Ip-cookie-audit NPM

ip-cookie-audit

Custom Lighthouse audits for cookies and tags.

An audit can be run for single or multiple URL's which generates a report and then saves this locally. Batch processing allows tracking of cookies and tags across a user journey.

Installation

npm i -g ip-cookie-audit

Usage

privacyaudit --config <pathToConfig> or npx ip-cookie-audit --config

To run a audit a config file must be created.

Config File

Basic config

{
  "journey": [
    {
      "url": "",
      "headers: {},
      "ignoreTags: []
    }, 
    {
      "url": ""
    }
  ],
  "headers": {},
  "ignoreTags": [],
  "domain": "",
  "collate": true
}

Key	Values	Usage	Required
journey	Array of Journey objects	A list of URL's for audit	Y
collate	Boolean	Report config	Y
domain	String	Product / domain being audited e.g. FT.com	Y
headers	Object	Headers can be set at top level to apply to all URL's, or specific to URL within journey objects	N
ignoreTags	Array of strings and/or RegEx	IgnoreTags can be set at top level to apply to all URL's or specific to URL	N
url	String	URL for Audit	Y

Journey object headers and ignoreTags will overide top level headers and ignoreTags.

ignoreTags

Tags are collected by tracking network requests and then filtering by domain. To filter out requests to known services e.g. fastly then a Regular Expression, or Keyword can be added to ignoreTags.

Example config file format

{
  "journey": [
    {
      "url": "https://www.ft.com/"
    },
    {
      "url": "https://www.ft.com/opinion",
      "headers": {
        "Cookie": "FTCookieConsentGDPR=true"
      },
      "ignoreTags": ["spoor", "origami", "fastly"]
    }
  ],
  "headers": {
    "ft-cookie-ftsession": [SESSION_TOKEN],
    "ft-cookie-ftsession-s": [SESSION_TOKEN],
    "fastly-debug": "1",
    "cookie": "FTCookieConsentGDPR=true"
  },

  "ignoreTags": ["fastly"],
  "domain": "ft.com",
  "collate": true
}

Reports

The default report is a collated report across all the URL's provided within the config.json file. The report will save under the following path:

./reports/report.json

Reports will overwriten each time command is run

privacyaudit --config <path>

This command shows a list of all cookies found by First and Third party, along with a list of all tags. The report does not provide a breakdown of cookies and tags per URL.

If you would like a report that provides a breakdown of cookies and tags by URL, there are two options.

To generate a report to show all cookies and tags found for each URL:

Through the config file
- by setting collate to false.

"collate": false

This report will not de-duplicate cookies across URL's.

To generate a report to show all unique cookies found for each subsequent URL:

Through the cli
- pass --unique flag when running an audit

privacyaudit --config <path> --unique

This report will de-duplicate cookies and tags across multiple URL's.

Flag	Example	Usage
-c --config	privacyaudit -- --config ./config.json	Run app with a config file
-u --unique	privacyaudit -- --unique --config PATH	Report including URL's with consecutive cookies and tags found with each subsequent URL
-s --silent	privacyaudit -- --silent --config PATH	Log errors, then continue.

If installing through git - please see here

commander directly lighthouse parse-domain rmdir

@infinitebrahmanuniverse/nolb-ip-@everything-registry/sub-chunk-1928

6 years ago

6 years ago

6 years ago

6 years ago

6 years ago