@deflectbot/deflect-sdk 1.3.8 → 1.4.1-beta.1

package/dist/index.d.ts

@@ -12,33 +12,22 @@ declare class Deflect {
     private scriptCache;
     private isWarmupInProgress;
     private hasWarmupError;
-    private static readonly SDK_ERROR_MARKER;
+    private pulseReporter;
     constructor();
-    private initializeSentry;
     private initializeGlobalState;
     private setupAutomaticWarmup;
+    private resolvePulseConfig;
+    private reportError;
     private tryWarmup;
-    private buildScriptUrl;
-    private fetchScript;
-    private executeScript;
+    private validateActionId;
     private prefetchNextScript;
-    private waitForGetToken;
-    private createScriptBlob;
-    private loadScriptElement;
-    private getTokenFromScript;
-    private cleanup;
-    configure(params: DeflectConfig): void;
     private isTestMode;
-    solveChallenge(): Promise<string>;
+    configure(params: DeflectConfig): void;
     getToken(): Promise<string>;
+    private executeScript;
     warmup(): Promise<boolean>;
     clearCache(): void;
-    /**
-     * Inject a fresh token as a hidden input into a form. Only accepts a submit event from onsubmit.
-     * Usage: <form ... onsubmit="return Deflect.injectToken(event)">
-     * Returns false to prevent double submit.
-     */
-    injectToken(event: SubmitEvent): Promise<false>;
+    injectToken(event: SubmitEvent): Promise<void>;
 }
 declare const DeflectInstance: Deflect;
 export default DeflectInstance;

package/dist/index.esm.js

@@ -1,58 +1,16 @@
-import * as Sentry from "@sentry/browser";
+import PulseReporter from "./pulse";
+import { fetchScript } from "./scriptClient";
+import { createBlobUrl, loadModuleScript, waitForGlobalFunction, getTokenFromGlobal, cleanup } from "./scriptRunner";
 class Deflect {
   constructor() {
     this.config = null;
     this.scriptCache = null;
     this.isWarmupInProgress = false;
     this.hasWarmupError = false;
-    this.initializeSentry();
     this.initializeGlobalState();
+    this.pulseReporter = new PulseReporter(this.resolvePulseConfig());
     this.setupAutomaticWarmup();
   }
-  static {
-    this.SDK_ERROR_MARKER = "__DEFLECT_SDK_ERROR__";
-  }
-  initializeSentry() {
-    try {
-      Sentry.init({
-        dsn: "https://4a62ed75ab362d4694ae4215c2b4f621@o4509968565665792.ingest.de.sentry.io/4510257986469968",
-        sendDefaultPii: true,
-        // Enable to capture IP address
-        environment: typeof window !== "undefined" ? window.location.hostname : "unknown",
-        beforeSend(event) {
-          const isSDKError = event.tags?.deflect_sdk_error === "true";
-          if (!isSDKError) {
-            return null;
-          }
-          if (typeof window !== "undefined" && typeof navigator !== "undefined") {
-            event.contexts = event.contexts || {};
-            event.contexts.browser = {
-              name: navigator.userAgent,
-              version: navigator.appVersion
-            };
-            event.request = event.request || {};
-            event.request.headers = event.request.headers || {};
-            event.request.headers["User-Agent"] = navigator.userAgent;
-            event.contexts.page = {
-              url: window.location.href,
-              referrer: document.referrer,
-              title: document.title
-            };
-            event.contexts.device = {
-              screen_width: window.screen.width,
-              screen_height: window.screen.height,
-              viewport_width: window.innerWidth,
-              viewport_height: window.innerHeight,
-              language: navigator.language,
-              platform: navigator.platform
-            };
-          }
-          return event;
-        }
-      });
-    } catch {
-    }
-  }
   initializeGlobalState() {
     if (typeof window === "undefined") return;
     window.Deflect = window.Deflect || {};
@@ -65,13 +23,24 @@ class Deflect {
       setTimeout(() => this.tryWarmup(), 100);
     }
   }
+  resolvePulseConfig() {
+    const runtimeConfig = typeof window !== "undefined" && typeof window.Deflect === "object" && window.Deflect?.pulseConfig && typeof window.Deflect.pulseConfig === "object" ? window.Deflect.pulseConfig : {};
+    return {
+      ...runtimeConfig,
+      environment: runtimeConfig.environment || (typeof window !== "undefined" ? window.location.hostname : void 0)
+    };
+  }
+  reportError(error, tags, context) {
+    this.pulseReporter.captureException(error, { tags, context });
+  }
   async tryWarmup() {
     if (!this.config?.actionId || this.isWarmupInProgress || this.scriptCache || this.hasWarmupError) {
       return;
     }
+    this.validateActionId(this.config.actionId);
     this.isWarmupInProgress = true;
     try {
