@growthbook/edge-utils 0.0.1

package/dist/types.d.ts

@@ -0,0 +1,60 @@
+import { Attributes, FeatureApiResponse, LocalStorageCompat, StickyBucketService, TrackingCallback } from "@growthbook/growthbook";
+export interface Context<Req = unknown, Res = unknown> {
+    config: Config;
+    helpers: Helpers<Req, Res>;
+}
+export interface Config {
+    proxyTarget: string;
+    forwardProxyHeaders: boolean;
+    environment: string;
+    maxPayloadSize?: string;
+    routes?: Route[];
+    runVisualEditorExperiments: ExperimentRunEnvironment;
+    disableJsInjection: boolean;
+    runUrlRedirectExperiments: ExperimentRunEnvironment;
+    runCrossOriginUrlRedirectExperiments: ExperimentRunEnvironment;
+    injectRedirectUrlScript: boolean;
+    maxRedirects: number;
+    scriptInjectionPattern: string;
+    disableInjections: boolean;
+    enableStreaming: boolean;
+    enableStickyBucketing: boolean;
+    stickyBucketPrefix?: string;
+    contentSecurityPolicy?: string;
+    nonce?: string;
+    crypto?: any;
+    localStorage?: LocalStorageCompat;
+    growthbook: {
+        apiHost: string;
+        clientKey: string;
+        decryptionKey?: string;
+        trackingCallback?: string;
+        edgeTrackingCallback?: TrackingCallback;
+        attributes?: Attributes;
+        edgeStickyBucketService?: StickyBucketService;
+        payload?: FeatureApiResponse;
+    };
+    persistUuid: boolean;
+    uuidCookieName: string;
+    uuidKey: string;
+    skipAutoAttributes: boolean;
+}
+export type ExperimentRunEnvironment = "everywhere" | "edge" | "browser" | "skip";
+export interface Helpers<Req, Res> {
+    getRequestURL?: (req: Req) => string;
+    getRequestMethod?: (req: Req) => string;
+    getRequestHeader?: (req: Req, key: string) => string | undefined;
+    sendResponse?: (ctx: Context<Req, Res>, res?: Res, headers?: Record<string, any>, body?: string, cookies?: Record<string, string>, status?: number) => unknown;
+    fetch?: (ctx: Context<Req, Res>, url: string) => Promise<Res>;
+    proxyRequest?: (ctx: Context<Req, Res>, req: Req, res?: Res, next?: any) => Promise<unknown>;
+    getCookie?: (req: Req, key: string) => string;
+    setCookie?: (res: Res, key: string, value: string) => void;
+}
+export type Route = {
+    pattern: string;
+    type?: "regex" | "simple";
+    behavior?: "intercept" | "proxy" | "error";
+    includeFileExtensions?: boolean;
+    statusCode?: number;
+    body?: string;
+};

package/dist/types.js

@@ -0,0 +1,4 @@
+"use strict";
+/* eslint-disable @typescript-eslint/no-explicit-any */
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":";AAAA,uDAAuD"}

package/package.json

@@ -0,0 +1,31 @@
+{
+  "name": "@growthbook/edge-utils",
+  "description": "Edge worker base app",
+  "version": "0.0.1",
+  "main": "dist/index.js",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/growthbook/growthbook-proxy.git",
+    "directory": "packages/shared/edge-utils"
+  },
+  "author": "Bryce Fitzsimons",
+  "scripts": {
+    "build:clean": "rimraf -rf dist",
+    "build:typescript": "tsc",
+    "build": "yarn build:clean && yarn generate-sdk-wrapper && yarn build:typescript",
+    "generate-sdk-wrapper": "node scripts/generate-sdk-wrapper.js",
+    "type-check": "tsc --pretty --noEmit",
+    "dev": "node scripts/generate-sdk-wrapper.js && tsc --watch"
+  },
+  "dependencies": {
+    "@growthbook/growthbook": "^1.0.0",
+    "node-html-parser": "^6.1.13"
+  },
+  "devDependencies": {
+    "@types/jsdom": "^21.1.6",
+    "@types/node": "^20.8.2",
+    "rimraf": "^5.0.5",
+    "typescript": "5.2.2"
+  }
+}

