@el7ven/cookie-kit 0.3.1 → 0.3.2

package/src/rewriting/ScriptRewriter.js

@@ -0,0 +1,278 @@
+/**
+ * ScriptRewriter — automatically rewrites scripts to be CMP-compliant
+ * @module ScriptRewriter
+ * 
+ * Converts regular scripts:
+ *   <script src="https://www.google-analytics.com/gtag.js"></script>
+ * 
+ * Into CMP-compliant scripts:
+ *   <script 
+ *     type="text/plain"
+ *     data-cookie-category="analytics"
+ *     data-cookie-src="https://www.google-analytics.com/gtag.js"
+ *   ></script>
+ */
+
+import { getAllTrackerPatterns } from '../trackers/TrackerPatterns.js'
+
+export class ScriptRewriter {
+  constructor(config = {}) {
+    this.config = {
+      autoRewrite: true,
+      rewriteInline: false, // Rewrite inline scripts (dangerous!)
+      preserveAttributes: true, // Preserve original attributes
+      observeDOM: true, // Watch for new scripts
+      whitelist: [], // URLs to never rewrite
+      blacklist: [], // URLs to always rewrite
+      debug: false,
+      ...config
+    }
+
+    this.rewrittenScripts = new Map() // original script -> rewritten script
+    this.observer = null
+  }
+
+  /**
+   * Initialize rewriter
+   */
+  initialize() {
+    if (this.config.autoRewrite) {
+      this.rewriteAll()
+    }
+
+    if (this.config.observeDOM) {
+      this._startObserver()
+    }
+  }
+
+  /**
+   * Rewrite all scripts on the page
+   * @returns {number} Number of scripts rewritten
+   */
+  rewriteAll() {
+    this._debug('Starting script rewriting...')
+
+    const scripts = document.querySelectorAll('script[src]')
+    let rewrittenCount = 0
+
+    scripts.forEach(script => {
+      if (this._shouldRewrite(script)) {
+        const rewritten = this._rewriteScript(script)
+        if (rewritten) {
+          rewrittenCount++
+        }
+      }
+    })
+
+    this._debug(`Rewrote ${rewrittenCount} scripts`)
+    return rewrittenCount
+  }
+
+  /**
+   * Rewrite a single script element
+   * @param {HTMLScriptElement} script - Script to rewrite
+   * @returns {HTMLScriptElement|null} Rewritten script or null
+   */
+  _rewriteScript(script) {
+    const src = script.getAttribute('src')
+    if (!src) return null
+
+    // Check if already rewritten
+    if (script.type === 'text/plain' && script.dataset.cookieSrc) {
+      this._debug('Script already rewritten:', src)
+      return null
+    }
+
+    // Detect tracker category
+    const category = this._detectCategory(src)
+    if (!category) {
+      this._debug('No category detected for:', src)
+      return null
+    }
+
+    // Create new script element
+    const newScript = document.createElement('script')
+    
+    // Set CMP attributes
+    newScript.type = 'text/plain'
+    newScript.dataset.cookieCategory = category
+    newScript.dataset.cookieSrc = src
+
+    // Preserve original attributes
+    if (this.config.preserveAttributes) {
+      Array.from(script.attributes).forEach(attr => {
+        if (attr.name !== 'src' && attr.name !== 'type') {
+          newScript.setAttribute(attr.name, attr.value)
+        }
+      })
+    }
+
+    // Replace script
+    script.parentNode?.replaceChild(newScript, script)
+    
+    // Store mapping
+    this.rewrittenScripts.set(script, newScript)
+
+    this._debug(`Rewrote script: ${src} → category: ${category}`)
+    return newScript
+  }
+
+  /**
+   * Check if script should be rewritten
+   * @param {HTMLScriptElement} script
+   * @returns {boolean}
+   */
+  _shouldRewrite(script) {
+    const src = script.getAttribute('src')
+    if (!src) return false
+
+    // Already rewritten
+    if (script.type === 'text/plain' && script.dataset.cookieSrc) {
+      return false
+    }
+
+    // Check whitelist (never rewrite)
+    if (this.config.whitelist.length > 0) {
+      const isWhitelisted = this.config.whitelist.some(pattern => 
+        src.includes(pattern)
+      )
+      if (isWhitelisted) {
+        this._debug('Whitelisted, skipping:', src)
+        return false
