@financial-times/privacy-us-privacy 0.3.10 → 1.1.0

package/dist/cjs/main.d.ts

@@ -1,7 +1,7 @@
 export declare const NO_PRIVACY_COOKIE = "no-privacy-cookie";
 declare global {
     interface Window {
-        __uspapi: (command: string, version: number, callback?: Function) => Promise<void>;
+        __uspapi?: (command: string, version: number, callback?: Function) => Promise<unknown>;
     }
 }
 export declare function getUsPrivacyCookie(): string | null;
@@ -13,12 +13,12 @@ export declare function __uspapi(command: string, version: number, callback?: Fu
 /**
  * Expose a javascript function on the global `window` object that can be called
  * by third party scripts to determine if the current user has opted out of CCPA
- * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/master/CCPA/USP%20API.md
+ * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/HEAD/CCPA/USP%20API.md
  */
 export declare function setUSPrivacy(): void;
 /**
  * Set a cookie based on the IAB US Privacy spec
- * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/master/CCPA/US%20Privacy%20String.md
+ * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/HEAD/CCPA/US%20Privacy%20String.md
  *
  * @param consent - Does the user have consent for CCPA
  * @param domain - An optional explicit domain for the cookie

package/dist/cjs/main.js

@@ -1,4 +1,5 @@
 "use strict";
+/* eslint-disable @typescript-eslint/ban-types */
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.setUSPrivacyCookie = exports.setUSPrivacy = exports.__uspapi = exports.getUsPrivacyForTracking = exports.getUsPrivacyCookie = exports.NO_PRIVACY_COOKIE = void 0;
 const privacy_legislation_client_1 = require("@financial-times/privacy-legislation-client");
@@ -40,7 +41,7 @@ async function __uspapi(command, version, callback) {
         }
         // No cookie, assume user hasn't ever visited the CCPA page
         else {
-            const { legislation } = await privacy_legislation_client_1.fetchLegislation();
+            const { legislation } = await (0, privacy_legislation_client_1.fetchLegislation)();
             if (legislation.has("ccpa")) {
                 callback({
                     version,
@@ -66,7 +67,7 @@ exports.__uspapi = __uspapi;
 /**
  * Expose a javascript function on the global `window` object that can be called
  * by third party scripts to determine if the current user has opted out of CCPA
- * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/master/CCPA/USP%20API.md
+ * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/HEAD/CCPA/USP%20API.md
  */
 function setUSPrivacy() {
     if (typeof window.__uspapi === "function") {
@@ -77,7 +78,7 @@ function setUSPrivacy() {
 exports.setUSPrivacy = setUSPrivacy;
 /**
  * Set a cookie based on the IAB US Privacy spec
- * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/master/CCPA/US%20Privacy%20String.md
+ * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/HEAD/CCPA/US%20Privacy%20String.md
  *
  * @param consent - Does the user have consent for CCPA
  * @param domain - An optional explicit domain for the cookie
@@ -87,6 +88,7 @@ function setUSPrivacyCookie(consent, domain) {
     // and we are not trying to make it this work for every possible subdomain yet
     domain = domain || (document.location.hostname || "").replace("www.", "");
     const uspString = `1Y${consent ? "N" : "Y"}N`;
-    document.cookie = `usprivacy=${uspString}; max-age=${60 * 60 * 24 * 365};path=/;domain=${domain}`;
+    const maxAge = 60 * 60 * 24 * 365 * 5;
+    document.cookie = `usprivacy=${uspString};max-age=${maxAge};path=/;domain=${domain}`;
 }
 exports.setUSPrivacyCookie = setUSPrivacyCookie;