package/scripts/generate-sdk-wrapper.js

@@ -0,0 +1,22 @@
+const fs = require("fs");
+
+// Read the vendor .js file
+const vendorScriptPath =
+  "./node_modules/@growthbook/growthbook/dist/bundles/auto.min.js";
+const vendorScriptContent = fs
+  .readFileSync(vendorScriptPath, "utf8")
+  .replace(/\\/g, "\\\\") // Escape backslashes
+  .replace(/'/g, "\\'") // Escape single quotes
+  .replace(/"/g, '\\"') // Escape double quotes
+  .replace(/\n/g, "\\n"); // Escape newlines
+
+// Generate TypeScript file with embedded content
+const outputFile = "./src/generated/sdkWrapper.ts";
+fs.writeFileSync(
+  outputFile,
+  `
+export const sdkWrapper = "${vendorScriptContent}";
+`,
+);
+
+console.log("Vendor script file generated successfully.");

package/src/app.ts

@@ -0,0 +1,210 @@
+import {
+  AutoExperimentVariation,
+  GrowthBook,
+  setPolyfills,
+  StickyBucketService,
+} from "@growthbook/growthbook";
+import { Context } from "./types";
+import { getUserAttributes } from "./attributes";
+import { getCspInfo, injectScript } from "./inject";
+import { applyDomMutations } from "./domMutations";
+import redirect from "./redirect";
+import { getRoute } from "./routing";
+import { EdgeStickyBucketService } from "./stickyBucketService";
+
+export async function edgeApp<Req, Res>(
+  context: Context<Req, Res>,
+  req: Req,
+  res?: Res,
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  next?: any,
+) {
+  // todo: import default helpers, overwrite with context helpers
+
+  let url = context.helpers.getRequestURL?.(req) || "";
+
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  let headers: Record<string, any> = {
+    "Content-Type": "text/html",
+  };
+  const cookies: Record<string, string> = {};
+  const setCookie = (key: string, value: string) => {
+    cookies[key] = value;
+  };
+  const { csp, nonce } = getCspInfo(context as Context<unknown, unknown>);
+  if (csp) {
+    headers["Content-Security-Policy"] = csp;
+  }
+  let body = "";
+
+  // Non GET requests are proxied
+  if (context.helpers.getRequestMethod?.(req) !== "GET") {
+    return context.helpers.proxyRequest?.(context, req, res, next);
+  }
+  // Check the url for routing rules (default behavior is intercept)
+  const route = getRoute(context as Context<unknown, unknown>, url);
+  if (route.behavior === "error") {
+    return context.helpers.sendResponse?.(
+      context,
+      res,
+      headers,
+      route.body || "",
+      cookies,
+      route.statusCode,
+    );
+  }
+  if (route.behavior === "proxy") {
+    return context.helpers.proxyRequest?.(context, req, res, next);
+  }
+
+  const attributes = getUserAttributes(context, req, url, setCookie);
+
+  let domChanges: AutoExperimentVariation[] = [];
+  const resetDomChanges = () => (domChanges = []);
+
+  let preRedirectChangeIds: string[] = [];
+  const setPreRedirectChangeIds = (changeIds: string[]) =>
+    (preRedirectChangeIds = changeIds);
+
+  context.config.localStorage &&
+    setPolyfills({ localStorage: context.config.localStorage });
+  context.config.crypto &&
+    setPolyfills({ SubtleCrypto: context.config.crypto });
+
+  let stickyBucketService:
+    | EdgeStickyBucketService<Req, Res>
+    | StickyBucketService
+    | undefined = undefined;
+  if (context.config.enableStickyBucketing) {
+    stickyBucketService =
+      context.config.growthbook.edgeStickyBucketService ??
+      new EdgeStickyBucketService<Req, Res>({
+        context,
+        prefix: context.config.stickyBucketPrefix,
+        req,
+      });
+  }
+  const growthbook = new GrowthBook({