+      }
+    }
+
+    // Check blacklist (always rewrite)
+    if (this.config.blacklist.length > 0) {
+      const isBlacklisted = this.config.blacklist.some(pattern => 
+        src.includes(pattern)
+      )
+      if (isBlacklisted) {
+        return true
+      }
+    }
+
+    // Check if tracker is detected
+    const category = this._detectCategory(src)
+    return category !== null
+  }
+
+  /**
+   * Detect category from script src
+   * @param {string} src - Script source URL
+   * @returns {string|null} Category name or null
+   */
+  _detectCategory(src) {
+    const patterns = getAllTrackerPatterns()
+
+    for (const pattern of patterns) {
+      for (const scriptPattern of pattern.scripts) {
+        if (src.includes(scriptPattern)) {
+          return pattern.category
+        }
+      }
+    }
+
+    return null
+  }
+
+  /**
+   * Start MutationObserver to watch for new scripts
+   * @private
+   */
+  _startObserver() {
+    if (typeof MutationObserver === 'undefined') {
+      return
+    }
+
+    this.observer = new MutationObserver((mutations) => {
+      mutations.forEach((mutation) => {
+        mutation.addedNodes.forEach((node) => {
+          if (node.nodeType === 1) {
+            // Check if it's a script
+            if (node.tagName === 'SCRIPT' && node.getAttribute('src')) {
+              if (this._shouldRewrite(node)) {
+                this._debug('New script detected, rewriting...')
+                this._rewriteScript(node)
+              }
+            }
+            
+            // Check for scripts inside added node
+            const scripts = node.querySelectorAll?.('script[src]')
+            scripts?.forEach(script => {
+              if (this._shouldRewrite(script)) {
+                this._rewriteScript(script)
+              }
+            })
+          }
+        })
+      })
+    })
+
+    this.observer.observe(document.documentElement, {
+      childList: true,
+      subtree: true
+    })
+
+    this._debug('Script rewriter observer started')
+  }
+
+  /**
+   * Get rewritten scripts
+   * @returns {Array}
+   */
+  getRewrittenScripts() {
+    return Array.from(this.rewrittenScripts.entries()).map(([original, rewritten]) => ({
+      original: original.src,
+      category: rewritten.dataset.cookieCategory,
+      rewritten: rewritten.dataset.cookieSrc
+    }))
+  }
+
+  /**
+   * Get stats
+   * @returns {Object}
+   */
+  getStats() {
+    const scripts = this.getRewrittenScripts()
+    const byCategory = {}
+
+    scripts.forEach(script => {
+      if (!byCategory[script.category]) {
+        byCategory[script.category] = []
+      }
+      byCategory[script.category].push(script.original)
+    })
+
+    return {
+      total: scripts.length,
+      byCategory
+    }
+  }
+
+  /**
+   * Destroy rewriter
+   */
+  destroy() {
+    if (this.observer) {
+      this.observer.disconnect()
+      this.observer = null
+    }
+    this.rewrittenScripts.clear()
+  }
+
+  _debug(...args) {
+    // Debug disabled
+  }
+}
+
+/**
+ * Helper function to rewrite scripts automatically
+ * @param {Object} config - Configuration
+ * @returns {ScriptRewriter}
+ */
+export function initScriptRewriter(config = {}) {
+  const rewriter = new ScriptRewriter(config)
+  rewriter.initialize()
+  return rewriter
+}

package/src/rewriting/index.js

@@ -0,0 +1,6 @@
+/**
+ * Script Rewriting System — automatically rewrite scripts to be CMP-compliant
+ * @module rewriting
+ */
+
+export { ScriptRewriter, initScriptRewriter } from './ScriptRewriter.js'

package/src/scripts/ScriptLoader.js

@@ -0,0 +1,310 @@
+/**
+ * ScriptLoader — safely injects scripts into DOM
+ * @module ScriptLoader
+ */
+
+export class ScriptLoader {
+  constructor(config = {}) {
+    this.config = {
+      timeout: 10000, // 10 seconds
+      retryAttempts: 3,
+      retryDelay: 1000,
+      ...config
+    }
+    this.loadedScripts = new Set() // Track by src
+    this.loadedHashes = new Set()  // Track by content hash
