* VRFS-3873 browser fingerprinting being tracked
This commit is contained in:
parent
01405618ae
commit
ba6a7af851
|
|
@ -325,4 +325,5 @@ news.sql
|
|||
profile_teacher.sql
|
||||
populate_languages.sql
|
||||
populate_subjects.sql
|
||||
reviews.sql
|
||||
reviews.sql
|
||||
download_tracker_fingerprints.sql
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
ALTER TABLE download_trackers ADD COLUMN fingerprint VARCHAR(1000);
|
||||
CREATE INDEX index_download_trackers_on_fingerprint ON download_trackers USING btree (fingerprint);
|
||||
ALTER TABLE download_trackers ADD COLUMN is_client BOOLEAN DEFAULT FALSE;
|
||||
|
|
@ -14,12 +14,16 @@ module JamRuby
|
|||
#validates :paid, presence: true
|
||||
validates :jam_track, presence: :true
|
||||
|
||||
def self.create(user, remote_ip, target, owned)
|
||||
def self.create(user, remote_ip, target, owned, fingerprint, is_client)
|
||||
dt = DownloadTracker.new
|
||||
dt.user = user
|
||||
dt.remote_ip = remote_ip
|
||||
dt.paid = owned
|
||||
if target.is_a?(JamTrackTrack)
|
||||
dt.is_client = is_client
|
||||
dt.fingerprint = fingerprint
|
||||
if target.is_a?(JamTrack)
|
||||
dt.jam_track_id = target.id
|
||||
elsif target.is_a?(JamTrackTrack)
|
||||
dt.jam_track_id = target.jam_track_id
|
||||
elsif target.is_a?(JamTrackMixdownPackage)
|
||||
dt.jam_track_id = target.jam_track_mixdown.jam_track_id
|
||||
|
|
@ -30,11 +34,12 @@ module JamRuby
|
|||
dt
|
||||
end
|
||||
|
||||
def self.check(user, remote_ip, target, owned)
|
||||
def self.check(user, remote_ip, target, owned, fingerprint, is_client)
|
||||
|
||||
|
||||
return unless APP_CONFIG.guard_against_browser_fraud
|
||||
|
||||
create(user, remote_ip, target, owned)
|
||||
create(user, remote_ip, target, owned, fingerprint, is_client)
|
||||
|
||||
# let's check the following
|
||||
alert_freebies_snarfer(remote_ip)
|
||||
|
|
|
|||
|
|
@ -39,6 +39,7 @@
|
|||
//= require jquery.payment
|
||||
//= require jquery.visible
|
||||
//= require jquery.jstarbox
|
||||
//= require fingerprint2.min
|
||||
//= require classnames
|
||||
//= require reflux
|
||||
//= require howler.core.js
|
||||
|
|
|
|||
|
|
@ -10,6 +10,7 @@
|
|||
//= require jquery.easydropdown
|
||||
//= require jquery.metronomePlaybackMode
|
||||
//= require jquery.cookie
|
||||
//= require fingerprint2.min
|
||||
//= require influxdb-latest
|
||||
//= require howler.core.js
|
||||
//= require classnames
|
||||
|
|
|
|||
|
|
@ -67,7 +67,9 @@ JamTrackPlayerStore = reactContext.JamTrackPlayerStore
|
|||
download: (e) ->
|
||||
e.preventDefault()
|
||||
|
||||
AppActions.openExternalUrl(window.location.protocol + '//' + window.location.host + "/api/mixdowns/#{@state.mixdown.id}/download.mp3?file_type=mp3&sample_rate=#{@sampleRate}&download=1")
|
||||
new window.Fingerprint2().get((result, components) => (
|
||||
AppActions.openExternalUrl(window.location.protocol + '//' + window.location.host + "/api/mixdowns/#{@state.mixdown.id}/download.mp3?file_type=mp3&sample_rate=#{@sampleRate}&download=1&mark=#{result}")
|
||||
))
|
||||
|
||||
enqueue: (e) ->
|
||||
e.preventDefault()
|
||||
|
|
|
|||
|
|
@ -481,15 +481,17 @@ mixins.push(Reflux.listenTo(UserStore, 'onUserChanged'))
|
|||
# fall through
|
||||
else
|
||||
e.preventDefault()
|
||||
iframe = document.createElement("iframe")
|
||||
iframe.src = @downloadMixdownUrl(mixdown)
|
||||
iframe.style.display = "none"
|
||||
document.body.appendChild(iframe);
|
||||
new window.Fingerprint2().get((result, components) => (
|
||||
iframe = document.createElement("iframe")
|
||||
iframe.src = @downloadMixdownUrl(mixdown, result)
|
||||
iframe.style.display = "none"
|
||||
