ip-cookie-audit

0.0.1-beta.9 • Public • Published

ip-cookie-audit

Custom Lighthouse audits for cookies and tags.

An audit can be run for single or multiple URL's which generates a report and then saves this locally. Batch processing allows tracking of cookies and tags across a user journey.

Installation

npm i -g ip-cookie-audit

Usage

privacyaudit --config <pathToConfig> or npx ip-cookie-audit --config

To run a audit a config file must be created.

Config File

Basic config

{
  "journey": [
    {
      "url": "",
      "headers: {},
      "ignoreTags: []
    }, 
    {
      "url": ""
    }
  ],
  "headers": {},
  "ignoreTags": [],
  "domain": "",
  "collate": true
}

Key Values Usage Required
journey Array of Journey objects A list of URL's for audit Y
collate Boolean Report config Y
domain String Product / domain being audited e.g. FT.com Y
headers Object Headers can be set at top level to apply to all URL's, or specific to URL within journey objects N
ignoreTags Array of strings and/or RegEx IgnoreTags can be set at top level to apply to all URL's or specific to URL N
url String URL for Audit Y

Journey object headers and ignoreTags will overide top level headers and ignoreTags.

ignoreTags

Tags are collected by tracking network requests and then filtering by domain. To filter out requests to known services e.g. fastly then a Regular Expression, or Keyword can be added to ignoreTags.

Example config file format

{
  "journey": [
    {
      "url": "https://www.ft.com/"
    },
    {
      "url": "https://www.ft.com/opinion",
      "headers": {
        "Cookie": "FTCookieConsentGDPR=true"
      },
      "ignoreTags": ["spoor", "origami", "fastly"]
    }
  ],
  "headers": {
    "ft-cookie-ftsession": [SESSION_TOKEN],
    "ft-cookie-ftsession-s": [SESSION_TOKEN],
    "fastly-debug": "1",
    "cookie": "FTCookieConsentGDPR=true"
  },

  "ignoreTags": ["fastly"],
  "domain": "ft.com",
  "collate": true
}

Reports

The default report is a collated report across all the URL's provided within the config.json file. The report will save under the following path:

./reports/report.json

Reports will overwriten each time command is run

privacyaudit --config <path>

This command shows a list of all cookies found by First and Third party, along with a list of all tags. The report does not provide a breakdown of cookies and tags per URL.

If you would like a report that provides a breakdown of cookies and tags by URL, there are two options.

To generate a report to show all cookies and tags found for each URL:

  • Through the config file
    • by setting collate to false.
"collate": false

This report will not de-duplicate cookies across URL's.

To generate a report to show all unique cookies found for each subsequent URL:

  • Through the cli
    • pass --unique flag when running an audit
privacyaudit --config <path> --unique

This report will de-duplicate cookies and tags across multiple URL's.

Flag Example Usage
-c --config privacyaudit -- --config ./config.json Run app with a config file
-u --unique privacyaudit -- --unique --config [PATH] Report including URL's with consecutive cookies and tags found with each subsequent URL
-s --silent privacyaudit -- --silent --config [PATH] Log errors, then continue.

If installing through git - please see here

Readme

Keywords

none

Package Sidebar

Install

npm i ip-cookie-audit

Weekly Downloads

0

Version

0.0.1-beta.9

License

MIT

Unpacked Size

46.1 kB

Total Files

21

Last publish

Collaborators

  • the-ft