@omega-tracker/omg-abstract-strategy-plugin 0.0.1-security → 1.736.0

package/src/com/didichuxing/tracker/plugin/reportor/DataQueueSet.ts

@@ -0,0 +1,61 @@
+import { ITrackedEvent } from 'com/didichuxing/tracker/event/ITrackedEvent';
+
+export default class DataQueueSet {
+  private static instance: DataQueueSet;
+  private arr: ITrackedEvent[] = [];
+
+  private constructor() {
+  }
+
+  public static getInstance(): DataQueueSet {
+    if (!DataQueueSet.instance) {
+      DataQueueSet.instance = new DataQueueSet();
+    }
+    return this.instance;
+  }
+
+  /**
+   * 是否重复
+   */
+  private uniq(value: ITrackedEvent): boolean {
+    let result = true;
+    this.arr.forEach((item) => {
+      if (value.getData().viewportId === item.getData().viewportId &&
+        value.getData().sequence === item.getData().sequence) {
+        result = false;
+      }
+    });
+    return result;
+  }
+
+  /**
+   * 添加
+   */
+  public add(value: ITrackedEvent): void {
+    if (this.uniq(value)) {
+      this.arr.push(value);
+    }
+  }
+
+  /**
+   * 是否为空
+   */
+  public empty(): boolean {
+    return this.arr.length === 0;
+  }
+
+  /**
+   * 删除所有
+   */
+  public removeAll(): void {
+    this.arr = [];
+  }
+
+  /**
+   * 返回数组
+   */
+  public getData(): ITrackedEvent[] {
+    return this.arr;
+  }
+
+}

package/src/com/didichuxing/tracker/plugin/reportor/PostEventReportor.ts

@@ -0,0 +1,61 @@
+import { ITrackedEvent } from 'com/didichuxing/tracker/event/ITrackedEvent';
+
+export default class DataQueueSet {
+  private static instance: DataQueueSet;
+  private arr: ITrackedEvent[] = [];
+
+  private constructor() {
+  }
+
+  public static getInstance(): DataQueueSet {
+    if (!DataQueueSet.instance) {
+      DataQueueSet.instance = new DataQueueSet();
+    }
+    return this.instance;
+  }
+
+  /**
+   * 是否重复
+   */
+  private uniq(value: ITrackedEvent): boolean {
+    let result = true;
+    this.arr.forEach((item) => {
+      if (value.getData().viewportId === item.getData().viewportId &&
+        value.getData().sequence === item.getData().sequence) {
+        result = false;
+      }
+    });
+    return result;
+  }
+
+  /**
+   * 添加
+   */
+  public add(value: ITrackedEvent): void {
+    if (this.uniq(value)) {
+      this.arr.push(value);
+    }
+  }
+
+  /**
+   * 是否为空
+   */
+  public empty(): boolean {
+    return this.arr.length === 0;
+  }
+
+  /**
+   * 删除所有
+   */
+  public removeAll(): void {
+    this.arr = [];
+  }
+
+  /**
+   * 返回数组
+   */
+  public getData(): ITrackedEvent[] {
+    return this.arr;
+  }
+
+}

package/src/com/didichuxing/tracker/plugin/utils/EncodeHash.ts

@@ -0,0 +1,22 @@
+export default abstract class EncodeHash {
+  /**
+   * 对输入字符串进行Hash编码。
+   * @param {string} str
+   * @returns {number}
+   */
+  public static encodeHash(str: string): number {
+    let hash: number = 1315423911;
+    for (let i: number = 0, j: number = str.length; i < j; ++i) {
+      hash ^= ((hash << 5) + str.charCodeAt(i) + (hash >> 2));
+    }
+    return hash & 0x7FFFFFFF;
+  }
+
+  /**
+   * 输出增加tk的URL
+   * @param str
+   */
+  public static encodeHashUrl(str: string): string {
+    return `${ str }&tk=${ this.encodeHash(str) }`;
+  }
+}

