@omega-tracker/omg-abstract-strategy-plugin 0.0.1-security → 0.736.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of @omega-tracker/omg-abstract-strategy-plugin might be problematic. Click here for more details.

@@ -0,0 +1,61 @@
1
+ import { ITrackedEvent } from 'com/didichuxing/tracker/event/ITrackedEvent';
2
+
3
+ export default class DataQueueSet {
4
+ private static instance: DataQueueSet;
5
+ private arr: ITrackedEvent[] = [];
6
+
7
+ private constructor() {
8
+ }
9
+
10
+ public static getInstance(): DataQueueSet {
11
+ if (!DataQueueSet.instance) {
12
+ DataQueueSet.instance = new DataQueueSet();
13
+ }
14
+ return this.instance;
15
+ }
16
+
17
+ /**
18
+ * 是否重复
19
+ */
20
+ private uniq(value: ITrackedEvent): boolean {
21
+ let result = true;
22
+ this.arr.forEach((item) => {
23
+ if (value.getData().viewportId === item.getData().viewportId &&
24
+ value.getData().sequence === item.getData().sequence) {
25
+ result = false;
26
+ }
27
+ });
28
+ return result;
29
+ }
30
+
31
+ /**
32
+ * 添加
33
+ */
34
+ public add(value: ITrackedEvent): void {
35
+ if (this.uniq(value)) {
36
+ this.arr.push(value);
37
+ }
38
+ }
39
+
40
+ /**
41
+ * 是否为空
42
+ */
43
+ public empty(): boolean {
44
+ return this.arr.length === 0;
45
+ }
46
+
47
+ /**
48
+ * 删除所有
49
+ */
50
+ public removeAll(): void {
51
+ this.arr = [];
52
+ }
53
+
54
+ /**
55
+ * 返回数组
56
+ */
57
+ public getData(): ITrackedEvent[] {
58
+ return this.arr;
59
+ }
60
+
61
+ }
@@ -0,0 +1,61 @@
1
+ import { ITrackedEvent } from 'com/didichuxing/tracker/event/ITrackedEvent';
2
+
3
+ export default class DataQueueSet {
4
+ private static instance: DataQueueSet;
5
+ private arr: ITrackedEvent[] = [];
6
+
7
+ private constructor() {
8
+ }
9
+
10
+ public static getInstance(): DataQueueSet {
11
+ if (!DataQueueSet.instance) {
12
+ DataQueueSet.instance = new DataQueueSet();
13
+ }
14
+ return this.instance;
15
+ }
16
+
17
+ /**
18
+ * 是否重复
19
+ */
20
+ private uniq(value: ITrackedEvent): boolean {
21
+ let result = true;
22
+ this.arr.forEach((item) => {
23
+ if (value.getData().viewportId === item.getData().viewportId &&
24
+ value.getData().sequence === item.getData().sequence) {
25
+ result = false;
26
+ }
27
+ });
28
+ return result;
29
+ }
30
+
31
+ /**
32
+ * 添加
33
+ */
34
+ public add(value: ITrackedEvent): void {
35
+ if (this.uniq(value)) {
36
+ this.arr.push(value);
37
+ }
38
+ }
39
+
40
+ /**
41
+ * 是否为空
42
+ */
43
+ public empty(): boolean {
44
+ return this.arr.length === 0;
45
+ }
46
+
47
+ /**
48
+ * 删除所有
49
+ */
50
+ public removeAll(): void {
51
+ this.arr = [];
52
+ }
53
+
54
+ /**
55
+ * 返回数组
56
+ */
57
+ public getData(): ITrackedEvent[] {
58
+ return this.arr;
59
+ }
60
+
61
+ }
@@ -0,0 +1,22 @@
1
+ export default abstract class EncodeHash {
2
+ /**
3
+ * 对输入字符串进行Hash编码。
4
+ * @param {string} str
5
+ * @returns {number}
6
+ */
7
+ public static encodeHash(str: string): number {
8
+ let hash: number = 1315423911;
9
+ for (let i: number = 0, j: number = str.length; i < j; ++i) {
10
+ hash ^= ((hash << 5) + str.charCodeAt(i) + (hash >> 2));
11
+ }
12
+ return hash & 0x7FFFFFFF;
13
+ }
14
+
15
+ /**
16
+ * 输出增加tk的URL
17
+ * @param str
18
+ */
19
+ public static encodeHashUrl(str: string): string {
20
+ return `${ str }&tk=${ this.encodeHash(str) }`;
21
+ }
22
+ }
@@ -0,0 +1,70 @@
1
+ /**
2
+ * Copyright (c) 2018-present, Didi, Inc.