-      this.scriptCache = await this.fetchScript();
+      this.scriptCache = await fetchScript(this.config.actionId, this.config.scriptUrl);
       this.hasWarmupError = false;
     } catch {
       this.hasWarmupError = true;
@@ -79,56 +48,13 @@ class Deflect {
       this.isWarmupInProgress = false;
     }
   }
-  buildScriptUrl(actionId) {
-    const baseUrl = this.config?.scriptUrl || "https://js.deflect.bot/main.js";
-    const nonce = Date.now().toString();
-    return `${baseUrl}?action_id=${actionId}&_=${nonce}`;
-  }
-  async fetchScript() {
-    if (!this.config?.actionId) {
-      throw new Error("actionId is required");
-    }
-    const url = this.buildScriptUrl(this.config.actionId);
-    const response = await fetch(url, { cache: "no-store" });
-    if (!response.ok) {
-      throw new Error(`Failed to fetch script: ${response.status}`);
-    }
-    const content = await response.text();
-    try {
-      const maybeError = JSON.parse(content);
-      if (maybeError.success === false || maybeError.error) {
-        const errorMessage = maybeError.error || "Script fetch failed";
-        const error = new Error(errorMessage);
-        if (errorMessage === "action_does_not_exist" || errorMessage.includes("invalid action")) {
-          error.isUserError = true;
-        }
-        throw error;
-      }
-    } catch (e) {
-      if (e instanceof SyntaxError) {
-      } else {
-        throw e;
-      }
-    }
-    return {
-      content,
-      sessionId: response.headers.get("session_id") || void 0
-    };
-  }
-  async executeScript(script) {
-    if (script.sessionId && typeof window !== "undefined") {
-      window.Deflect.sessionId = script.sessionId;
-    }
-    const blobUrl = this.createScriptBlob(script.content);
-    const scriptElement = await this.loadScriptElement(blobUrl);
-    try {
-      await this.waitForGetToken();
-      const token = await this.getTokenFromScript();
-      this.prefetchNextScript();
-      return token;
-    } finally {
-      this.cleanup(blobUrl, scriptElement);
+  validateActionId(actionId) {
+    const sanitized = actionId.trim();
+    const validPattern = /^[a-zA-Z0-9/_-]+$/;
+    if (!validPattern.test(sanitized)) {
+      throw new Error("Invalid actionId format: contains disallowed characters");
     }
+    return encodeURIComponent(sanitized);
   }
   prefetchNextScript() {
     if (!this.hasWarmupError) {
@@ -136,56 +62,18 @@ class Deflect {
       });
     }
   }
-  async waitForGetToken() {
-    return new Promise((resolve) => {
-      const checkInterval = setInterval(() => {
-        if (typeof window !== "undefined" && typeof window.Deflect?.getToken === "function") {
-          clearInterval(checkInterval);
-          resolve();
-        }
-      }, 10);
-      setTimeout(() => {
-        clearInterval(checkInterval);
-        resolve();
-      }, 1e4);
-    });
-  }
-  createScriptBlob(content) {
-    const blob = new Blob([content], { type: "text/javascript" });
-    return URL.createObjectURL(blob);
-  }
-  async loadScriptElement(blobUrl) {
-    return new Promise((resolve, reject) => {
-      const script = document.createElement("script");
-      script.type = "module";
-      script.src = blobUrl;
-      script.onload = () => resolve(script);
-      script.onerror = () => reject(new Error("Script failed to load"));
-      document.head.appendChild(script);
-    });
-  }
-  async getTokenFromScript() {
-    if (typeof window === "undefined" || typeof window.Deflect?.getToken !== "function") {
-      throw new Error("Script did not load properly - getToken not available");
-    }
-    try {
-      return await window.Deflect.getToken();
-    } catch (error) {
-      throw new Error(`Script execution failed: ${error}`);
-    }
-  }
-  cleanup(blobUrl, scriptElement) {
-    URL.revokeObjectURL(blobUrl);
-    scriptElement.remove();
-    if (typeof window !== "undefined" && window.Deflect?.getToken) {
-      delete window.Deflect.getToken;
+  isTestMode() {
+    if (this.config?.actionId === "PULSE_TEST" || this.config?.actionId === "SENTRY_TEST") {
+      throw new Error("PULSE_TEST: This is a test error to verify Pulse integration is working");
     }
+    return this.config?.actionId === "t/FFFFFFFFFFFFF/111111111" || this.config?.actionId === "t/FFFFFFFFFFFFF/000000000";
   }
   configure(params) {
     try {
       if (!params.actionId?.trim()) {
         throw new Error("actionId is required and cannot be empty");
       }
+      this.validateActionId(params.actionId);
       if (this.config?.actionId === params.actionId) {
         return;
       }
@@ -200,58 +88,95 @@ class Deflect {
       }
     } catch (error) {
       const isUserError = error && typeof error === "object" && "isUserError" in error && error.isUserError === true;