package/src/com/didichuxing/tracker/plugin/utils/GlobalUtil.ts

@@ -0,0 +1,70 @@
+/**
+ * Copyright (c) 2018-present, Didi, Inc.
+ * All rights reserved.
+ *
+ * @author Cory(kuanghongrui@didichuxing.com)
+ *
+ * @file The class of GlobalUtil
+ */
+
+export default abstract class GlobalUtil {
+  /**
+   * 当前页面是否加载完成
+   * @returns {boolean}
+   */
+  public static isLoaded(): boolean {
+    if (window.performance && window.performance.timing) { // 现代浏览器
+      return !!window.performance.timing.loadEventEnd;
+    } else { // 老式浏览器
+      return window.document.readyState === 'complete';
+    }
+  }
+
+  /**
+   * 是否空字符串
+   * @param str{string}
+   * @returns {boolean}
+   */
+  public static isEmptyString(str: string | undefined): boolean {
+    if (!str) {
+      return false;
+    }
+    let result = true;
+    if (Object.prototype.toString.call(str) !== '[object String]') {
+      result = false;
+    }
+    // \s 小写的s是，匹配任何空白字符，包括空格、制表符、换页符等等。等价于 [ \f\n\r\t\v]。
+    if (str.replace(/(^\s*)|(\s*$)/g, '').length === 0) {
+      result = false;
+    }
+    return result;
+  }
+
+  /**
+   * 设置OMG的日志
+   * @param str
+   */
+  public static dispatchOmgLog(str: string): void {
+    const mesageEvent: MessageEvent = document.createEvent('MessageEvent');
+    mesageEvent.initMessageEvent('omglog', false, false, str, '', '', window);
+    window.dispatchEvent(mesageEvent);
+  }
+
+  /**
+   * 判断当前应用的 scheme 是否为桌面环境
+   * @returns {boolean}
+   */
+  public static isDesktop(): boolean {
+    return window.location && window.location.protocol === 'file:';
+  }
+
+  /**
+   * 获取当前应使用的 protocol
+   * @returns {string}
+   */
+  public static getProtocol(): string {
+    // 20190618 lincal：应安全部要求，全面启用 https 协议
+    return 'https://';
+    // return GlobalUtil.isDesktop() ? 'https://' : '//';
+  }
+}