package/dist/esm/main.d.ts

@@ -1,7 +1,7 @@
 export declare const NO_PRIVACY_COOKIE = "no-privacy-cookie";
 declare global {
     interface Window {
-        __uspapi: (command: string, version: number, callback?: Function) => Promise<void>;
+        __uspapi?: (command: string, version: number, callback?: Function) => Promise<unknown>;
     }
 }
 export declare function getUsPrivacyCookie(): string | null;
@@ -13,12 +13,12 @@ export declare function __uspapi(command: string, version: number, callback?: Fu
 /**
  * Expose a javascript function on the global `window` object that can be called
  * by third party scripts to determine if the current user has opted out of CCPA
- * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/master/CCPA/USP%20API.md
+ * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/HEAD/CCPA/USP%20API.md
  */
 export declare function setUSPrivacy(): void;
 /**
  * Set a cookie based on the IAB US Privacy spec
- * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/master/CCPA/US%20Privacy%20String.md
+ * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/HEAD/CCPA/US%20Privacy%20String.md
  *
  * @param consent - Does the user have consent for CCPA
  * @param domain - An optional explicit domain for the cookie

package/dist/esm/main.js

@@ -1,3 +1,4 @@
+/* eslint-disable @typescript-eslint/ban-types */
 import { fetchLegislation } from "@financial-times/privacy-legislation-client";
 export const NO_PRIVACY_COOKIE = "no-privacy-cookie";
 export function getUsPrivacyCookie() {
@@ -60,7 +61,7 @@ export async function __uspapi(command, version, callback) {
 /**
  * Expose a javascript function on the global `window` object that can be called
  * by third party scripts to determine if the current user has opted out of CCPA
- * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/master/CCPA/USP%20API.md
+ * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/HEAD/CCPA/USP%20API.md
  */
 export function setUSPrivacy() {
     if (typeof window.__uspapi === "function") {
@@ -70,7 +71,7 @@ export function setUSPrivacy() {
 }
 /**
  * Set a cookie based on the IAB US Privacy spec
- * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/master/CCPA/US%20Privacy%20String.md
+ * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/HEAD/CCPA/US%20Privacy%20String.md
  *
  * @param consent - Does the user have consent for CCPA
  * @param domain - An optional explicit domain for the cookie
@@ -80,5 +81,6 @@ export function setUSPrivacyCookie(consent, domain) {
     // and we are not trying to make it this work for every possible subdomain yet
     domain = domain || (document.location.hostname || "").replace("www.", "");
     const uspString = `1Y${consent ? "N" : "Y"}N`;
-    document.cookie = `usprivacy=${uspString}; max-age=${60 * 60 * 24 * 365};path=/;domain=${domain}`;
+    const maxAge = 60 * 60 * 24 * 365 * 5;
+    document.cookie = `usprivacy=${uspString};max-age=${maxAge};path=/;domain=${domain}`;
 }

package/package.json

@@ -1,18 +1,18 @@
 {
   "name": "@financial-times/privacy-us-privacy",
   "description": "",
-  "version": "0.3.10",
+  "version": "1.1.0",
   "main": "dist/cjs/main.js",
   "module": "dist/esm/main.js",
   "types": "dist/cjs/main.d.ts",
   "private": false,
   "devDependencies": {
-    "@types/js-cookie": "^2.2.6",
-    "js-cookie": "^2.2.1",
+    "@types/js-cookie": "^3.0.3",
+    "js-cookie": "^3.0.5",
     "npm-run-all": "4.1.5"
   },
   "dependencies": {
-    "@financial-times/privacy-legislation-client": "^0.3.10"
+    "@financial-times/privacy-legislation-client": "file:../legislation-client"
   },
   "scripts": {
     "test": "jest",
@@ -22,4 +22,4 @@
     "prebuild": "npm run clean",
     "build": "run-p build:*"
   }
-}
+}

package/src/main.ts

@@ -1,10 +1,12 @@
+/* eslint-disable @typescript-eslint/ban-types */
+
 import { fetchLegislation } from "@financial-times/privacy-legislation-client";
 
 export const NO_PRIVACY_COOKIE = "no-privacy-cookie";
 
 declare global {
   interface Window {
-    __uspapi: (command: string, version: number, callback?: Function) => Promise<void>;
+    __uspapi?: (command: string, version: number, callback?: Function) => Promise<unknown>;
   }
 }
 