+    apiHost: context.config.growthbook.apiHost,
+    clientKey: context.config.growthbook.clientKey,
+    decryptionKey: context.config.growthbook.decryptionKey,
+    attributes,
+    applyDomChangesCallback: (changes: AutoExperimentVariation) => {
+      domChanges.push(changes);
+      return () => {};
+    },
+    url,
+    disableVisualExperiments: ["skip", "browser"].includes(
+      context.config.runVisualEditorExperiments,
+    ),
+    disableJsInjection: context.config.disableJsInjection,
+    disableUrlRedirectExperiments: ["skip", "browser"].includes(
+      context.config.runUrlRedirectExperiments,
+    ),
+    disableCrossOriginUrlRedirectExperiments: ["skip", "browser"].includes(
+      context.config.runCrossOriginUrlRedirectExperiments,
+    ),
+    stickyBucketService,
+    trackingCallback: context.config.disableInjections
+      ? context.config.growthbook.edgeTrackingCallback
+      : undefined,
+    debug: true, // todo: remove
+  });
+
+  await growthbook.init({
+    payload: context.config.growthbook.payload,
+  });
+
+  const oldUrl = url;
+  url = await redirect({
+    context: context as Context<unknown, unknown>,
+    req,
+    setCookie,
+    growthbook,
+    previousUrl: url,
+    resetDomChanges,
+    setPreRedirectChangeIds: setPreRedirectChangeIds,
+  });
+
+  const originUrl = getOriginUrl(context as Context<unknown, unknown>, url);
+
+  /* eslint-disable @typescript-eslint/no-explicit-any */
+  let fetchedResponse:
+    | (Res & { ok: boolean; headers: Record<string, any>; text: any })
+    | undefined = undefined;
+  try {
+    fetchedResponse = (await context.helpers.fetch?.(
+      context as Context<Req, Res>,
+      originUrl,
+      /* eslint-disable @typescript-eslint/no-explicit-any */
+    )) as Res & { ok: boolean; headers: Record<string, any>; text: any };
+    if (!fetchedResponse?.ok) {
+      throw new Error("Fetch: non-2xx status returned");
+    }
+  } catch (e) {
+    console.error(e);
+    return context.helpers.sendResponse?.(
+      context,
+      res,
+      headers,
+      "Error fetching page",
+      cookies,
+      500,
+    );
+  }
+  if (context.config.forwardProxyHeaders && fetchedResponse?.headers) {
+    headers = { ...fetchedResponse.headers, ...headers };
+  }
+  body = await fetchedResponse.text();
+
+  body = await applyDomMutations({
+    body,
+    nonce,
+    domChanges,
+  });
+
+  body = injectScript({
+    context: context as Context<unknown, unknown>,
+    body,
+    nonce,
+    growthbook,
+    attributes,
+    preRedirectChangeIds,
+    url,
+    oldUrl,
+  });
+
+  return context.helpers.sendResponse?.(context, res, headers, body, cookies);
+}
+
+export function getOriginUrl(context: Context, currentURL: string): string {
+  const proxyTarget = context.config.proxyTarget;
+  const currentParsedURL = new URL(currentURL);
+  const proxyParsedURL = new URL(proxyTarget);
+
+  const protocol = proxyParsedURL.protocol
+    ? proxyParsedURL.protocol
+    : currentParsedURL.protocol;
+  const hostname = proxyParsedURL.hostname
+    ? proxyParsedURL.hostname
+    : currentParsedURL.hostname;
+  const port = proxyParsedURL.port
+    ? proxyParsedURL.port
+    : protocol === "http:"
+    ? "80"
+    : "443";
+
+  let newURL = `${protocol}//${hostname}`;
+  if ((protocol === "http" && port !== "80") || port !== "443") {
+    newURL += `:${port}`;
+  }
+  newURL += `${currentParsedURL.pathname}`;
+  if (currentParsedURL.search) {
+    newURL += currentParsedURL.search;
+  }
+  if (currentParsedURL.hash) {
+    newURL += currentParsedURL.hash;
+  }
+
+  return newURL;
+}