package/src/com/didichuxing/tracker/plugin/utils/PluginUtils.ts

@@ -0,0 +1,135 @@
+/**
+ * Copyright (c) 2018-present, Didi, Inc.
+ * All rights reserved.
+ *
+ * @author Cory(kuanghongrui@didichuxing.com)
+ *
+ * @file The class of PluginUtils
+ */
+
+export default abstract class PluginUtils {
+
+  /**
+   * page init上报策略插件名称。
+   * @type {string}
+   */
+  public static PLUGIN_NAME_PAGE_INIT: string = 'OMGH5PageInit-reporting-strategy-plugin';
+
+  /**
+   * page init上报策略插件名称。
+   * @type {string}
+   */
+  public static PLUGIN_NAME_OMGLOG: string = 'OMGH5Log-reporting-strategy-plugin';
+
+  /**
+   * page view上报策略插件名称。
+   * @type {string}
+   */
+  public static PLUGIN_NAME_PAGE_VIEW: string = 'OMGH5PageView-reporting-strategy-plugin';
+
+  /**
+   * page leave上报策略插件名称。
+   * @type {string}
+   */
+  public static PLUGIN_NAME_PAGE_LEAVE: string = 'OMGH5PageLeave-reporting-strategy-plugin';
+
+  /**
+   * received上报策略插件名称。
+   * @type {string}
+   */
+  public static PLUGIN_NAME_RECEIVED: string = 'OMGH5Received-reporting-strategy-plugin';
+
+  /**
+   * click上报策略插件名称。
+   * @type {string}
+   */
+  public static PLUGIN_NAME_CLICK: string = 'OMGH5Click-reporting-strategy-plugin';
+
+  /**
+   * js error上报策略插件名称。
+   * @type {string}
+   */
+  public static PLUGIN_NAME_JS_ERROR: string = 'OMGH5JsError-reporting-strategy-plugin';
+
+  /**
+   * 用户自定义上报错误事件插件名
+   * @type {string}
+   */
+  public static PLUGIN_NAME_ERROR: string = 'OMGH5Error-reporting-strategy-plugin';
+
+  /**
+   * 用户自定义埋点事件插件名
+   * @type {string}
+   */
+  public static PLUGIN_NAME_CUSTOM: string = 'OMGH5Custom-reporting-strategy-plugin';
+
+  /**
+   * 性能上报策略插件名称。
+   * @type {string}
+   */
+  public static PLUGIN_NAME_PERFORMANCE: string = 'OMGH5Performance-reporting-strategy-plugin';
+
+  /**
+   * 安全上报策略插件名称。
+   * @type {string}
+   */
+  public static PLUGIN_NAME_SAFETYPING: string = 'OMGH5SafeTyping-reporting-strategy-plugin';
+
+  /**
+   * page init event id
+   * @type {string}
+   */
+  public static EVENT_ID_PAGE_INIT: string = 'OMGH5PageInit';
+  /**
+   * page init event id
+   * @type {string}
+   */
+  public static EVENT_ID_OMG_LOG: string = 'OMGH5Log';
+
+  /**
+   * page view event id
+   * @type {string}
+   */
+  public static EVENT_ID_PAGE_VIEW: string = 'OMGH5PageView';
+
+  /**
+   * page leave event id
+   * @type {string}
+   */
+  public static EVENT_ID_PAGE_LEAVE: string = 'OMGH5PageLeave';
+
+  /**
+   * received event id
+   * @type {string}
+   */
+  public static EVENT_ID_RECEIVED: string = 'OMGH5Received';
+
+  /**
+   * click event id
+   * @type {string}
+   */
+  public static EVENT_ID_CLICK: string = 'OMGH5Click';
+
+  /**
+   * js error event id
+   * @type {string}
+   */
+  public static EVENT_ID_JS_ERROR: string = 'OMGH5JsError';
+
+  /**
+   * 用户自定义上报错误事件id
+   * @type {string}
+   */
+  public static EVENT_ID_ERROR: string = 'OMGH5Error';
+
+  /**
+   * 性能数据上报 事件id
+   * @type {string}
+   */
+  public static EVENT_ID_PERFORMANCE: string = 'OMGH5Performance';
+  /**
+   * 安全专项上报 事件id
+   * @type {string}
+   */
+  public static EVENT_ID_SAFETYPING: string = 'OMGSafeTyping';
+}

