@networkpro/web 1.14.2 → 1.15.0

package/CHANGELOG.md

@@ -22,6 +22,82 @@ This project attempts to follow [Keep a Changelog](https://keepachangelog.com/en
 
 ---
 
+## [1.15.0] - 2025-07-01
+
+### Added
+
+- `redirect.js` utility to handle browser-aware redirects with fallback logic for Firefox.
+- Unit test for `redirect.js` under `tests/unit/client/lib/utils/redirect.test.js`.
+- `/consultation` redirect route to `utm.js` UTM-tracking logic.
+- Redirect from `/foss` to `/foss-spotlight` in `_redirects`.
+- `scripts/testRedirect.js` to verify Netlify/SvelteKit trailing slash redirect behavior.
+- `test:redirects` script in package.json to trigger `scripts/testRedirects.js`
+- Logic to suppress `rel="noopener noreferrer"` on internal redirects in `HeaderHome.svelte` and `HeaderDefault.svelte`
+- `redirect` flag to navigation metadata to distinguish internal redirect behavior in `HeaderHome.svelte` and `HeaderDefault.svelte`
+
+### Changed
+
+- Bumped version to **v1.15.0**
+- Restructured unit tests:
+  - Moved `purify.test.js` to `tests/unit/client/lib/utils/`
+  - Moved `utm.test.js` to `tests/unit/client/lib/utils/`
+  - Moved `unregisterServiceWorker.test.js` to `tests/unit/client/lib/utils/`
+  - Moved `page.svelte.test.js` to `tests/unit/client/routes/`
+  - Moved `checkEnv.test.js`, `checkVersions.test.js`, and `csp-report.test.js` to `tests/unit/server/`
+  - Moved `auditCoverage.test.js` to `tests/unit/server/internal/`
+- Refactored `_redirects` file:
+  - Removed trailing slashes to match SvelteKit/Netlify conventions.
+- Updated `RedirectPage.svelte` to use `redirectWithBrowserAwareness()` for better cross-browser redirect behavior.
+- Refactored all relevant `+page.svelte` files to remove local redirect timeouts and centralize logic in `RedirectPage`.
+- Updated `vitest.config.client.js` and `vitest.config.server.js` to:
+  - Reflect new directory structure
+  - Properly assign `jsdom` for client-side tests and `node` for server-side tests
+- `/consultation`, `/contact`, `/links`, `/posts`, and `/privacy-rights` `+page.svelte` files updated to capture UTM parameters in a privacy-preserving manner.
+- Moved inline styles from `RedirectPage.svelte` to `src/lib/styles/css/default.css`, including `@keyframes spin` animation used by `.loading-spinner`
+- Removed unnecessary `rel` attribute from internal links in `AboutContent.svelte`, `LicenseContent.svelte`, and `PrivacyDashboard.svelte`
+- Updated project README with revised directory structure reflecting separate client/server test folders.
+- Upgraded dependencies:
+  - `globals` `^16.2.0` → `^16.3.0`
+
+### Fixed
+
+- Firefox-specific issue where delayed `window.location.replace()` triggered a new tab instead of redirecting in the same window — now handled by bypassing the delay in Firefox.
+- Prevented server-context tests from breaking due to `window` usage by scoping them to client-only environments.
+
+## Removed
+
+- `head:flatten` and `head:validate` scripts in package.json, as the `_headers` file has been deprecated
+
+---
+
+## [1.14.3] - 2025-06-30
+
+### Added
+
+- Manual event capture for redirect pages using PostHog, with automatic UTM parameter extraction
+- Utility function `getUTMParams` for parsing UTM query values from URLs
+- `trackingEnabled` named export from `trackingPreferences.js` for cleaner consumption
+
+### Changed
+
+- Bumped version to **v1.14.3**
+- Refactored redirect logic in multiple pages to integrate UTM-aware analytics
+- All redirect pages now consistently open in a new browser tab using `<a>` fallback
+- Enhanced `utm.js` logic to support campaign identification for `/contact`, `/links`, `/posts`, and `/privacy-rights`
+- Updated `generator` metadata in `app.html` to `SvelteKit 2.22.2`
+- Modified `HomeContent.svelte` to use app constant for blog link
+- Removed inline styles from redirect pages and integrated them into the main stylesheet
+- Renamed "Data Sharing" section in Privacy Policy to "Legal Requests and Data Disclosure"
+- Expanded the above section to strengthen users' legal rights and privacy protections
+- Updated Privacy Policy effective date to June 30, 2025
+
+### Fixed
+
+- Reinstated filtering logic in `csp-report.js` to suppress low-value or noisy CSP violations
+- Resolved `ReferenceError` in `utm.test.js` by reordering mocked imports for `$app/environment` and `$app/stores` to comply with Vitest's hoisting behavior
+
+---
+
 ## [1.14.2] - 2025-06-30
 
