UNPKG

@snowplow/javascript-tracker

Version:

Web analytics for Snowplow

bit.ly/sp-js

snowplow/snowplow-javascript-tracker

265 lines (239 loc) 11.5 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
# Copyright (c) 2021 Snowplow Analytics Ltd, 2010 Anthon Pang # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are met: # # 1. Redistributions of source code must retain the above copyright notice, this # list of conditions and the following disclaimer. # # 2. Redistributions in binary form must reproduce the above copyright notice, # this list of conditions and the following disclaimer in the documentation # and/or other materials provided with the distribution. # # 3. Neither the name of the copyright holder nor the names of its # contributors may be used to endorse or promote products derived from # this software without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE # DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR # SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER # CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, # OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # This file (application.conf.example) contains a template with # configuration options for the Scala Stream Collector. # # To use, copy this to 'application.conf' and modify the configuration options. # 'collector' contains configuration options for the main Scala collector. collector { # The collector runs as a web service specified on the following interface and port. interface = "0.0.0.0" port = "9090" # optional SSL/TLS configuration ssl { enable = false # whether to redirect HTTP to HTTPS redirect = false port = 9543 } # The collector responds with a cookie to requests with a path that matches the 'vendor/version' protocol. # The expected values are: # - com.snowplowanalytics.snowplow/tp2 for Tracker Protocol 2 # - r/tp2 for redirects # - com.snowplowanalytics.iglu/v1 for the Iglu Webhook # Any path that matches the 'vendor/version' protocol will result in a cookie response, for use by custom webhooks # downstream of the collector. # But you can also map any valid (i.e. two-segment) path to one of the three defaults. # Your custom path must be the key and the value must be one of the corresponding default paths. Both must be full # valid paths starting with a leading slash. # Pass in an empty map to avoid mapping. paths { # "/com.acme/track" = "/com.snowplowanalytics.snowplow/tp2" # "/com.acme/redirect" = "/r/tp2" # "/com.acme/iglu" = "/com.snowplowanalytics.iglu/v1" } # Configure the P3P policy header. p3p { policyRef = "/w3c/p3p.xml" CP = "NOI DSP COR NID PSA OUR IND COM NAV STA" } # Cross domain policy configuration. # If "enabled" is set to "false", the collector will respond with a 404 to the /crossdomain.xml # route. crossDomain { enabled = false # Domains that are granted access, *.acme.com will match http://acme.com and http://sub.acme.com domains = [ "*" ] # Whether to only grant access to HTTPS or both HTTPS and HTTP sources secure = true } # The collector returns a cookie to clients for user identification # with the following domain and expiration. cookie { enabled = true expiration = "365 days" # Network cookie name name = "micro" # The domain is optional and will make the cookie accessible to other # applications on the domain. Comment out these lines to tie cookies to # the collector's full domain. # The domain is determined by matching the domains from the Origin header of the request # to the list below. The first match is used. If no matches are found, the fallback domain will be used, # if configured. # If you specify a main domain, all subdomains on it will be matched. # If you specify a subdomain, only that subdomain will be matched. # Examples: # domain.com will match domain.com, www.domain.com and secure.client.domain.com # client.domain.com will match secure.client.domain.com but not domain.com or www.domain.com domains = [ # "{{cookieDomain1}}" # e.g. "domain.com" -> any origin domain ending with this will be matched and domain.com will be returned # "{{cookieDomain2}}" # e.g. "secure.anotherdomain.com" -> any origin domain ending with this will be matched and secure.anotherdomain.com will be returned # ... more domains ] # ... more domains # If specified, the fallback domain will be used if none of the Origin header hosts matches the list of # cookie domains configured above. (For example, if there is no Origin header.) # fallback-domain = "{{fallbackDomain}}" secure = false httpOnly = false # The sameSite is optional. You can choose to not specify the attribute, or you can use `Strict`, # `Lax` or `None` to limit the cookie sent context. # Strict: the cookie will only be sent along with "same-site" requests. # Lax: the cookie will be sent with same-site requests, and with cross-site top-level navigation. # None: the cookie will be sent with same-site and cross-site requests. # sameSite = "{{cookieSameSite}}" } # If you have a do not track cookie in place, the Scala Stream Collector can respect it by # completely bypassing the processing of an incoming request carrying this cookie, the collector # will simply reply by a 200 