package/src/attributes.ts

@@ -0,0 +1,97 @@
+import { Attributes } from "@growthbook/growthbook";
+import { Context } from "./types";
+
+// Get the user's attributes by merging the UUID cookie with any auto-attributes
+export function getUserAttributes<Req, Res>(
+  ctx: Context<Req, Res>,
+  req: Req,
+  url: string,
+  setCookie: (key: string, value: string) => void,
+): Attributes {
+  const { config, helpers } = ctx;
+
+  const providedAttributes = config.growthbook.attributes || {};
+  if (config.skipAutoAttributes) {
+    return providedAttributes;
+  }
+  // get any saved attributes from the cookie
+  const uuid = getUUID(ctx, req);
+  if (config.persistUuid) {
+    if (!helpers?.setCookie) {
+      throw new Error("Missing required dependencies");
+    }
+    setCookie(config.uuidCookieName, uuid);
+  }
+
+  const autoAttributes = getAutoAttributes(ctx, req, url);
+  return { ...autoAttributes, ...providedAttributes };
+}
+
+// Get or create a UUID for the user:
+// - Try to get the UUID from the cookie
+// - Or create a new one and store in the cookie
+export function getUUID<Req, Res>(ctx: Context<Req, Res>, req: Req) {
+  const { config, helpers } = ctx;
+
+  const crypto = config?.crypto || globalThis?.crypto;
+
+  if (!crypto || !helpers?.getCookie) {
+    throw new Error("Missing required dependencies");
+  }
+
+  const genUUID = () => {
+    if (crypto.randomUUID) return crypto.randomUUID();
+    return ("" + 1e7 + -1e3 + -4e3 + -8e3 + -1e11).replace(/[018]/g, (c) =>
+      (
+        (c as unknown as number) ^
+        (crypto.getRandomValues(new Uint8Array(1))[0] &
+          (15 >> ((c as unknown as number) / 4)))
+      ).toString(16),
+    );
+  };
+
+  // get the existing UUID from cookie if set, otherwise create one
+  return helpers.getCookie(req, config.uuidCookieName) || genUUID();
+}
+
+// Infer attributes from the request
+// - UUID will come from the cookie or be generated
+// - Other attributes come from the request headers and URL
+export function getAutoAttributes<Req, Res>(
+  ctx: Context<Req, Res>,
+  req: Req,
+  url: string,
+): Attributes {
+  const { config, helpers } = ctx;
+
+  const getHeader = helpers?.getRequestHeader;
+
+  const autoAttributes: Attributes = {
+    [config.uuidKey]: getUUID(ctx, req),
+  };
+
+  const ua = getHeader?.(req, "user-agent") || "";
+  autoAttributes.browser = ua.match(/Edg/)
+    ? "edge"
+    : ua.match(/Chrome/)
+    ? "chrome"
+    : ua.match(/Firefox/)
+    ? "firefox"
+    : ua.match(/Safari/)
+    ? "safari"
+    : "unknown";
+  autoAttributes.deviceType = ua.match(/Mobi/) ? "mobile" : "desktop";
+
+  autoAttributes.url = url;
+
+  try {
+    const urlObj = new URL(url);
+    autoAttributes.path = urlObj.pathname;
+    autoAttributes.host = urlObj.host;
+    autoAttributes.query = urlObj.search;
+  } catch (e) {
+    // ignore
+  }
+
+  return autoAttributes;
+}