+    this.loadedIds = new Set()     // Track by id
+  }
+
+  /**
+   * Load external script
+   * @param {Object} scriptDescriptor - Script descriptor from registry
+   * @returns {Promise<boolean>}
+   */
+  async loadExternal(scriptDescriptor) {
+    const { src, cookieSrc, attributes, id } = scriptDescriptor
+    const actualSrc = cookieSrc || src
+
+    if (!actualSrc) {
+      console.warn('[ScriptLoader] No src provided for external script')
+      return false
+    }
+
+    // Deduplication: check if already loaded
+    if (this.loadedScripts.has(actualSrc) || this.loadedIds.has(id)) {
+      console.log('[ScriptLoader] Script already loaded:', actualSrc)
+      return true
+    }
+
+    return new Promise((resolve) => {
+      const script = document.createElement('script')
+      
+      // Set src from data-cookie-src (pre-blocking)
+      script.src = actualSrc
+      
+      // Apply attributes
+      Object.entries(attributes || {}).forEach(([key, value]) => {
+        if (key !== 'src') {
+          script.setAttribute(key, value)
+        }
+      })
+
+      // Set proper type
+      script.type = 'text/javascript'
+      
+      // Add data attribute for tracking
+      script.setAttribute('data-cookie-loaded', 'true')
+      script.setAttribute('data-cookie-id', id)
+
+      let timeoutId = null
+
+      const cleanup = () => {
+        if (timeoutId) clearTimeout(timeoutId)
+        script.removeEventListener('load', onLoad)
+        script.removeEventListener('error', onError)
+      }
+
+      const onLoad = () => {
+        cleanup()
+        this.loadedScripts.add(actualSrc)
+        this.loadedIds.add(id)
+        resolve(true)
+      }
+
+      const onError = (error) => {
+        cleanup()
+        console.error('[ScriptLoader] Failed to load script:', actualSrc, error)
+        resolve(false)
+      }
+
+      // Timeout
+      timeoutId = setTimeout(() => {
+        cleanup()
+        console.warn('[ScriptLoader] Script load timeout:', actualSrc)
+        resolve(false)
+      }, this.config.timeout)
+
+      script.addEventListener('load', onLoad)
+      script.addEventListener('error', onError)
+
+      // Inject into DOM
+      const target = document.head || document.documentElement
+      target.appendChild(script)
+    })
+  }
+
+  /**
+   * Load inline script
+   * @param {Object} scriptDescriptor - Script descriptor from registry
+   * @returns {Promise<boolean>}
+   */
+  async loadInline(scriptDescriptor) {
+    const { content, attributes, id } = scriptDescriptor
+
+    if (!content) {
+      console.warn('[ScriptLoader] No content provided for inline script')
+      return false
+    }
+
+    // Deduplication: check by content hash
+    const contentHash = this._hashContent(content)
+    if (this.loadedHashes.has(contentHash) || this.loadedIds.has(id)) {
+      console.log('[ScriptLoader] Inline script already loaded')
+      return true
+    }
+
+    try {
+      const script = document.createElement('script')
+      
+      // Set content
+      script.textContent = content
+      
+      // Apply attributes
+      Object.entries(attributes || {}).forEach(([key, value]) => {
+        script.setAttribute(key, value)
+      })
+
+      // Set proper type
+      script.type = 'text/javascript'
+      
+      // Add data attribute for tracking
+      script.setAttribute('data-cookie-loaded', 'true')
+      script.setAttribute('data-cookie-id', id)
+
+      // Inject into DOM
+      const target = document.head || document.documentElement
+      target.appendChild(script)
+
+      // Mark as loaded
+      this.loadedHashes.add(contentHash)
+      this.loadedIds.add(id)
+
+      return true
+    } catch (error) {
+      console.error('[ScriptLoader] Failed to load inline script:', error)
+      return false
+    }
+  }
+
+  /**
+   * Load script (auto-detect inline vs external)
+   * @param {Object} scriptDescriptor - Script descriptor
+   * @returns {Promise<boolean>}
