Add DataDome bot protection integration#231
Conversation
ChristianPavilonis
force-pushed
the
feature/datadome-integration-christian
branch
from
26a3699 to
d5f40db
Compare
ChristianPavilonis
force-pushed
the
feature/datadome-integration-christian
branch
from
a9f1552 to
c6f1536
Compare
ChristianPavilonis
force-pushed
the
feature/datadome-integration-christian
branch
from
c6f1536 to
2143b2b
Compare
| # ANY /integrations/datadome/js/* - Signal collection API | ||
| [integrations.datadome] | ||
| enabled = false | ||
| # js_key = "YOUR_DATADOME_JS_KEY" # Optional: for auto-injecting DataDome config |
There was a problem hiding this comment.
🔧 js_key not used in the implementation. Is that a mistake?
|
|
||
| /// Configuration for `DataDome` integration. | ||
| #[derive(Debug, Clone, Deserialize, Validate)] | ||
| pub struct DataDomeConfig { |
There was a problem hiding this comment.
🔧 Where is config for js_key?
There was a problem hiding this comment.
It was dead code.
I'm assuming you mean the datadome public key?
if you see the request to /integrations/datadome/js/ on the test site it has a field for ddk in the body which is the public key.
| // - '//js.datadome.co/js/check' | ||
| // - "api-js.datadome.co/js/check" | ||
| // - "js.datadome.co" | ||
| let pattern = Regex::new(r#"(['"])(https?:)?(//)?(api-)?js\.datadome\.co(/[^'"]*)?(['"])"#) |
There was a problem hiding this comment.
🔧 Should be a const with
use once_cell::sync::Lazy;
static DATADOME_URL_PATTERN: Lazy<Regex> = Lazy::new(|| {
Regex::new(r#"(['"])(https?:)?(//)?(api-)?js\.datadome\.co(/[^'"]*)?(['"])"#)
.expect("DataDome URL rewrite regex should compile")
});
| @@ -0,0 +1,185 @@ | |||
| import { log } from '../../core/log'; | |||
There was a problem hiding this comment.
❓ Should we have a common JS implementation for this? We have Permutive and Lockr and should have common reusable implementation.
| // Invalid: | ||
| // - https://cdn.example.com/js.datadome.co.js (domain is not js.datadome.co) | ||
| return ( | ||
| lower.includes('://js.datadome.co/') || |
There was a problem hiding this comment.
⛏️ Seems we can make a little cleaner.
❓ What about api-js.datadome.co urls?
There was a problem hiding this comment.
api-js.datadome.co doesn't load scripts. Those are the api endpoints, so would be unnecessary.
| /// Handle the /tags.js endpoint - fetch and rewrite the `DataDome` SDK. | ||
| async fn handle_tags_js( | ||
| &self, | ||
| _settings: &Settings, |
There was a problem hiding this comment.
⛏️ Let's not pass parameters we don't need
|
|
||
| /// Handle the /js/* signal collection endpoint - proxy pass-through to api-js.datadome.co. | ||
| async fn handle_js_api( | ||
| &self, |
There was a problem hiding this comment.
⛏️ Let's not pass parameters we don't need
| @@ -0,0 +1,781 @@ | |||
| //! `DataDome` integration for bot protection and security. | |||
There was a problem hiding this comment.
🔧 Still need comprehensive summary
3 participants
Closes #61