test/test-privacy_checker.js


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58

/**
 * GNU LibreJSXUL - A browser add-on to block nonfree nontrivial JavaScript.
 * *
 * Copyright (C) 2011, 2012, 2014 Loic J. Duros
 * Copyright (C) 2014, 2015 Nik Nyby
 *
 * This file is part of GNU LibreJSXUL.
 *
 * GNU LibreJSXUL is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * GNU LibreJSXUL is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with GNU LibreJSXUL.  If not, see <http://www.gnu.org/licenses/>.
 */

const privacyCheck = require("../lib/js_checker/privacy_checker")
      .privacyCheck;

exports.testPrivacyCheckerGoogleAnalyticsRegex = function(assert) {
    // original analytics code this was designed for
    var scriptText =
        "var _gaq = _gaq || [];\n" +
        "_gaq.push(['_setAccount', 'UA-5555555-1']);\n" +
        "_gaq.push(['_trackPageview']);\n" +
        "\n" +
        "(function() {\n" +
        "var ga = document.createElement('script'); ga.type = " +
        "'text/javascript'; ga.async = true;\n" +
        "ga.src = ('https:' == document.location.protocol ? 'https://ssl'" +
        " : 'http://www') + '.google-analytics.com/ga.js';\n" +
        "var s = document.getElementsByTagName('script')[0]; " +
        "s.parentNode.insertBefore(ga, s);\n" +
        "})();";
    var check = privacyCheck.checkScriptPrivacyThreat(scriptText);
    assert.equal(check, true, 'regex recognizes old GA code');

    // newer analytics code
    scriptText =
        "var _gaq = _gaq || [];\n" +
        "_gaq.push(['_setAccount', 'UA-5555555-2']);\n" +
        "\n" +
        "(function() {\n" +
        "  var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;\n" +
        "  ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';\n" +
        "  var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);\n" +
        "})();";
    check = privacyCheck.checkScriptPrivacyThreat(scriptText);
    assert.equal(check, true, 'regex recognizes new GA code');
};

require('sdk/test').run(exports);