@constructor-io/constructorio-node 4.6.9 → 4.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/modules/tracker.js +3 -0
- package/src/types/catalog.d.ts +2 -1
- package/src/utils/helpers.js +35 -0
package/package.json
CHANGED
package/src/modules/tracker.js
CHANGED
|
@@ -83,6 +83,9 @@ function send(url, userParameters, networkParameters, method = 'GET', body = {})
|
|
|
83
83
|
const { signal } = controller;
|
|
84
84
|
const headers = {};
|
|
85
85
|
|
|
86
|
+
// PII Detection
|
|
87
|
+
if (helpers.requestContainsPii(url)) return;
|
|
88
|
+
|
|
86
89
|
Object.assign(headers, helpers.combineCustomHeaders(this.options, networkParameters));
|
|
87
90
|
|
|
88
91
|
// Append security token as 'x-cnstrc-token' if available
|
package/src/types/catalog.d.ts
CHANGED
|
@@ -264,7 +264,8 @@ export interface RetrieveSearchabilitiesParameters {
|
|
|
264
264
|
}
|
|
265
265
|
|
|
266
266
|
export interface PatchSearchabilitiesParameters {
|
|
267
|
-
searchabilities: SearchabilityConfiguration[]
|
|
267
|
+
searchabilities: SearchabilityConfiguration[];
|
|
268
|
+
section?: string;
|
|
268
269
|
}
|
|
269
270
|
|
|
270
271
|
declare class Catalog {
|
package/src/utils/helpers.js
CHANGED
|
@@ -1,4 +1,12 @@
|
|
|
1
1
|
/* eslint-disable no-param-reassign */
|
|
2
|
+
const PII_REGEX = {
|
|
3
|
+
email: /^[\w\-+\\.]+@([\w-]+\.)+[\w-]{2,4}$/,
|
|
4
|
+
phoneNumber: /^(?:\+\d{11,12}|\+\d{1,3}\s\d{3}\s\d{3}\s\d{3,4}|\(\d{3}\)\d{7}|\(\d{3}\)\s\d{3}\s\d{4}|\(\d{3}\)\d{3}-\d{4}|\(\d{3}\)\s\d{3}-\d{4})$/,
|
|
5
|
+
creditCard:
|
|
6
|
+
/^(?:4[0-9]{12}(?:[0-9]{3})?|(?:5[1-5][0-9]{2}|222[1-9]|22[3-9][0-9]|2[3-6][0-9]{2}|27[01][0-9]|2720)[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|6(?:011|5[0-9]{2})[0-9]{12}|(?:2131|1800|35\d{3})\d{11})$/, // Visa, Mastercard, Amex, Discover, JCB and Diners Club, regex source: https://www.regular-expressions.info/creditcard.html
|
|
7
|
+
// Add more PII REGEX
|
|
8
|
+
};
|
|
9
|
+
|
|
2
10
|
const utils = {
|
|
3
11
|
trimNonBreakingSpaces: (string) => string.replace(/\s/g, ' ').trim(),
|
|
4
12
|
|
|
@@ -75,6 +83,33 @@ const utils = {
|
|
|
75
83
|
|
|
76
84
|
return { ...optionsHeaders, ...networkParametersHeaders };
|
|
77
85
|
},
|
|
86
|
+
|
|
87
|
+
containsPii(query) {
|
|
88
|
+
const piiRegex = Object.values(PII_REGEX);
|
|
89
|
+
const normalizedQuery = query.toLowerCase();
|
|
90
|
+
|
|
91
|
+
return piiRegex.some((regex) => regex.test(normalizedQuery));
|
|
92
|
+
},
|
|
93
|
+
|
|
94
|
+
requestContainsPii(urlString) {
|
|
95
|
+
try {
|
|
96
|
+
const url = new URL(urlString);
|
|
97
|
+
const paths = decodeURIComponent(url?.pathname)?.split('/');
|
|
98
|
+
const paramValues = decodeURIComponent(url?.search)?.split('&').map((param) => param?.split('=')?.[1]);
|
|
99
|
+
|
|
100
|
+
if (paths.some((path) => utils.containsPii(path))) {
|
|
101
|
+
return true;
|
|
102
|
+
}
|
|
103
|
+
|
|
104
|
+
if (paramValues.some((value) => utils.containsPii(value))) {
|
|
105
|
+
return true;
|
|
106
|
+
}
|
|
107
|
+
} catch (e) {
|
|
108
|
+
// do nothing
|
|
109
|
+
}
|
|
110
|
+
|
|
111
|
+
return false;
|
|
112
|
+
},
|
|
78
113
|
};
|
|
79
114
|
|
|
80
115
|
module.exports = utils;
|