio-node 4.6.9 → 4.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/modules/tracker.js +3 -0
- package/src/utils/helpers.js +35 -0
package/package.json
CHANGED
package/src/modules/tracker.js
CHANGED
|
@@ -83,6 +83,9 @@ function send(url, userParameters, networkParameters, method = 'GET', body = {})
|
|
|
83
83
|
const { signal } = controller;
|
|
84
84
|
const headers = {};
|
|
85
85
|
|
|
86
|
+
// PII Detection
|
|
87
|
+
if (helpers.requestContainsPii(url)) return;
|
|
88
|
+
|
|
86
89
|
Object.assign(headers, helpers.combineCustomHeaders(this.options, networkParameters));
|
|
87
90
|
|
|
88
91
|
// Append security token as 'x-cnstrc-token' if available
|
package/src/utils/helpers.js
CHANGED
|
@@ -1,4 +1,12 @@
|
|
|
1
1
|
/* eslint-disable no-param-reassign */
|
|
2
|
+
const PII_REGEX = {
|
|
3
|
+
email: /^[\w\-+\\.]+@([\w-]+\.)+[\w-]{2,4}$/,
|
|
4
|
+
phoneNumber: /^(?:\+\d{11,12}|\+\d{1,3}\s\d{3}\s\d{3}\s\d{3,4}|\(\d{3}\)\d{7}|\(\d{3}\)\s\d{3}\s\d{4}|\(\d{3}\)\d{3}-\d{4}|\(\d{3}\)\s\d{3}-\d{4})$/,
|
|
5
|
+
creditCard:
|
|
6
|
+
/^(?:4[0-9]{12}(?:[0-9]{3})?|(?:5[1-5][0-9]{2}|222[1-9]|22[3-9][0-9]|2[3-6][0-9]{2}|27[01][0-9]|2720)[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|6(?:011|5[0-9]{2})[0-9]{12}|(?:2131|1800|35\d{3})\d{11})$/, // Visa, Mastercard, Amex, Discover, JCB and Diners Club, regex source: https://www.regular-expressions.info/creditcard.html
|
|
7
|
+
// Add more PII REGEX
|
|
8
|
+
};
|
|
9
|
+
|
|
2
10
|
const utils = {
|
|
3
11
|
trimNonBreakingSpaces: (string) => string.replace(/\s/g, ' ').trim(),
|
|
4
12
|
|
|
@@ -75,6 +83,33 @@ const utils = {
|
|
|
75
83
|
|
|
76
84
|
return { ...optionsHeaders, ...networkParametersHeaders };
|
|
77
85
|
},
|
|
86
|
+
|
|
87
|
+
containsPii(query) {
|
|
88
|
+
const piiRegex = Object.values(PII_REGEX);
|
|
89
|
+
const normalizedQuery = query.toLowerCase();
|
|
90
|
+
|
|
91
|
+
return piiRegex.some((regex) => regex.test(normalizedQuery));
|
|
92
|
+
},
|
|
93
|
+
|
|
94
|
+
requestContainsPii(urlString) {
|
|
95
|
+
try {
|
|
96
|
+
const url = new URL(urlString);
|
|
97
|
+
const paths = decodeURIComponent(url?.pathname)?.split('/');
|
|
98
|
+
const paramValues = decodeURIComponent(url?.search)?.split('&').map((param) => param?.split('=')?.[1]);
|
|
99
|
+
|
|
100
|
+
if (paths.some((path) => utils.containsPii(path))) {
|
|
101
|
+
return true;
|
|
102
|
+
}
|
|
103
|
+
|
|
104
|
+
if (paramValues.some((value) => utils.containsPii(value))) {
|
|
105
|
+
return true;
|
|
106
|
+
}
|
|
107
|
+
} catch (e) {
|
|
108
|
+
// do nothing
|
|
109
|
+
}
|
|
110
|
+
|
|
111
|
+
return false;
|
|
112
|
+
},
|
|
78
113
|
};
|
|
79
114
|
|
|
80
115
|
module.exports = utils;
|