 ### Added
@@ -539,7 +615,8 @@ This project attempts to follow [Keep a Changelog](https://keepachangelog.com/en
 
 <!-- Link references -->
 
-[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.14.2...HEAD
+[Unreleased]: https://github.com/netwk-pro/netwk-pro.github.io/compare/v1.15.0...HEAD
+[1.15.0]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.15.0
 [1.14.2]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.14.2
 [1.14.1]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.14.1
 [1.14.0]: https://github.com/netwk-pro/netwk-pro.github.io/releases/tag/v1.14.0

package/README.md

@@ -92,10 +92,12 @@ This project follows the principles of [Keep a Changelog](https://keepachangelog
   │   ├── robots.txt                # SEO: allow/disallow crawlers
   │   └── sitemap.xml               # SEO: full site map
   ├── tests/
-  │   ├── e2e/                      # Playwright end-to-end tests
-  │   ├── internal/                 # Internal audit/test helpers
-  │   │   └── auditCoverage.test.js # Warns about untested source modules
-  │   └── unit/                     # Vitest unit tests
+  │   ├── e2e/                        # Playwright end-to-end tests
+  │   └── unit/                       # Vitest unit tests
+  │       ├── client/                 # Client-side (jsdom) unit tests
+  │       ├── server/                 # Server-side (node) unit tests
+  │       │   └── internal/           # Internal audit/test helpers
+  │       │       └── auditCoverage.test.js  # Warns about untested source modules
   ├── _redirects                    # Netlify redirect rules
   ├── CHANGELOG.md                  # Chronological record of notable project changes
   ├── netlify.toml                  # Netlify configuration

package/_redirects

@@ -3,13 +3,15 @@ https://www.netwk.pro/*     https://netwk.pro/:splat         301
 
 # Redirect /privacy-policy (and variants) to /privacy
 /privacy-policy             /privacy                         301
-/privacy-policy/            /privacy                         301
 /privacy-policy/*           /privacy/:splat                  301
 
 # Redirect /legal (and variants) to /license
 /legal                      /license                         301
-/legal/                     /license                         301
 /legal/*                    /license/:splat                  301
 
+# Redirect /foss (and variants) to /foss-spotlight
+/foss                       /foss-spotlight                  301
+/foss/*                     /foss-spotlight/:splat           301
+
 # Redirect for Netlify function proxy
 /api/*                      /.netlify/functions/:splat       200

package/cspell.json

@@ -37,6 +37,7 @@
     "lighthouserc",
     "lightningcss",
     "linksheet",
+    "linktree",
     "lsheet",
     "Mailvelope",
     "Maricopa",
@@ -59,6 +60,7 @@
     "obtainium",
     "openpgp",
     "opgp",
+    "pallyy",
     "posthog",
     "precaching",
     "prefs",

package/netlify/edge-functions/csp-report.js

@@ -43,20 +43,25 @@ export default async (request, _context) => {
     const violated = report['violated-directive'] ?? '';
     const blockedUri = report['blocked-uri'] ?? '';
 
-    /*
-    // Filter: Skip img-src violations and empty URIs
-      const ignored = [
-        violated.startsWith('img-src'),
-        blockedUri === '',
-        blockedUri === 'about',
-        blockedUri.startsWith('chrome-extension://'),
-        blockedUri.startsWith('moz-extension://'),
-      ].some(Boolean);
-
-      if (ignored) {
-        return new Response(null, { status: 204 });
-      }
-    */
+    // Filter: Skip noisy or unactionable reports
+    const ignored = [
+      violated.startsWith('img-src'),
+      blockedUri === '',
+      blockedUri === 'eval',
+      blockedUri === 'about',
+      blockedUri.startsWith('chrome-extension://'),
+      blockedUri.startsWith('moz-extension://'),
+      !report['source-file'],
+      !report['document-uri'],
+    ].some(Boolean);
+
+    if (ignored) {
+      console.log('[CSP-Edge] Ignored low-value violation:', {
+        directive: violated,
+        uri: blockedUri,
+      });
+      return new Response(null, { status: 204 });
+    }
 