@@ -86,7 +88,7 @@ export async function __uspapi(
 /**
  * Expose a javascript function on the global `window` object that can be called
  * by third party scripts to determine if the current user has opted out of CCPA
- * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/master/CCPA/USP%20API.md
+ * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/HEAD/CCPA/USP%20API.md
  */
 export function setUSPrivacy(): void {
   if (typeof window.__uspapi === "function") {
@@ -97,7 +99,7 @@ export function setUSPrivacy(): void {
 
 /**
  * Set a cookie based on the IAB US Privacy spec
- * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/master/CCPA/US%20Privacy%20String.md
+ * https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/HEAD/CCPA/US%20Privacy%20String.md
  *
  * @param consent - Does the user have consent for CCPA
  * @param domain - An optional explicit domain for the cookie
@@ -107,5 +109,6 @@ export function setUSPrivacyCookie(consent: boolean, domain?: string): void {
   // and we are not trying to make it this work for every possible subdomain yet
   domain = domain || (document.location.hostname || "").replace("www.", "");
   const uspString = `1Y${consent ? "N" : "Y"}N`;
-  document.cookie = `usprivacy=${uspString}; max-age=${60 * 60 * 24 * 365};path=/;domain=${domain}`;
+  const maxAge = 60 * 60 * 24 * 365 * 5;
+  document.cookie = `usprivacy=${uspString};max-age=${maxAge};path=/;domain=${domain}`;
 }

package/src/test/main.test.ts

@@ -1,6 +1,9 @@
 /**
  * @jest-environment jsdom
  */
+
+import type { RegionalCompliance } from "../../../legislation-client/src/main";
+
 import {
   setUSPrivacy,
   setUSPrivacyCookie,
@@ -11,19 +14,19 @@ import {
 import * as legislationClient from "@financial-times/privacy-legislation-client";
 import Cookies from "js-cookie";
 
-const mockFetchLegislationCcpa = (): Promise<any> =>
+const mockFetchLegislationCcpa = (): Promise<RegionalCompliance> =>
   Promise.resolve({
     region: "CA",
     legislation: new Set(["ccpa"]),
   });
 
-const mockFetchLegislationNotCcpa = (): Promise<any> =>
+const mockFetchLegislationNotCcpa = (): Promise<RegionalCompliance> =>
   Promise.resolve({
     region: "GB",
     legislation: new Set(["gdpr"]),
   });
 
-describe("Us Privacy", () => {
+describe("US Privacy", () => {
   beforeEach(() => {
     jest.spyOn(console, "error").mockImplementation((arg) => arg);
   });
@@ -32,19 +35,19 @@ describe("Us Privacy", () => {
     jest.resetAllMocks();
   });
 
-  it("should not overwrite an existing window.__uspapi() function", async () => {
-    window.__uspapi = (): Promise<any> => Promise.resolve("just testing");
+  it("should not overwrite an existing window.__uspapi?.() function", async () => {
+    window.__uspapi = (): Promise<string> => Promise.resolve("just testing");
     await setUSPrivacy();
-    expect(await window.__uspapi("test command", 1)).toEqual("just testing");
+    expect(await window.__uspapi?.("test command", 1)).toEqual("just testing");
     delete window.__uspapi;
   });
 