document.body.appendChild(iframe);
|
||||
))
|
||||
else
|
||||
alert("The mix is not yet ready to download")
|
||||
|
||||
downloadMixdownUrl: (mixdown) ->
|
||||
window.location.protocol + '//' + window.location.host + "/api/mixdowns/#{mixdown.id}/download.mp3?file_type=mp3&sample_rate=48&download=1"
|
||||
downloadMixdownUrl: (mixdown, result) ->
|
||||
window.location.protocol + '//' + window.location.host + "/api/mixdowns/#{mixdown.id}/download.mp3?file_type=mp3&sample_rate=48&download=1&mark=#{result}"
|
||||
|
||||
activateStem: (e) ->
|
||||
|
||||
|
|
@ -539,13 +541,20 @@ mixins.push(Reflux.listenTo(UserStore, 'onUserChanged'))
|
|||
else
|
||||
e.preventDefault()
|
||||
|
||||
iframe = document.createElement("iframe")
|
||||
iframe.src = @createStemUrl(@state.jamTrackState.jamTrack.id, selectedTrackId)
|
||||
iframe.style.display = "none"
|
||||
document.body.appendChild(iframe);
|
||||
try
|
||||
new window.Fingerprint2().get((result, components) => (
|
||||
iframe = document.createElement("iframe")
|
||||
iframe.src = @createStemUrl(@state.jamTrackState.jamTrack.id, selectedTrackId, result)
|
||||
iframe.style.display = "none"
|
||||
document.body.appendChild(iframe);
|
||||
))
|
||||
catch error
|
||||
logger.error("not working: ", error)
|
||||
alert("Unable to download. Please try a different browser.")
|
||||
|
||||
createStemUrl: (jamTrackId, stemId) ->
|
||||
window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{jamTrackId}/stems/#{stemId}/download.mp3?file_type=mp3&download=1"
|
||||
|
||||
createStemUrl: (jamTrackId, stemId, result) ->
|
||||
window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{jamTrackId}/stems/#{stemId}/download.mp3?file_type=mp3&download=1&mark=#{result}"
|
||||
|
||||
stemChanged: () ->
|
||||
|
||||
|
|
@ -583,13 +592,15 @@ mixins.push(Reflux.listenTo(UserStore, 'onUserChanged'))
|
|||
else
|
||||
e.preventDefault()
|
||||
|
||||
iframe = document.createElement("iframe")
|
||||
iframe.src = @createJamTrackUrl(jamTrack)
|
||||
iframe.style.display = "none"
|
||||
document.body.appendChild(iframe);
|
||||
new window.Fingerprint2().get((result, components) => (
|
||||
iframe = document.createElement("iframe")
|
||||
iframe.src = @createJamTrackUrl(jamTrack, result)
|
||||
iframe.style.display = "none"
|
||||
document.body.appendChild(iframe);
|
||||
))
|
||||
|
||||
createJamTrackUrl: (jamTrack) ->
|
||||
window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{jamTrack.id}/stems/master/download.mp3?file_type=mp3&download=1"
|
||||
createJamTrackUrl: (jamTrack, result) ->
|
||||
window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{jamTrack.id}/stems/master/download.mp3?file_type=mp3&download=1&mark=#{result}"
|
||||
|
||||
onEditKeydown: (mixdown, e) ->
|
||||
logger.debug("on edit keydown", e)
|
||||
|
|
|
|||
|
|
@ -499,7 +499,9 @@ mixins.push(Reflux.listenTo(UserStore, 'onUserChanged'))
|
|||
|
||||
return if @verificationCheck()
|
||||
|
||||
AppActions.openExternalUrl(window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{jamTrack.id}/stems/master/download.mp3?file_type=mp3&download=1")
|
||||
new window.Fingerprint2().get((result, components) => (
|
||||
AppActions.openExternalUrl(window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{jamTrack.id}/stems/master/download.mp3?file_type=mp3&download=1&mark=#{result}")
|
||||
))
|
||||
|
||||
stemChanged:() ->
|
||||
stemDownload: (e) ->
|
||||
|
|
@ -516,7 +518,9 @@ mixins.push(Reflux.listenTo(UserStore, 'onUserChanged'))
|
|||
else
|
||||
e.preventDefault()
|
||||
|
||||
AppActions.openExternalUrl(window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{@state.jamTrackState.jamTrack.id}/stems/#{selectedTrackId}/download.mp3?file_type=mp3&download=1")