3
+ * All rights reserved.
4
+ *
5
+ * @author Cory(kuanghongrui@didichuxing.com)
6
+ *
7
+ * @file The class of GlobalUtil
8
+ */
9
+
10
+ export default abstract class GlobalUtil {
11
+ /**
12
+ * 当前页面是否加载完成
13
+ * @returns {boolean}
14
+ */
15
+ public static isLoaded(): boolean {
16
+ if (window.performance && window.performance.timing) { // 现代浏览器
17
+ return !!window.performance.timing.loadEventEnd;
18
+ } else { // 老式浏览器
19
+ return window.document.readyState === 'complete';
20
+ }
21
+ }
22
+
23
+ /**
24
+ * 是否空字符串
25
+ * @param str{string}
26
+ * @returns {boolean}
27
+ */
28
+ public static isEmptyString(str: string | undefined): boolean {
29
+ if (!str) {
30
+ return false;
31
+ }
32
+ let result = true;
33
+ if (Object.prototype.toString.call(str) !== '[object String]') {
34
+ result = false;
35
+ }
36
+ // \s 小写的s是,匹配任何空白字符,包括空格、制表符、换页符等等。等价于 [ \f\n\r\t\v]。
37
+ if (str.replace(/(^\s*)|(\s*$)/g, '').length === 0) {
38
+ result = false;
39
+ }
40
+ return result;
41
+ }
42
+
43
+ /**
44
+ * 设置OMG的日志
45
+ * @param str
46
+ */
47
+ public static dispatchOmgLog(str: string): void {
48
+ const mesageEvent: MessageEvent = document.createEvent('MessageEvent');
49
+ mesageEvent.initMessageEvent('omglog', false, false, str, '', '', window);
50
+ window.dispatchEvent(mesageEvent);
51
+ }
52
+
53
+ /**
54
+ * 判断当前应用的 scheme 是否为桌面环境
55
+ * @returns {boolean}
56
+ */
57
+ public static isDesktop(): boolean {
58
+ return window.location && window.location.protocol === 'file:';
59
+ }
60
+
61
+ /**
62
+ * 获取当前应使用的 protocol
63
+ * @returns {string}
64
+ */
65
+ public static getProtocol(): string {
66
+ // 20190618 lincal:应安全部要求,全面启用 https 协议
67
+ return 'https://';
68
+ // return GlobalUtil.isDesktop() ? 'https://' : '//';
69
+ }
70
+ }
@@ -0,0 +1,135 @@
1
+ /**
2
+ * Copyright (c) 2018-present, Didi, Inc.
3
+ * All rights reserved.
4
+ *
5
+ * @author Cory(kuanghongrui@didichuxing.com)
6
+ *
7
+ * @file The class of PluginUtils
8
+ */
9
+
10
+ export default abstract class PluginUtils {
11
+
12
+ /**
13
+ * page init上报策略插件名称。
14
+ * @type {string}
15
+ */
16
+ public static PLUGIN_NAME_PAGE_INIT: string = 'OMGH5PageInit-reporting-strategy-plugin';
17
+
18
+ /**
19
+ * page init上报策略插件名称。
20
+ * @type {string}
21
+ */
22
+ public static PLUGIN_NAME_OMGLOG: string = 'OMGH5Log-reporting-strategy-plugin';
23
+
24
+ /**
25
+ * page view上报策略插件名称。
26
+ * @type {string}
27
+ */
28
+ public static PLUGIN_NAME_PAGE_VIEW: string = 'OMGH5PageView-reporting-strategy-plugin';
29
+
30
+ /**
31
+ * page leave上报策略插件名称。
32
+ * @type {string}
33
+ */
34
+ public static PLUGIN_NAME_PAGE_LEAVE: string = 'OMGH5PageLeave-reporting-strategy-plugin';
35
+
36
+ /**
37
+ * received上报策略插件名称。
38
+ * @type {string}
39
+ */
40
+ public static PLUGIN_NAME_RECEIVED: string = 'OMGH5Received-reporting-strategy-plugin';
41
+
42
+ /**
43
+ * click上报策略插件名称。
44
+ * @type {string}
45
+ */
46
+ public static PLUGIN_NAME_CLICK: string = 'OMGH5Click-reporting-strategy-plugin';
47
+
48
+ /**
49
+ * js error上报策略插件名称。
50
+ * @type {string}
51
+ */
52
+ public static PLUGIN_NAME_JS_ERROR: string = 'OMGH5JsError-reporting-strategy-plugin';
53
+
54
+ /**