saying "do not track". # The cookie name and value must match the configuration below, where the names of the cookies must # match entirely and the value could be a regular expression. doNotTrackCookie { enabled = false name = "foo" value = "bar" } # When enabled and the cookie specified above is missing, performs a redirect to itself to check # if third-party cookies are blocked using the specified name. If they are indeed blocked, # fallbackNetworkId is used instead of generating a new random one. cookieBounce { enabled = false # The name of the request parameter which will be used on redirects checking that third-party # cookies work. name = "n3pc" # Network user id to fallback to when third-party cookies are blocked. fallbackNetworkUserId = "00000000-0000-4000-A000-000000000000" # Optionally, specify the name of the header containing the originating protocol for use in the # bounce redirect location. Use this if behind a load balancer that performs SSL termination. # The value of this header must be http or https. Example, if behind an AWS Classic ELB. # forwardedProtocolHeader = "X-Forwarded-Proto" } # When enabled, redirect prefix `r/` will be enabled and its query parameters resolved. # Otherwise the request prefixed with `r/` will be dropped with `404 Not Found` # Custom redirects configured in `paths` can still be used. # enableDefaultRedirect = true # When enabled, the redirect url passed via the `u` query parameter is scanned for a placeholder # token. All instances of that token are replaced withe the network ID. If the placeholder isn't # specified, the default value is `${SP_NUID}`. redirectMacro { enabled = false # Optional custom placeholder token (defaults to the literal `${SP_NUID}`) placeholder = "[TOKEN]" } # Customize response handling for requests for the root path ("/"). # Useful if you need to redirect to web content or privacy policies regarding the use of this collector. rootResponse { enabled = false statusCode = 302 # Optional, defaults to empty map headers = { Location = "https://127.0.0.1/", X-Custom = "something" } # Optional, defaults to empty string body = "302, redirecting" } # Configuration related to CORS preflight requests cors { # The Access-Control-Max-Age response header indicates how long the results of a preflight # request can be cached. -1 seconds disables the cache. Chromium max is 10m, Firefox is 24h. accessControlMaxAge = 5 seconds } # Configuration of prometheus http metrics prometheusMetrics { # If metrics are enabled then all requests will be logged as prometheus metrics # and '/metrics' endpoint will return the report about the requests enabled = false # Custom buckets for http_request_duration_seconds_bucket duration metric #durationBucketsInSeconds = [0.1, 3, 10] } streams { # Events which have successfully been collected will be stored in the good stream/topic good = "" # Events that are too big (w.r.t Kinesis 1MB limit) will be stored in the bad stream/topic bad = "" # Whether to use the incoming event's ip as the partition key for the good stream/topic # Note: Nsq does not make use of partition key. useIpAddressAsPartitionKey = false # Enable the chosen sink by uncommenting the appropriate configuration sink { # Choose between kinesis, googlepubsub, kafka, nsq, or stdout. # To use stdout, comment or remove everything in the "collector.streams.sink" section except # "enabled" which should be set to "stdout". enabled = stdout } # Incoming events are stored in a buffer before being sent to Kinesis/Kafka. # Note: Buffering is not supported by NSQ. # The buffer is emptied whenever: # - the number of stored records reaches record-limit or # - the combined size of the stored records reaches byte-limit or # - the time in milliseconds since the buffer was last emptied reaches time-limit buffer { byteLimit = 100000 recordLimit = 40 timeLimit = 1000 } } } # Akka has a variety of possible configuration options defined at # http://doc.akka.io/docs/akka/current/scala/general/configuration.html akka { loglevel = DEBUG # 'OFF' for no logging, 'DEBUG' for all logging. loggers = ["akka.event.slf4j.Slf4jLogger"] # akka-http is the server the Stream collector uses and has configurable options defined at # http://doc.akka.io/docs/akka-http/current/scala/http/configuration.html http.server { # To obtain the hostname in the collector, the 'remote-address' header # should be set. By default, this is disabled, and enabling it # adds the 'Remote-Address' header to every request automatically. remote-address-header = on raw-request-uri-header = on # Define the maximum request length (the default is 2048) parsing { max-uri-length = 32768 uri-parsing-mode = relaxed } } # By default setting `collector.ssl` relies on JSSE (Java Secure Socket # Extension) to enable secure communication. # To override the default settings set the following section as per # https://lightbend.github.io/ssl-config/ExampleSSLConfig.html # ssl-config { # debug = { # ssl = true # } # keyManager = { # stores = [ # {type = "PKCS12", classpath = false, path = "/etc/ssl/mycert.p12", password = "mypassword" } # ] # } # loose { # disableHostnameVerification = false # } # } }