Custom Lighthouse audits for cookies and tags.
An audit can be run for single or multiple URL's which generates a report and then saves this locally. Batch processing allows tracking of cookies and tags across a user journey.
npm i -g ip-cookie-audit
privacyaudit --config <pathToConfig> or npx ip-cookie-audit --config
To run a audit a config file must be created.
Basic config
{
"journey": [
{
"url": "",
"headers: {},
"ignoreTags: []
},
{
"url": ""
}
],
"headers": {},
"ignoreTags": [],
"domain": "",
"collate": true
}
Key | Values | Usage | Required |
---|---|---|---|
journey | Array of Journey objects | A list of URL's for audit | Y |
collate | Boolean | Report config | Y |
domain | String | Product / domain being audited e.g. FT.com | Y |
headers | Object | Headers can be set at top level to apply to all URL's, or specific to URL within journey objects | N |
ignoreTags | Array of strings and/or RegEx | IgnoreTags can be set at top level to apply to all URL's or specific to URL | N |
url | String | URL for Audit | Y |
Journey object headers and ignoreTags will overide top level headers and ignoreTags.
Tags are collected by tracking network requests and then filtering by domain. To filter out requests to known services e.g. fastly then a Regular Expression, or Keyword can be added to ignoreTags.
Example config file format
{
"journey": [
{
"url": "https://www.ft.com/"
},
{
"url": "https://www.ft.com/opinion",
"headers": {
"Cookie": "FTCookieConsentGDPR=true"
},
"ignoreTags": ["spoor", "origami", "fastly"]
}
],
"headers": {
"ft-cookie-ftsession": [SESSION_TOKEN],
"ft-cookie-ftsession-s": [SESSION_TOKEN],
"fastly-debug": "1",
"cookie": "FTCookieConsentGDPR=true"
},
"ignoreTags": ["fastly"],
"domain": "ft.com",
"collate": true
}
The default report is a collated report across all the URL's provided within the config.json file. The report will save under the following path:
./reports/report.json
Reports will overwriten each time command is run
privacyaudit --config <path>
This command shows a list of all cookies found by First and Third party, along with a list of all tags. The report does not provide a breakdown of cookies and tags per URL.
If you would like a report that provides a breakdown of cookies and tags by URL, there are two options.
To generate a report to show all cookies and tags found for each URL:
- Through the config file
- by setting collate to false.
"collate": false
This report will not de-duplicate cookies across URL's.
To generate a report to show all unique cookies found for each subsequent URL:
- Through the cli
- pass --unique flag when running an audit
privacyaudit --config <path> --unique
This report will de-duplicate cookies and tags across multiple URL's.
Flag | Example | Usage |
---|---|---|
-c --config | privacyaudit -- --config ./config.json | Run app with a config file |
-u --unique | privacyaudit -- --unique --config [PATH] | Report including URL's with consecutive cookies and tags found with each subsequent URL |
-s --silent | privacyaudit -- --silent --config [PATH] | Log errors, then continue. |
If installing through git - please see here