|
||||
new window.Fingerprint2().get((result, components) => (
|
||||
AppActions.openExternalUrl(window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{@state.jamTrackState.jamTrack.id}/stems/#{selectedTrackId}/download.mp3?file_type=mp3&download=1&mark=#{result}")
|
||||
))
|
||||
|
||||
|
||||
onEditKeydown: (mixdown, e) ->
|
||||
|
|
@ -557,7 +561,9 @@ mixins.push(Reflux.listenTo(UserStore, 'onUserChanged'))
|
|||
break
|
||||
|
||||
if browserPackage?.signing_state == 'SIGNED'
|
||||
AppActions.openExternalUrl(window.location.protocol + '//' + window.location.host + "/api/mixdowns/#{mixdown.id}/download.mp3?file_type=mp3&sample_rate=48&download=1")
|
||||
new window.Fingerprint2().get((result, components) => (
|
||||
AppActions.openExternalUrl(window.location.protocol + '//' + window.location.host + "/api/mixdowns/#{mixdown.id}/download.mp3?file_type=mp3&sample_rate=48&download=1&mark=#{result}")
|
||||
))
|
||||
else
|
||||
JamTrackMixdownActions.openDownloader(mixdown)
|
||||
|
||||
|
|
|
|||
|
|
@ -170,7 +170,9 @@ BrowserMediaActions = @BrowserMediaActions
|
|||
if @jamTrack?.activeStem
|
||||
|
||||
if @browserMediaState?.id != @jamTrack.activeStem.id
|
||||
BrowserMediaActions.load(@jamTrack.activeStem.id, [window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{@jamTrack.id}/stems/#{@jamTrack.activeStem.id}/download.mp3?file_type=mp3"], 'jamtrack_web_player')
|
||||
new window.Fingerprint2().get((result, components) => (
|
||||
BrowserMediaActions.load(@jamTrack.activeStem.id, [window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{@jamTrack.id}/stems/#{@jamTrack.activeStem.id}/download.mp3?file_type=mp3&mark=#{result}"], 'jamtrack_web_player')
|
||||
))
|
||||
@jamTrack.activeStem.client_state = 'downloading'
|
||||
else
|
||||
if @browserMediaState.loaded
|
||||
|
|
@ -190,7 +192,9 @@ BrowserMediaActions = @BrowserMediaActions
|
|||
|
||||
if activePackage?
|
||||
if @browserMediaState?.id != activePackage.id
|
||||
BrowserMediaActions.load(activePackage.id, [window.location.protocol + '//' + window.location.host + "/api/mixdowns/#{@jamTrack.activeMixdown.id}/download.mp3?file_type=mp3&sample_rate=48"], 'jamtrack_web_player')
|
||||
new window.Fingerprint2().get((result, components) => (
|
||||
BrowserMediaActions.load(activePackage.id, [window.location.protocol + '//' + window.location.host + "/api/mixdowns/#{@jamTrack.activeMixdown.id}/download.mp3?file_type=mp3&sample_rate=48&mark=#{result}"], 'jamtrack_web_player')
|
||||
))
|
||||
@jamTrack.activeMixdown.client_state = 'downloading'
|
||||
else
|
||||
if @browserMediaState.loaded
|
||||
|
|
|
|||
|
|
@ -71,6 +71,7 @@ class ApiJamTrackMixdownsController < ApiController
|
|||
|
||||
begin
|
||||
@package = JamTrackMixdownPackage.where('jam_track_mixdown_id = ?', @jam_track_mixdown.id).where(file_type: params[:file_type]).where(encrypt_type: params[:encrypt_type]).where(sample_rate: params[:sample_rate]).first
|
||||
|
||||
rescue Exception => e
|
||||
log.error("failed to find mixdown package", e)
|
||||
render :json => {:message => "unable to locate mixdown package due to error; check arguments"}, :status => 404
|
||||
|
|
@ -79,13 +80,18 @@ class ApiJamTrackMixdownsController < ApiController
|
|||
|
||||
@package = JamTrackMixdownPackage.create(@jam_track_mixdown, params[:file_type], params[:sample_rate], params[:encrypt_type]) unless @package
|
||||
|
||||
fingerprint = params[:mark]
|
||||
DownloadTracker.check(current_user, request.remote_ip, @package, !@jam_track_right.redeemed, fingerprint, jkclient_agent?)