     // Send alert for high-risk directives
     await sendToNtfy(violated, blockedUri, report);
@@ -97,7 +102,9 @@ async function sendToNtfy(violated, blockedUri, report) {
 
   const directiveKey = violated.split(' ')[0]; // strip fallback values or sources
   const isHighRisk = highRiskDirectives.includes(directiveKey);
-  console.log(`[CSP-Edge] Checking directive: ${directiveKey}`);
+  console.log(
+    `[CSP-Edge] Directive ${directiveKey} is ${isHighRisk ? '' : 'not '}high-risk`,
+  );
   if (!isHighRisk) return;
 
   const key = `${violated}|${blockedUri}`;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@networkpro/web",
   "private": false,
-  "version": "1.14.2",
+  "version": "1.15.0",
   "description": "Locking Down Networks, Unlocking Confidence™ | Security, Networking, Privacy — Network Pro Strategies",
   "keywords": [
     "advisory",
@@ -60,6 +60,7 @@
     "test:watch": "vitest --config vitest.config.client.js --watch",
     "test:coverage": "npm run test:client -- --run --coverage && npm run test:server -- --run --coverage",
     "test:e2e": "npx playwright test --retries=1",
+    "test:redirects": "node scripts/testRedirects.js",
     "coverage:client": "node scripts/openReport.js client",
     "coverage:server": "node scripts/openReport.js server",
     "coverage:open": "npm run coverage:client && npm run coverage:server",
@@ -74,8 +75,6 @@
     "lhci": "lhci",
     "lhci:run": "lhci autorun --config=.lighthouserc.cjs",
     "audit:coverage": "vitest run tests/internal/auditCoverage.test.js",
-    "head:flatten": "node scripts/flattenHeaders.js",
-    "head:validate": "node scripts/validateHeaders.js",
     "postinstall": "npm run check:node"
   },
   "dependencies": {
@@ -101,7 +100,7 @@
     "eslint-config-prettier": "^10.1.5",
     "eslint-plugin-jsdoc": "^51.3.1",
     "eslint-plugin-svelte": "^3.10.1",
-    "globals": "^16.2.0",
+    "globals": "^16.3.0",
     "jsdom": "^26.1.0",
     "lightningcss": "^1.30.1",
     "markdownlint": "^0.38.0",

package/scripts/testRedirects.js

@@ -0,0 +1,84 @@
+/* ==========================================================================
+scripts/testRedirects.js
+
+Copyright © 2025 Network Pro Strategies (Network Pro™)
+SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
+This file is part of Network Pro.
+========================================================================== */
+
+/**
+ * @file testRedirects.js
+ * @description Tests Netlify redirects against actual endpoints to verify
+ * trailing-slash behavior.
+ *
+ * @module scripts/
+ * @author SunDevil311
+ * @updated 2025-07-01
+ */
+
+import https from 'https';
+import { URL } from 'url';
+
+/**
+ * @typedef {object} RedirectTest
+ * @property {string} from - The source URL to test.
+ * @property {string} to - The expected destination URL.
+ */
+
+/** @type {RedirectTest[]} */
+const urls = [
+  { from: 'https://netwk.pro/privacy-policy', to: 'https://netwk.pro/privacy' },
+  {
+    from: 'https://netwk.pro/privacy-policy/',
+    to: 'https://netwk.pro/privacy',
+  },
+  { from: 'https://netwk.pro/foss', to: 'https://netwk.pro/foss-spotlight' },
+  { from: 'https://netwk.pro/foss/', to: 'https://netwk.pro/foss-spotlight' },
+  {
+    from: 'https://www.netwk.pro/foss',
+    to: 'https://netwk.pro/foss-spotlight',
+  },
+];
+
+/**
+ * Tests a single redirect by making a GET request and checking the status code and location header.
+ * @param {RedirectTest} redirect - The redirect configuration to test.
+ * @returns {Promise<boolean>} - Resolves to true if the redirect is correct, false otherwise.
+ */
+function testRedirect({ from, to }) {
+  return new Promise((resolve) => {
+    const req = https.request(new URL(from), { method: 'GET' }, (res) => {
+      const location = res.headers.location;
+      const expectedPath = new URL(to).pathname;
+
+      if (res.statusCode === 301 && location === expectedPath) {
+        console.log(`✅ ${from} → ${location}`);
+        resolve(true);
+      } else {
+        console.error(
+          `❌ ${from} → Expected 301 to ${expectedPath}, got ${res.statusCode} to ${location}`,
+        );
+        resolve(false);
+      }
+    });
+
+    req.on('error', (err) => {
+      console.error(`❌ ${from} → Network error: ${err.message}`);
+      resolve(false);
+    });
+
+    req.end();
+  });
+}
+
+/**
+ * Runs all redirect tests and exits the process with a status code reflecting success or failure.
+ * @returns {Promise<void>}
+ */
+const runTests = async () => {
+  const results = await Promise.all(urls.map(testRedirect));
+  const failed = results.filter((r) => !r).length;
+  process.exit(failed > 0 ? 1 : 0);
+};
+
+runTests();