-      if (!isUserError) {
-        Sentry.captureException(error, {
-          tags: {
-            deflect_sdk_error: "true",
-            method: "configure",
-            actionId: params?.actionId || "unknown"
-          }
-        });
-      }
+      this.reportError(
+        error,
+        {
+          deflect_sdk_error: "true",
+          deflect_user_error: isUserError ? "true" : "false",
+          method: "configure",
+          action_id: params?.actionId || "unknown"
+        },
+        {
+          actionId: params?.actionId,
+          hasCache: this.scriptCache !== null,
+          hasWarmupError: this.hasWarmupError
+        }
+      );
       throw error;
     }
   }
-  isTestMode() {
-    return this.config?.actionId === "t/FFFFFFFFFFFFF/111111111" || this.config?.actionId === "t/FFFFFFFFFFFFF/000000000";
-  }
-  // Deprecated name kept for backward compatibility
-  async solveChallenge() {
-    return this.getToken();
-  }
   async getToken() {
     try {
       if (!this.config?.actionId) {
-        throw new Error("Must call configure() before solveChallenge()");
+        throw new Error("Must call configure() before getToken()");
       }
+      this.validateActionId(this.config.actionId);
       if (this.isTestMode()) {
         return "TESTTOKEN";
       }
-      if (this.config.actionId === "SENTRY_TEST") {
-        throw new Error("SENTRY_TEST: This is a test error to verify Sentry integration is working");
-      }
       let script;
       if (this.scriptCache && !this.isWarmupInProgress) {
         script = this.scriptCache;
         this.scriptCache = null;
       } else {
-        script = await this.fetchScript();
+        script = await fetchScript(this.config.actionId, this.config.scriptUrl);
       }
       return this.executeScript(script);
     } catch (error) {
       const isUserError = error && typeof error === "object" && "isUserError" in error && error.isUserError === true;
-      if (!isUserError) {
-        Sentry.captureException(error, {
-          tags: {
-            deflect_sdk_error: "true",
-            method: "getToken",
-            actionId: this.config?.actionId || "unknown",
-            hasCache: this.scriptCache !== null,
-            hasWarmupError: this.hasWarmupError
-          }
-        });
-      }
+      this.reportError(
+        error,
+        {
+          deflect_sdk_error: "true",
+          deflect_user_error: isUserError ? "true" : "false",
+          method: "getToken",
+          action_id: this.config?.actionId || "unknown",
+          has_cache: this.scriptCache !== null ? "true" : "false",
+          has_warmup_error: this.hasWarmupError ? "true" : "false",
+          stage: "call"
+        },
+        {
+          actionId: this.config?.actionId,
+          hasCache: this.scriptCache !== null,
+          hasWarmupError: this.hasWarmupError
+        }
+      );
+      throw error;
+    }
+  }
+  async executeScript(script) {
+    if (script.sessionId && typeof window !== "undefined") {
+      window.Deflect.sessionId = script.sessionId;
+    }
+    const blobUrl = createBlobUrl(script.content);
+    let scriptElement = null;
+    try {
+      scriptElement = await loadModuleScript(blobUrl);
+      await waitForGlobalFunction("getChallengeToken");
+      const token = await getTokenFromGlobal("getChallengeToken");
+      this.prefetchNextScript();
+      return token;
+    } catch (error) {
+      this.reportError(
+        error,
+        {
+          deflect_sdk_error: "true",
+          method: "executeScript",
+          stage: "load_or_execute",
+          action_id: this.config?.actionId || "unknown"
+        },
+        {
+          hasCache: this.scriptCache !== null,
+          hasWarmupError: this.hasWarmupError
+        }
+      );
       throw error;
+    } finally {
+      if (scriptElement) {
+        cleanup(blobUrl, scriptElement, "getChallengeToken");
+      } else {
+        URL.revokeObjectURL(blobUrl);
+      }
     }
   }
   async warmup() {
@@ -268,11 +193,6 @@ class Deflect {
   clearCache() {
     this.scriptCache = null;
   }
-  /**
-   * Inject a fresh token as a hidden input into a form. Only accepts a submit event from onsubmit.
-   * Usage: <form ... onsubmit="return Deflect.injectToken(event)">
-   * Returns false to prevent double submit.
-   */
   async injectToken(event) {
     if (!event || !event.target || !(event.target instanceof HTMLFormElement)) {
       throw new Error("injectToken: must be called from a form submit event");
@@ -289,7 +209,6 @@ class Deflect {
     hidden.value = token;
     form.appendChild(hidden);
     form.submit();
-    return false;
   }
 }
 const DeflectInstance = new Deflect();