package/src/config.ts

@@ -0,0 +1,166 @@
+import { Config, Context, ExperimentRunEnvironment } from "./types";
+
+export const defaultContext: Context = {
+  config: {
+    proxyTarget: "/",
+    forwardProxyHeaders: true,
+    environment: "production",
+    maxPayloadSize: "2mb",
+    runVisualEditorExperiments: "everywhere",
+    disableJsInjection: false,
+    runUrlRedirectExperiments: "browser",
+    runCrossOriginUrlRedirectExperiments: "browser",
+    injectRedirectUrlScript: true,
+    maxRedirects: 5,
+    scriptInjectionPattern: "</head>",
+    disableInjections: false,
+    enableStreaming: false,
+    enableStickyBucketing: false,
+    growthbook: {
+      apiHost: "",
+      clientKey: "",
+    },
+    persistUuid: false,
+    uuidCookieName: "gbuuid",
+    uuidKey: "id",
+    skipAutoAttributes: false,
+  },
+  helpers: {},
+};
+
+export interface ConfigEnv {
+  PROXY_TARGET?: string;
+  FORWARD_PROXY_HEADERS?: string;
+  NODE_ENV?: string;
+  MAX_PAYLOAD_SIZE?: string;
+
+  ROUTES?: string;
+
+  RUN_VISUAL_EDITOR_EXPERIMENTS?: ExperimentRunEnvironment;
+  DISABLE_JS_INJECTION?: string;
+
+  RUN_URL_REDIRECT_EXPERIMENTS?: ExperimentRunEnvironment;
+  RUN_CROSS_ORIGIN_URL_REDIRECT_EXPERIMENTS?: ExperimentRunEnvironment;
+  INJECT_REDIRECT_URL_SCRIPT?: string;
+  MAX_REDIRECTS?: string;
+
+  SCRIPT_INJECTION_PATTERN?: string;
+  DISABLE_INJECTIONS?: string;
+
+  ENABLE_STREAMING?: string;
+  ENABLE_STICKY_BUCKETING?: string;
+  STICKY_BUCKET_PREFIX?: string;
+
+  CONTENT_SECURITY_POLICY?: string;
+  NONCE?: string;
+
+  GROWTHBOOK_API_HOST?: string;
+  GROWTHBOOK_CLIENT_KEY?: string;
+  GROWTHBOOK_DECRYPTION_KEY?: string;
+  GROWTHBOOK_TRACKING_CALLBACK?: string;
+  GROWTHBOOK_PAYLOAD?: string;
+
+  PERSIST_UUID?: string;
+  UUID_COOKIE_NAME?: string;
+  UUID_KEY?: string;
+
+  SKIP_AUTO_ATTRIBUTES?: string;
+
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  [key: string]: any;
+}
+
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+export function getConfig(env: ConfigEnv): Config {
+  const config = defaultContext.config;
+
+  config.proxyTarget = env.PROXY_TARGET ?? defaultContext.config.proxyTarget;
+  config.forwardProxyHeaders = ["true", "1"].includes(
+    env.FORWARD_PROXY_HEADERS ?? "" + defaultContext.config.forwardProxyHeaders,
+  );
+  config.environment = env.NODE_ENV ?? defaultContext.config.environment;
+  config.maxPayloadSize =
+    env.MAX_PAYLOAD_SIZE ?? defaultContext.config.maxPayloadSize;
+
+  try {
+    config.routes = JSON.parse(env.ROUTES || "[]");
+  } catch (e) {
+    console.error("Error parsing ROUTES", e);
+    config.routes = [];
+  }
+
+  config.runVisualEditorExperiments = (env.RUN_VISUAL_EDITOR_EXPERIMENTS ??
+    defaultContext.config
+      .runVisualEditorExperiments) as ExperimentRunEnvironment;
+  config.disableJsInjection = ["true", "1"].includes(
+    env.DISABLE_JS_INJECTION ?? "" + defaultContext.config.disableJsInjection,
+  );
+
+  config.runUrlRedirectExperiments = (env.RUN_URL_REDIRECT_EXPERIMENTS ??
+    defaultContext.config
+      .runUrlRedirectExperiments) as ExperimentRunEnvironment;
+  config.runCrossOriginUrlRedirectExperiments =
+    (env.RUN_CROSS_ORIGIN_URL_REDIRECT_EXPERIMENTS ??
+      defaultContext.config
+        .runCrossOriginUrlRedirectExperiments) as ExperimentRunEnvironment;
+  config.injectRedirectUrlScript = ["true", "1"].includes(
+    env.INJECT_REDIRECT_URL_SCRIPT ??
+      "" + defaultContext.config.injectRedirectUrlScript,
+  );
+  config.maxRedirects = parseInt(
+    env.MAX_REDIRECTS || "" + defaultContext.config.maxRedirects,
+  );
+
+  config.scriptInjectionPattern =
+    env.SCRIPT_INJECTION_PATTERN ||
+    defaultContext.config.scriptInjectionPattern;
+  config.disableInjections = ["true", "1"].includes(
+    env.DISABLE_INJECTIONS ?? "" + defaultContext.config.disableInjections,
+  );
+
+  config.enableStreaming = ["true", "1"].includes(
+    env.ENABLE_STREAMING ?? "" + defaultContext.config.enableStreaming,
+  );
+  config.enableStickyBucketing = ["true", "1"].includes(
+    env.ENABLE_STICKY_BUCKETING ??
+      "" + defaultContext.config.enableStickyBucketing,
+  );
+  "STICKY_BUCKET_PREFIX" in env &&
+    (config.stickyBucketPrefix = env.STICKY_BUCKET_PREFIX);
+
+  config.contentSecurityPolicy = env.CONTENT_SECURITY_POLICY || "";
+  // warning: for testing only; nonce should be unique per request
+  config.nonce = env.NONCE || undefined;
+
+  config.crypto = crypto;
+
+  // config.growthbook
+  config.growthbook.apiHost = (env.GROWTHBOOK_API_HOST ?? "").replace(
+    /\/*$/,
+    "",
+  );
+  config.growthbook.clientKey = env.GROWTHBOOK_CLIENT_KEY ?? "";
+  "GROWTHBOOK_DECRYPTION_KEY" in env &&
+    (config.growthbook.decryptionKey = env.GROWTHBOOK_DECRYPTION_KEY);
+  "GROWTHBOOK_TRACKING_CALLBACK" in env &&
+    (config.growthbook.trackingCallback = env.GROWTHBOOK_TRACKING_CALLBACK);
+  try {
+    "GROWTHBOOK_PAYLOAD" in env &&
+      (config.growthbook.payload = JSON.parse(env.GROWTHBOOK_PAYLOAD || ""));
+  } catch (e) {
+    console.error("Error parsing GROWTHBOOK_PAYLOAD", e);
+  }
+
+  config.persistUuid = ["true", "1"].includes(
+    env.PERSIST_UUID ?? "" + defaultContext.config.persistUuid,
+  );
+  config.uuidCookieName =
+    env.UUID_COOKIE_NAME || defaultContext.config.uuidCookieName;
+  config.uuidKey = env.UUID_KEY || defaultContext.config.uuidKey;
+
+  config.skipAutoAttributes = ["true", "1"].includes(
+    env.SKIP_AUTO_ATTRIBUTES ?? "" + defaultContext.config.skipAutoAttributes,
+  );
+
+  return config;
+}