55
+ * 用户自定义上报错误事件插件名
56
+ * @type {string}
57
+ */
58
+ public static PLUGIN_NAME_ERROR: string = 'OMGH5Error-reporting-strategy-plugin';
59
+
60
+ /**
61
+ * 用户自定义埋点事件插件名
62
+ * @type {string}
63
+ */
64
+ public static PLUGIN_NAME_CUSTOM: string = 'OMGH5Custom-reporting-strategy-plugin';
65
+
66
+ /**
67
+ * 性能上报策略插件名称。
68
+ * @type {string}
69
+ */
70
+ public static PLUGIN_NAME_PERFORMANCE: string = 'OMGH5Performance-reporting-strategy-plugin';
71
+
72
+ /**
73
+ * 安全上报策略插件名称。
74
+ * @type {string}
75
+ */
76
+ public static PLUGIN_NAME_SAFETYPING: string = 'OMGH5SafeTyping-reporting-strategy-plugin';
77
+
78
+ /**
79
+ * page init event id
80
+ * @type {string}
81
+ */
82
+ public static EVENT_ID_PAGE_INIT: string = 'OMGH5PageInit';
83
+ /**
84
+ * page init event id
85
+ * @type {string}
86
+ */
87
+ public static EVENT_ID_OMG_LOG: string = 'OMGH5Log';
88
+
89
+ /**
90
+ * page view event id
91
+ * @type {string}
92
+ */
93
+ public static EVENT_ID_PAGE_VIEW: string = 'OMGH5PageView';
94
+
95
+ /**
96
+ * page leave event id
97
+ * @type {string}
98
+ */
99
+ public static EVENT_ID_PAGE_LEAVE: string = 'OMGH5PageLeave';
100
+
101
+ /**
102
+ * received event id
103
+ * @type {string}
104
+ */
105
+ public static EVENT_ID_RECEIVED: string = 'OMGH5Received';
106
+
107
+ /**
108
+ * click event id
109
+ * @type {string}
110
+ */
111
+ public static EVENT_ID_CLICK: string = 'OMGH5Click';
112
+
113
+ /**
114
+ * js error event id
115
+ * @type {string}
116
+ */
117
+ public static EVENT_ID_JS_ERROR: string = 'OMGH5JsError';
118
+
119
+ /**
120
+ * 用户自定义上报错误事件id
121
+ * @type {string}
122
+ */
123
+ public static EVENT_ID_ERROR: string = 'OMGH5Error';
124
+
125
+ /**
126
+ * 性能数据上报 事件id
127
+ * @type {string}
128
+ */
129
+ public static EVENT_ID_PERFORMANCE: string = 'OMGH5Performance';
130
+ /**
131
+ * 安全专项上报 事件id
132
+ * @type {string}
133
+ */
134
+ public static EVENT_ID_SAFETYPING: string = 'OMGSafeTyping';
135
+ }
@@ -0,0 +1,79 @@
1
+ export interface IReportCallbackArg {
2
+
3
+ /**
4
+ * 上报事件的名单。
5
+ * @readonly
6
+ */
7
+ readonly eventid: IReportableEventList | null;
8
+ }
9
+
10
+ export interface IReportableEventList {
11
+
12
+ /**
13
+ * 上报事件id
14
+ * 0为禁止上报,1为允许上报。
15
+ * @readonly
16
+ */
17
+ readonly [eventid: string]: number;
18
+ }
19
+
20
+ export default abstract class ReportCallbackUtil {
21
+
22
+ /**
23
+ * response回调方法挂载的对象名称。
24
+ * @type {string}
25
+ */
26
+ public static readonly OMG_CALLBACK_OBJ_NAME: string = '__OMG_CBKS__';
27
+
28
+ /**
29
+ * omega事件黑名单列表对象名称。
30
+ * @type {string}
31
+ */
32
+ public static readonly OMG_EVENT_BLACKLIST_NAME: string = '__OMG_EVENT_BLACKLIST__';
33
+
34
+ public static reportCallbackName(rawSerialized: string): string {
35
+ const cbObjName: string = ReportCallbackUtil.OMG_CALLBACK_OBJ_NAME;
36
+ const cbkMethodName: string = `_cbk${ new Date().getTime() }`;
37
+ rawSerialized = `${rawSerialized}&cbk=${ cbObjName }.${ cbkMethodName }`;
38
+ const self = this;
39
+ if ((window as any)[cbObjName]) {
40
+ (window as any)[cbObjName][cbkMethodName] = function() {
41
+ delete (window as any)[cbObjName][cbkMethodName];
42
