UNPKG

page-integrity-js

Version:

A library for monitoring and controlling DOM mutations and script execution, essential for PCI DSS compliance and security audits

110 lines 4.34 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
/** * Page Integrity JS * A library for ensuring webpage content integrity by verifying that content updates * come from first-party JavaScript. * * @packageDocumentation */ import { ScriptBlocker } from './script-blocking'; import { CacheManager } from './utils/cache-manager'; import { analyzeScript, DEFAULT_ANALYSIS_CONFIG } from './utils/script-analyzer'; export function mergeConfig(defaults, config) { const mergedConfig = Object.assign(Object.assign({}, defaults), config); // Deep merge analysis config if provided if (config.analysisConfig) { mergedConfig.analysisConfig = Object.assign(Object.assign(Object.assign({}, DEFAULT_ANALYSIS_CONFIG), config.analysisConfig), { weights: Object.assign(Object.assign({}, DEFAULT_ANALYSIS_CONFIG.weights), config.analysisConfig.weights), scoringRules: Object.assign(Object.assign({}, DEFAULT_ANALYSIS_CONFIG.scoringRules), config.analysisConfig.scoringRules) }); } else { mergedConfig.analysisConfig = DEFAULT_ANALYSIS_CONFIG; } return mergedConfig; } export function initScriptBlocker(config, cacheManager) { return new ScriptBlocker(cacheManager, config); } export function exposeGlobally(cls, name) { if (typeof window !== 'undefined') { window[name] = cls; } } /** * Main class for monitoring and enforcing page integrity. * * Example usage: * ```js * const pi = new PageIntegrity({ * blacklistedHosts: ['evil.com'], * whitelistedHosts: ['trusted.com'], * onBlocked: (info) => { ... } * }); * ``` */ export class PageIntegrity { /** * Create a new PageIntegrity instance. * @param config Configuration options for script and DOM mutation monitoring. */ constructor(config) { this.config = mergeConfig({ allowDynamicInline: true }, config); this.cacheManager = new CacheManager(); this.scriptBlocker = initScriptBlocker(this.config, this.cacheManager); exposeGlobally(PageIntegrity, 'PageIntegrity'); } /** * Update the configuration for script and DOM mutation monitoring. * @param newConfig Partial configuration to merge with the current config. */ updateConfig(newConfig) { this.config = mergeConfig(this.config, newConfig); this.scriptBlocker = initScriptBlocker(this.config, this.cacheManager); } handleScript(script, scriptInfo) { var _a, _b; // Check if script is blacklisted const isBlacklisted = (_a = this.config.blacklistedHosts) === null || _a === void 0 ? void 0 : _a.some(host => { const scriptUrl = script.src || ''; return scriptUrl.includes(host); }); if (isBlacklisted) { if (this.config.onBlocked) { this.config.onBlocked({ type: 'blacklisted', target: script, stackTrace: new Error().stack || '', context: { source: scriptInfo.source, origin: scriptInfo.origin } }); } return false; } // Perform analysis for monitoring purposes const content = script.textContent || ''; const analysis = analyzeScript(content, this.config.analysisConfig); // Report analysis results if score is below threshold if (analysis.score < (((_b = this.config.analysisConfig) === null || _b === void 0 ? void 0 : _b.minScore) || DEFAULT_ANALYSIS_CONFIG.minScore)) { if (this.config.onBlocked) { this.config.onBlocked({ type: 'low-score', target: script, stackTrace: new Error().stack || '', context: { source: scriptInfo.source, origin: scriptInfo.origin, score: analysis.score, analysisDetails: { staticScore: analysis.score, dynamicScore: 0, originScore: 0, hashScore: 0 } } }); } } return true; } } export * from './types'; //# sourceMappingURL=index.js.map