Skip to content

Commit

Permalink
fix: unsafe property getting set via set value library (#3853)
Browse files Browse the repository at this point in the history
* fix: unsafe property getting set via set value library

* fix: update integrations-lib dependency

* chore: remove unnecessary commented code

---------

Co-authored-by: Sai Sankeerth <[email protected]>
  • Loading branch information
sanpj2292 and Sai Sankeerth authored Nov 8, 2024
1 parent f4b38eb commit 80d7b41
Show file tree
Hide file tree
Showing 4 changed files with 218 additions and 5 deletions.
7 changes: 4 additions & 3 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@
"@koa/router": "^12.0.0",
"@ndhoule/extend": "^2.0.0",
"@pyroscope/nodejs": "^0.2.9",
"@rudderstack/integrations-lib": "^0.2.10",
"@rudderstack/integrations-lib": "^0.2.12",
"@rudderstack/json-template-engine": "^0.18.0",
"@rudderstack/workflow-engine": "^0.8.13",
"@shopify/jest-koa-mocks": "^5.1.1",
Expand Down
2 changes: 1 addition & 1 deletion src/v0/util/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ const Handlebars = require('handlebars');
const fs = require('fs');
const path = require('path');
const lodash = require('lodash');
const set = require('set-value');
const { setValue: set } = require('@rudderstack/integrations-lib');
const get = require('get-value');
const uaParser = require('ua-parser-js');
const moment = require('moment-timezone');
Expand Down
212 changes: 212 additions & 0 deletions test/integrations/destinations/ga4/processor/pageTestData.ts
Original file line number Diff line number Diff line change
Expand Up @@ -301,4 +301,216 @@ export const pageTestData: ProcessorTestData[] = [
},
mockFns: defaultMockFns,
},
{
id: 'ga4-page-test-4',
name: 'ga4',
description:
'Scenario to test setting of reserved properties like constructor, __proto__, prototype in page call',
scenario: 'Business',
successCriteria:
'Response status code should be 200 and event payload should not fail due to reserved properties',
feature: 'processor',
module: 'destination',
version: 'v0',
input: {
request: {
body: [
{
destination: {
Config: {
apiSecret: 'api_secr',
debugMode: false,
typesOfClient: 'gtag',
measurementId: 'meas_id',
firebaseAppId: '',
whitelistedEvents: [
{
eventName: '',
},
],
blacklistedEvents: [
{
eventName: '',
},
],
eventFilteringOption: 'disable',
piiPropertiesToIgnore: [
{
piiProperty: '',
},
],
sdkBaseUrl: 'https://www.googletagmanager.com',
serverContainerUrl: '',
debugView: true,
useNativeSDK: false,
connectionMode: 'cloud',
capturePageView: 'rs',
useNativeSDKToSend: false,
extendPageViewParams: false,
overrideClientAndSessionId: false,
eventDelivery: false,
},
ID: '2ncdvkljndsvkuiurf',
WorkspaceID: 'wspId',
DestinationDefinition: {
...destination.DestinationDefinition,
},
Transformations: [],
IsConnectionEnabled: true,
IsProcessorEnabled: true,
Name: 'my ga4',
Enabled: true,
},
message: {
name: '',
type: 'page',
sentAt: '2022-04-29T05:17:09Z',
userId: '',
channel: 'web',
context: {
os: {
name: '',
version: '',
},
app: {
name: 'RudderLabs JavaScript SDK',
version: '3.7.6',
namespace: 'com.rudderlabs.javascript',
installType: 'npm',
},
page: {
url: 'https://somewebsite.com/?constructor.prototype.tenable_propexxx=tenable_something',
path: '/',
title: 'Mercedes-Benz Tire Center',
search: '?constructor.prototype.tenable_propexxx=tenable_something',
tab_url:
'https://somewebsite.com/?constructor.prototype.tenable_propexxx=tenable_something',
referrer: '$direct',
initial_referrer: '$direct',
referring_domain: '',
initial_referring_domain: '',
},
locale: 'en-US',
screen: {
width: 800,
height: 600,
density: 1,
innerWidth: 1600,
innerHeight: 1200,
},
traits: {},
library: {
name: 'RudderLabs JavaScript SDK',
version: '3.7.6',
},
campaign: {},
timezone: 'GMT+0000',
sessionId: 123465,
userAgent:
'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36',
},
rudderId: '7d02bb53-ff1a-46a2-9cb1-1ea78dcd4ca8',
timestamp: '2022-04-29T05:17:09Z',
properties: {
url: 'https://somewebsite.com/?constructor.prototype.tenable_propexxx=tenable_something',
path: '/',
title: 'Mercedes-Benz Tire Center',
search: '?constructor.prototype.tenable_propexxx=tenable_something',
tab_url:
'https://somewebsite.com/?constructor.prototype.tenable_propexxx=tenable_something',
vehicle: {
make: '',
trim: '',
year: '',
model: '',
ratio: '',
width: '',
option: '',
diameter: '',
},
national: true,
referrer: '$direct',
search_type: 'Vehicle',
initial_referrer: '$direct',
oem_program_code: 'CODE',
referring_domain: '',
initial_referring_domain: '',
'constructor.prototype.tenable_propexxx': 'tenable_something',
},
receivedAt: '2022-04-29T05:17:09Z',
request_ip: '34.201.223.160',
anonymousId: 'f577a7e1-6c76-49c3-8312-12846471e025',
integrations: {
All: true,
},
originalTimestamp: '2022-04-29T05:17:09Z',
},
metadata: generateMetadata(1),
},
],
},
},
output: {
response: {
status: 200,
body: [
{
output: {
body: {
XML: {},
FORM: {},
JSON: {
events: [
{
name: 'page_view',
params: {
url: 'https://somewebsite.com/?constructor.prototype.tenable_propexxx=tenable_something',
path: '/',
title: 'Mercedes-Benz Tire Center',
search: '?constructor.prototype.tenable_propexxx=tenable_something',
tab_url:
'https://somewebsite.com/?constructor.prototype.tenable_propexxx=tenable_something',
national: true,
referrer: '$direct',
page_title: 'Mercedes-Benz Tire Center',
session_id: 123465,
search_type: 'Vehicle',
page_location:
'https://somewebsite.com/?constructor.prototype.tenable_propexxx=tenable_something',
page_referrer: '$direct',
initial_referrer: '$direct',
oem_program_code: 'CODE',
engagement_time_msec: 1,
'constructor.prototype.tenable_propexxx': 'tenable_something',
},
},
],
client_id: 'f577a7e1-6c76-49c3-8312-12846471e025',
timestamp_micros: 1651209429000000,
},
JSON_ARRAY: {},
},
type: 'REST',
files: {},
method: 'POST',
params: {
api_secret: 'api_secr',
measurement_id: 'meas_id',
},
userId: '',
headers: {
HOST: 'www.google-analytics.com',
'Content-Type': 'application/json',
},
version: '1',
endpoint: 'https://www.google-analytics.com/mp/collect',
},
statusCode: 200,
metadata: generateMetadata(1),
},
],
},
},
mockFns: defaultMockFns,
},
];

0 comments on commit 80d7b41

Please sign in to comment.