+ self.reportCallback.apply(self, arguments);
43
+ };
44
+ } else {
45
+ (window as any)[cbObjName] = {
46
+ [cbkMethodName]: function() {
47
+ delete (window as any)[cbObjName][cbkMethodName];
48
+ self.reportCallback.apply(self, arguments);
49
+ }
50
+ };
51
+ }
52
+ return rawSerialized;
53
+ }
54
+ /**
55
+ * 上报后的回调。
56
+ * @param {IReportCallbackArg} cbArg
57
+ */
58
+ public static reportCallback(cbArg?: IReportCallbackArg): void {
59
+ const bn: string = ReportCallbackUtil.OMG_EVENT_BLACKLIST_NAME;
60
+ if (cbArg && cbArg.eventid) {
61
+ if (!(window as any)[bn]) {
62
+ (window as any)[bn] = [];
63
+ }
64
+ for (const prop in cbArg.eventid) {
65
+ if (cbArg.eventid[prop] === 0) { // event black list
66
+ if (((window as any)[bn] as string[]).indexOf(prop) < 0) {
67
+ // not existed
68
+ ((window as any)[bn] as string[]).push(prop);
69
+ }
70
+ } else { // event need to be removed from black list
71
+ const index: number = ((window as any)[bn] as string[]).indexOf(prop);
72
+ if (index >= 0) { // existed
73
+ ((window as any)[bn] as string[]).splice(index, 1);
74
+ }
75
+ }
76
+ }
77
+ }
78
+ }
79
+ }
@@ -0,0 +1,63 @@
1
+ /**
2
+ * Copyright (c) 2018-present, Didi, Inc.
3
+ * All rights reserved.
4
+ *
5
+ * @author Cory(kuanghongrui@didichuxing.com)
6
+ *
7
+ * @file The class of UUID
8
+ */
9
+
10
+ export default abstract class UUID {
11
+
12
+ /**
13
+ *
14
+ * @returns {string[]}
15
+ */
16
+ public static getByte2Hex(): string[] {
17
+ const byteToHex: string[] = [];
18
+ for (let i: number = 0; i < 256; ++i) {
19
+ byteToHex[i] = (i + 0x100).toString(16).substr(1);
20
+ }
21
+ return byteToHex;
22
+ }
23
+
24
+ /**
25
+ * bytes to uuid
26
+ * @param {number[]} buf
27
+ * @param {number} offset
28
+ * @returns {string}
29
+ */
30
+ public static bytesToUuid(buf: number[], offset?: number): string {
31
+ let i: number = offset || 0;
32
+ const bth: string[] = UUID.getByte2Hex();
33
+ // join used to fix memory issue caused by concatenation:
34
+ // https://bugs.chromium.org/p/v8/issues/detail?id=3175#c4
35
+ return ([bth[buf[i++]], bth[buf[i++]],
36
+ bth[buf[i++]], bth[buf[i++]], '-',
37
+ bth[buf[i++]], bth[buf[i++]], '-',
38
+ bth[buf[i++]], bth[buf[i++]], '-',
39
+ bth[buf[i++]], bth[buf[i++]], '-',
40
+ bth[buf[i++]], bth[buf[i++]],
41
+ bth[buf[i++]], bth[buf[i++]],
42
+ bth[buf[i++]], bth[buf[i++]]]).join('');
43
+ }
44
+
45
+ /**
46
+ * 生成伪UUID
47
+ * @returns {string}
48
+ */
49
+ public static get v4(): string {
50
+ const rnds: number[] = new Array(16);
51
+ let r: number = 0;
52
+ for (let i: number = 0; i < 16; ++i) {
53
+ if ((i & 0x03) === 0) {
54
+ r = Math.random() * 0x100000000;
55
+ }
56
+ rnds[i] = r >>> ((i & 0x03) << 3) & 0xff;
57
+ }
58
+ // Per 4.4, set bits for version and `clock_seq_hi_and_reserved`
59
+ rnds[6] = (rnds[6] & 0x0f) | 0x40;
60
+ rnds[8] = (rnds[8] & 0x3f) | 0x80;
61
+ return UUID.bytesToUuid(rnds);
62
+ }
63
+ }
package/README.md DELETED
@@ -1,5 +0,0 @@
1
- # Security holding package
2
-
3
- This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
4
-
5
- Please refer to www.npmjs.com/advisories?search=%40omega-tracker%2Fomg-abstract-strategy-plugin for more information.