+   */
+  async load(scriptDescriptor) {
+    const { elementType } = scriptDescriptor
+
+    // Handle iframes
+    if (elementType === 'iframe') {
+      return this.loadIframe(scriptDescriptor)
+    }
+
+    // Handle scripts
+    if (scriptDescriptor.inline) {
+      return this.loadInline(scriptDescriptor)
+    } else {
+      return this.loadExternal(scriptDescriptor)
+    }
+  }
+
+  /**
+   * Load iframe (YouTube, Maps, etc)
+   * @param {Object} iframeDescriptor - Iframe descriptor
+   * @returns {Promise<boolean>}
+   */
+  async loadIframe(iframeDescriptor) {
+    const { src, cookieSrc, attributes, id, element } = iframeDescriptor
+    const actualSrc = cookieSrc || src
+
+    if (!actualSrc) {
+      console.warn('[ScriptLoader] No src provided for iframe')
+      return false
+    }
+
+    // Deduplication
+    if (this.loadedScripts.has(actualSrc) || this.loadedIds.has(id)) {
+      console.log('[ScriptLoader] Iframe already loaded:', actualSrc)
+      return true
+    }
+
+    try {
+      // Update existing iframe or create new one
+      if (element && element.parentNode) {
+        // Update src on existing element
+        element.src = actualSrc
+        
+        // Remove data-cookie-src attribute
+        element.removeAttribute('data-cookie-src')
+        
+        this.loadedScripts.add(actualSrc)
+        this.loadedIds.add(id)
+        return true
+      } else {
+        // Create new iframe
+        const iframe = document.createElement('iframe')
+        iframe.src = actualSrc
+        
+        // Apply attributes
+        Object.entries(attributes || {}).forEach(([key, value]) => {
+          iframe.setAttribute(key, value)
+        })
+        
+        iframe.setAttribute('data-cookie-loaded', 'true')
+        iframe.setAttribute('data-cookie-id', id)
+        
+        // Find parent or append to body
+        const target = element?.parentNode || document.body
+        target.appendChild(iframe)
+        
+        this.loadedScripts.add(actualSrc)
+        this.loadedIds.add(id)
+        return true
+      }
+    } catch (error) {
+      console.error('[ScriptLoader] Failed to load iframe:', error)
+      return false
+    }
+  }
+
+  /**
+   * Load multiple scripts sequentially
+   * @param {Array} scriptDescriptors - Array of script descriptors
+   * @returns {Promise<Object>} Results object
+   */
+  async loadMany(scriptDescriptors) {
+    const results = {
+      total: scriptDescriptors.length,
+      loaded: 0,
+      failed: 0,
+      scripts: []
+    }
+
+    for (const script of scriptDescriptors) {
+      const success = await this.load(script)
+      
+      results.scripts.push({
+        id: script.id,
+        category: script.category,
+        success
+      })
+
+      if (success) {
+        results.loaded++
+      } else {
+        results.failed++
+      }
+    }
+
+    return results
+  }
+
+  /**
+   * Remove original blocked script element
+   * @param {HTMLScriptElement} element - Original script element
+   */
+  removeBlockedScript(element) {
+    if (element && element.parentNode) {
+      element.parentNode.removeChild(element)
+    }
+  }
+
+  /**
+   * Check if script is already loaded
+   * @param {string} src - Script src
+   * @returns {boolean}
+   */
+  isLoaded(src) {
+    return this.loadedScripts.has(src)
+  }
+
+  /**
+   * Clear loaded scripts cache
+   */
+  clear() {
+    this.loadedScripts.clear()
+    this.loadedHashes.clear()
+    this.loadedIds.clear()
+  }
+
+  /**
+   * Get loaded scripts count
+   * @returns {number}
+   */
+  getLoadedCount() {
+    return this.loadedScripts.size
+  }
+
+  /**
+   * Simple hash function for content deduplication
+   * @private
+   */
+  _hashContent(content) {
+    let hash = 0
+    for (let i = 0; i < content.length; i++) {
+      const char = content.charCodeAt(i)
+      hash = ((hash << 5) - hash) + char
+      hash = hash & hash
+    }
+    return hash.toString(36)
+  }
+}