-  describe("window.__uspapi()", () => {
+  describe("window.__uspapi?.()", () => {
     test("should console.error and return if called with command != `getUSPData`", () => {
       jest.spyOn(legislationClient, "fetchLegislation");
       const cb = jest.fn();
       setUSPrivacy();
-      window.__uspapi("fake-command", 1, cb);
+      window.__uspapi?.("fake-command", 1, cb);
       expect(console.error).toBeCalled();
       expect(legislationClient.fetchLegislation).not.toBeCalled();
       expect(cb).not.toBeCalled();
@@ -54,7 +57,7 @@ describe("Us Privacy", () => {
       jest.spyOn(legislationClient, "fetchLegislation");
       const cb = jest.fn();
       setUSPrivacy();
-      window.__uspapi("getUSPData", 2, cb);
+      window.__uspapi?.("getUSPData", 2, cb);
       expect(console.error).toBeCalled();
       expect(legislationClient.fetchLegislation).not.toBeCalled();
       expect(cb).not.toBeCalled();
@@ -63,7 +66,7 @@ describe("Us Privacy", () => {
     test("should console.error if callback is not defined", () => {
       jest.spyOn(legislationClient, "fetchLegislation");
       setUSPrivacy();
-      window.__uspapi("getUSPData", 1);
+      window.__uspapi?.("getUSPData", 1);
       expect(console.error).toBeCalled();
       expect(legislationClient.fetchLegislation).not.toBeCalled();
     });
@@ -75,7 +78,7 @@ describe("Us Privacy", () => {
         });
         const cb = jest.fn();
         setUSPrivacy();
-        window.__uspapi("getUSPData", 1, cb);
+        window.__uspapi?.("getUSPData", 1, cb);
         expect(cb).toBeCalledWith(undefined, false);
       });
     });
@@ -89,7 +92,7 @@ describe("Us Privacy", () => {
           Cookies.set("usprivacy", "fake-value");
           const cb = jest.fn();
           setUSPrivacy();
-          await window.__uspapi("getUSPData", 1, cb);
+          await window.__uspapi?.("getUSPData", 1, cb);
           expect(cb).toBeCalledWith(
             {
               version: 1,
@@ -108,7 +111,7 @@ describe("Us Privacy", () => {
           Cookies.remove("usprivacy");
           const cb = jest.fn();
           setUSPrivacy();
-          await window.__uspapi("getUSPData", 1, cb);
+          await window.__uspapi?.("getUSPData", 1, cb);
           expect(cb).toBeCalledWith(
             {
               version: 1,
@@ -129,7 +132,7 @@ describe("Us Privacy", () => {
           const cb = jest.fn();
           Cookies.set("usprivacy", "fake-value");
           setUSPrivacy();
-          await window.__uspapi("getUSPData", 1, cb);
+          await window.__uspapi?.("getUSPData", 1, cb);
           expect(cb).toBeCalledWith(
             {
               version: 1,
@@ -148,7 +151,7 @@ describe("Us Privacy", () => {
           const cb = jest.fn();
           Cookies.remove("usprivacy");
           setUSPrivacy();
-          await window.__uspapi("getUSPData", 1, cb);
+          await window.__uspapi?.("getUSPData", 1, cb);
           expect(cb).toBeCalledWith(
             {
               version: 1,
@@ -191,5 +194,37 @@ describe("Us Privacy", () => {
         expect(getUsPrivacyForTracking()).toEqual(NO_PRIVACY_COOKIE);
       });
     });
+
+    describe("when providing an explicit cookie domain", () => {
+      let setCookieSpy: jest.SpyInstance;
+
+      beforeAll(() => {
+        setCookieSpy = jest.spyOn(document, "cookie", "set");
+      });
+
+      afterAll(() => {
+        setCookieSpy.mockRestore();
+      });
+
+      describe("User has given CCPA consent (opted in)", () => {
+        test("should set the `usprivacy` cookie to `1YNN` under the specified domain", () => {
+          setUSPrivacyCookie(true, ".ftadviser.com");
+          expect(setCookieSpy).toHaveBeenCalledWith(
+            // max-age should be 31536000 seconds (1 year)
+            "usprivacy=1YNN;max-age=157680000;path=/;domain=.ftadviser.com"
+          );
+        });
+      });
+
+      describe("User has NOT given CCPA consent (opted out)", () => {
+        test("should set the `usprivacy` cookie to `1YYN` under the specified domain", () => {
+          setUSPrivacyCookie(false, ".ftadviser.com");
+          // max-age should be 31536000 seconds (1 year)
+          expect(setCookieSpy).toHaveBeenCalledWith(
+            "usprivacy=1YYN;max-age=157680000;path=/;domain=.ftadviser.com"
+          );
+        });
+      });
+    });
   });
 });

package/tsconfig.json

@@ -1,4 +1,6 @@
 {
   "extends": "../../../tsconfig",
-  "rootDir": "./src/"
+  "compilerOptions": {
+    "rootDir": "./src/"
+  }
 }