package/src/app.html

@@ -63,7 +63,7 @@
       content="bx4ham0zkpvzztzu213bhpt76m9siq" />
     <!-- cspell:enable -->
 
-    <meta name="generator" content="SvelteKit 2.21.5" />
+    <meta name="generator" content="SvelteKit 2.22.2" />
 
     <script src="/disableSw.js"></script>
 

package/src/lib/components/RedirectPage.svelte

@@ -8,6 +8,7 @@ This file is part of Network Pro.
 
 <script>
   import { onMount } from 'svelte';
+  import { redirectWithBrowserAwareness } from '$lib/utils/redirect.js';
   import FullWidthSection from '$lib/components/FullWidthSection.svelte';
 
   export let to;
@@ -15,16 +16,7 @@ This file is part of Network Pro.
   export let delay = 3;
 
   onMount(() => {
-    if (!to) {
-      console.warn('⛔ No redirect target provided');
-      return;
-    }
-
-    console.log('✅ Starting redirect to:', to);
-
-    setTimeout(() => {
-      window.location.href = to;
-    }, delay * 1000);
+    redirectWithBrowserAwareness(to, delay);
   });
 </script>
 
@@ -47,27 +39,3 @@ This file is part of Network Pro.
 </FullWidthSection>
 
 <!-- END MAIN CONTENT -->
-
-<style>
-  .redirect-content {
-    text-align: center;
-    font-family: system-ui, sans-serif;
-    margin-top: 2rem; /* adjust as needed */
-  }
-
-  .loading-spinner {
-    width: 48px;
-    height: 48px;
-    margin: 2rem auto;
-    border: 4px solid #ddd;
-    animation: spin 1s linear infinite;
-    border-radius: 50%;
-    border-top: 4px solid #ffc627;
-  }
-
-  @keyframes spin {
-    to {
-      transform: rotate(360deg);
-    }
-  }
-</style>

package/src/lib/components/layout/HeaderDefault.svelte

@@ -22,6 +22,8 @@ This file is part of Network Pro.
   const lhubLink = `${base}/links`;
   const fossLink = `${base}/foss-spotlight`;
   const blogLink = 'https://blog.netwk.pro';
+  const discussLink =
+    'https://github.com/netwk-pro/netwk-pro.github.io/discussions';
 
   /**
    * Navigation link object.
@@ -30,6 +32,7 @@ This file is part of Network Pro.
    * @property {string} href - The URL or anchor the link points to.
    * @property {string} target - Specifies where to open the link (e.g., "_self" or "_blank").
    * @property {boolean} external - Whether the link points to an external resource.
+   * @property {boolean} [redirect=false] - Indicates whether the external link is actually an internal redirect.
    */
 
   /**
@@ -48,15 +51,17 @@ This file is part of Network Pro.
     },
     {
       label: 'discussions',
-      href: 'https://github.com/netwk-pro/netwk-pro.github.io/discussions',
+      href: discussLink,
       target: PAGE.BLANK,
       external: true,
+      redirect: false,
     },
     {
       label: 'link hub',
       href: lhubLink,
       target: PAGE.BLANK,
       external: true,
+      redirect: true,
     },
   ];
 
@@ -69,8 +74,8 @@ This file is part of Network Pro.
 