|
||||
|
||||
if @package.errors.any?
|
||||
respond_with_model(@package)
|
||||
return
|
||||
end
|
||||
|
||||
if @package.ready?
|
||||
DownloadTracker.check(current_user, request.remote_ip, @package, !@jam_track_right.redeemed)
|
||||
|
||||
fingerprint = params[:mark]
|
||||
DownloadTracker.check(current_user, request.remote_ip, @package, !@jam_track_right.redeemed, fingerprint, jkclient_agent?)
|
||||
@package.update_download_count
|
||||
now = Time.now
|
||||
@package.last_downloaded_at = now
|
||||
|
|
|
|||
|
|
@ -166,7 +166,9 @@ class ApiJamTracksController < ApiController
|
|||
jam_track_track = JamTrackTrack.find(params[:stem_id])
|
||||
end
|
||||
|
||||
DownloadTracker.check(current_user, request.remote_ip, @jam_track_track, !@jam_track_right.redeemed)
|
||||
fingerprint = params[:mark]
|
||||
|
||||
DownloadTracker.check(current_user, request.remote_ip, jam_track_track, !@jam_track_right.redeemed, fingerprint, jkclient_agent?)
|
||||
|
||||
if params[:download]
|
||||
redirect_to jam_track_track.web_download_sign_url(120, params[:file_type], 'application/octet-stream', "attachment; filename=\"#{@jam_track_right.jam_track.name + '-' + jam_track_track.display_name}.mp3\"")
|
||||
|
|
@ -187,6 +189,10 @@ class ApiJamTracksController < ApiController
|
|||
|
||||
if @jam_track_right.valid?
|
||||
|
||||
fingerprint = params[:mark]
|
||||
|
||||
DownloadTracker.check(current_user, request.remote_ip, @jam_track_right.jam_track, !@jam_track_right.redeemed, fingerprint, jkclient_agent?)
|
||||
|
||||
all_fingerprint = params[:all_fp]
|
||||
running_fingerprint = params[:running_fp]
|
||||
|
||||
|
|
|
|||
|
|
@ -186,7 +186,7 @@ module SessionsHelper
|
|||
end
|
||||
|
||||
def jkclient_agent?
|
||||
request.env['HTTP_USER_AGENT'] =~ /JamKazam/
|
||||
!!(request.env['HTTP_USER_AGENT'] =~ /JamKazam/)
|
||||
end
|
||||
|
||||
# used to help GA tracking. should result in one of Visitor, Registered User, or Paying Subscriber
|
||||
|
|
|
|||
|
|
@ -98,7 +98,7 @@ SampleApp::Application.configure do
|
|||
config.email_crashes_alias = ENV['ALERT_EMAIL'] || 'clientcrash-dev@jamkazam.com'
|
||||
config.email_social_alias = ENV['ALERT_EMAIL'] || 'social-dev@jamkazam.com'
|
||||
config.guard_against_fraud = true
|
||||
config.guard_against_browser_fraud = false
|
||||
config.guard_against_browser_fraud = true
|
||||
|
||||
config.react.variant = :development
|
||||
|
||||
|
|
|
|||
File diff suppressed because one or more lines are too long
Loading…
Reference in New Issue