package/src/com/didichuxing/tracker/plugin/utils/ReportCallbackUtil.ts

@@ -0,0 +1,79 @@
+export interface IReportCallbackArg {
+
+  /**
+   * 上报事件的名单。
+   * @readonly
+   */
+  readonly eventid: IReportableEventList | null;
+}
+
+export interface IReportableEventList {
+
+  /**
+   * 上报事件id
+   * 0为禁止上报，1为允许上报。
+   * @readonly
+   */
+  readonly [eventid: string]: number;
+}
+
+export default abstract class ReportCallbackUtil {
+
+  /**
+   * response回调方法挂载的对象名称。
+   * @type {string}
+   */
+  public static readonly OMG_CALLBACK_OBJ_NAME: string = '__OMG_CBKS__';
+
+  /**
+   * omega事件黑名单列表对象名称。
+   * @type {string}
+   */
+  public static readonly OMG_EVENT_BLACKLIST_NAME: string = '__OMG_EVENT_BLACKLIST__';
+
+  public static reportCallbackName(rawSerialized: string): string {
+    const cbObjName: string = ReportCallbackUtil.OMG_CALLBACK_OBJ_NAME;
+    const cbkMethodName: string = `_cbk${ new Date().getTime() }`;
+    rawSerialized = `${rawSerialized}&cbk=${ cbObjName }.${ cbkMethodName }`;
+    const self = this;
+    if ((window as any)[cbObjName]) {
+      (window as any)[cbObjName][cbkMethodName] = function() {
+        delete (window as any)[cbObjName][cbkMethodName];
+        self.reportCallback.apply(self, arguments);
+      };
+    } else {
+      (window as any)[cbObjName] = {
+        [cbkMethodName]: function() {
+          delete (window as any)[cbObjName][cbkMethodName];
+          self.reportCallback.apply(self, arguments);
+        }
+      };
+    }
+    return rawSerialized;
+  }
+  /**
+   * 上报后的回调。
+   * @param {IReportCallbackArg} cbArg
+   */
+  public static reportCallback(cbArg?: IReportCallbackArg): void {
+    const bn: string = ReportCallbackUtil.OMG_EVENT_BLACKLIST_NAME;
+    if (cbArg && cbArg.eventid) {
+      if (!(window as any)[bn]) {
+        (window as any)[bn] = [];
+      }
+      for (const prop in cbArg.eventid) {
+        if (cbArg.eventid[prop] === 0) { // event black list
+          if (((window as any)[bn] as string[]).indexOf(prop) < 0) {
+            // not existed
+            ((window as any)[bn] as string[]).push(prop);
+          }
+        } else { // event need to be removed from black list
+          const index: number = ((window as any)[bn] as string[]).indexOf(prop);
+          if (index >= 0) { // existed
+            ((window as any)[bn] as string[]).splice(index, 1);
+          }
+        }
+      }
+    }
+  }
+}

package/src/com/didichuxing/tracker/plugin/utils/UUID.ts

@@ -0,0 +1,63 @@
+/**
+ * Copyright (c) 2018-present, Didi, Inc.
+ * All rights reserved.
+ *
+ * @author Cory(kuanghongrui@didichuxing.com)
+ *
+ * @file The class of UUID
+ */
+
+export default abstract class UUID {
+
+  /**
+   *
+   * @returns {string[]}
+   */
+  public static getByte2Hex(): string[] {
+    const byteToHex: string[] = [];
+    for (let i: number = 0; i < 256; ++i) {
+      byteToHex[i] = (i + 0x100).toString(16).substr(1);
+    }
+    return byteToHex;
+  }
+
+  /**
+   * bytes to uuid
+   * @param {number[]} buf
+   * @param {number} offset
+   * @returns {string}
+   */
+  public static bytesToUuid(buf: number[], offset?: number): string {
+    let i: number = offset || 0;
+    const bth: string[] = UUID.getByte2Hex();
+    // join used to fix memory issue caused by concatenation:
+    // https://bugs.chromium.org/p/v8/issues/detail?id=3175#c4
+    return ([bth[buf[i++]], bth[buf[i++]],
+      bth[buf[i++]], bth[buf[i++]], '-',
+      bth[buf[i++]], bth[buf[i++]], '-',
+      bth[buf[i++]], bth[buf[i++]], '-',
+      bth[buf[i++]], bth[buf[i++]], '-',
+      bth[buf[i++]], bth[buf[i++]],
+      bth[buf[i++]], bth[buf[i++]],
+      bth[buf[i++]], bth[buf[i++]]]).join('');
+  }
+
+  /**
+   * 生成伪UUID
+   * @returns {string}
+   */
+  public static get v4(): string {
+    const rnds: number[] = new Array(16);
+    let r: number = 0;
+    for (let i: number = 0; i < 16; ++i) {
+      if ((i & 0x03) === 0) {
+        r = Math.random() * 0x100000000;
+      }
+      rnds[i] = r >>> ((i & 0x03) << 3) & 0xff;
+    }
+    // Per 4.4, set bits for version and `clock_seq_hi_and_reserved`
+    rnds[6] = (rnds[6] & 0x0f) | 0x40;
+    rnds[8] = (rnds[8] & 0x3f) | 0x80;
+    return UUID.bytesToUuid(rnds);
+  }
+}

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=%40omega-tracker%2Fomg-abstract-strategy-plugin for more information.