 <!-- BEGIN DEFAULT HEADER -->
 <nav class="center-nav" aria-label="Site navigation">
-  {#each nav as { label, href, target, external }, index}
-    <a {href} {target} rel={external ? rel : undefined}>
+  {#each nav as { label, href, target, external, redirect }, index}
+    <a {href} {target} rel={!redirect && external ? rel : undefined}>
       {label}
     </a>
     {#if external}

package/src/lib/components/layout/HeaderHome.svelte

@@ -21,6 +21,8 @@ This file is part of Network Pro.
   const fossLink = `${base}/foss-spotlight`;
   const lhubLink = `${base}/links`;
   const blogLink = 'https://blog.netwk.pro';
+  const discussLink =
+    'https://github.com/netwk-pro/netwk-pro.github.io/discussions';
 
   /**
    * Navigation link object.
@@ -29,6 +31,7 @@ This file is part of Network Pro.
    * @property {string} href - The URL or anchor the link points to.
    * @property {string} target - Specifies where to open the link (e.g., "_self" or "_blank").
    * @property {boolean} external - Whether the link points to an external resource.
+   * @property {boolean} [redirect=false] - Indicates whether the external link is actually an internal redirect.
    */
 
   /**
@@ -46,15 +49,17 @@ This file is part of Network Pro.
     },
     {
       label: 'discussions',
-      href: 'https://github.com/netwk-pro/netwk-pro.github.io/discussions',
+      href: discussLink,
       target: PAGE.BLANK,
       external: true,
+      redirect: false,
     },
     {
       label: 'link hub',
       href: lhubLink,
       target: PAGE.BLANK,
       external: true,
+      redirect: true,
     },
   ];
 
@@ -67,8 +72,8 @@ This file is part of Network Pro.
 
 <!-- BEGIN HOME HEADER -->
 <nav class="center-nav" aria-label="Homepage navigation">
-  {#each nav as { label, href, target, external }, index}
-    <a {href} {target} rel={external ? rel : undefined}>
+  {#each nav as { label, href, target, external, redirect }, index}
+    <a {href} {target} rel={!redirect && external ? rel : undefined}>
       {label}
     </a>
     {#if external}

package/src/lib/pages/AboutContent.svelte

@@ -217,7 +217,7 @@ This file is part of Network Pro.
 <div class="spacer"></div>
 
 <p>
-  <a rel={PAGE.REL} href={contactLink} target={PAGE.BLANK}>Let's connect</a>
+  <a href={contactLink} target={PAGE.BLANK}>Let's connect</a>
   to discuss how we can help secure and strengthen your business today.
 </p>
 

package/src/lib/pages/HomeContent.svelte

@@ -15,7 +15,7 @@ This file is part of Network Pro.
 
   //console.log(CONSTANTS.COMPANY_INFO.APP_NAME);
 
-  const { COMPANY_INFO, PAGE, NAV } = CONSTANTS;
+  const { COMPANY_INFO, LINKS, PAGE, NAV } = CONSTANTS;
 
   /**
    * URL to the FOSS Spotlight page, using the base path
@@ -23,12 +23,6 @@ This file is part of Network Pro.
    */
   const spotlightLink = `${base}/foss-spotlight`;
 
-  /**
-   * URL to the external blog
-   * @type {string}
-   */
-  const blogLink = 'https://blog.netwk.pro';
-
   /**
    * CSS class for the index headings.
    * @type {string}
@@ -69,7 +63,7 @@ This file is part of Network Pro.
   📡
   <em>
     <strong>Stay informed:</strong> Follow our
-    <a href={blogLink} target={PAGE.SELF}>blog</a>
+    <a href={LINKS.BLOG} target={PAGE.SELF}>blog</a>
     and social channels for actionable insights, implementation guides, and the latest
     cybersecurity developments.
   </em>
@@ -81,7 +75,7 @@ This file is part of Network Pro.
 
 <p class={classLarge}>
   <strong>
-    <a href={blogLink} target={PAGE.SELF}>{COMPANY_INFO.APP_NAME} Blog</a>
+    <a href={LINKS.BLOG} target={PAGE.SELF}>{COMPANY_INFO.APP_NAME} Blog</a>
   </strong>
 </p>
 

package/src/lib/pages/LicenseContent.svelte

@@ -487,8 +487,7 @@ This file is part of Network Pro.
     {:else if link.id === 'contact'}
       <p>
         The Company can be contacted via our
-        <a rel={PAGE.REL} href={contactLink} target={PAGE.BLANK}
-          >Contact Form</a>
+        <a href={contactLink} target={PAGE.BLANK}>Contact Form</a>
         or by email at:<br />
         📧 <strong>{CONTACT.EMAIL}</strong>
       </p>