* VRFS-3873 browser fingerprinting being tracked
This commit is contained in:
parent
01405618ae
commit
ba6a7af851
|
|
@ -325,4 +325,5 @@ news.sql
|
||||||
profile_teacher.sql
|
profile_teacher.sql
|
||||||
populate_languages.sql
|
populate_languages.sql
|
||||||
populate_subjects.sql
|
populate_subjects.sql
|
||||||
reviews.sql
|
reviews.sql
|
||||||
|
download_tracker_fingerprints.sql
|
||||||
|
|
@ -0,0 +1,3 @@
|
||||||
|
ALTER TABLE download_trackers ADD COLUMN fingerprint VARCHAR(1000);
|
||||||
|
CREATE INDEX index_download_trackers_on_fingerprint ON download_trackers USING btree (fingerprint);
|
||||||
|
ALTER TABLE download_trackers ADD COLUMN is_client BOOLEAN DEFAULT FALSE;
|
||||||
|
|
@ -14,12 +14,16 @@ module JamRuby
|
||||||
#validates :paid, presence: true
|
#validates :paid, presence: true
|
||||||
validates :jam_track, presence: :true
|
validates :jam_track, presence: :true
|
||||||
|
|
||||||
def self.create(user, remote_ip, target, owned)
|
def self.create(user, remote_ip, target, owned, fingerprint, is_client)
|
||||||
dt = DownloadTracker.new
|
dt = DownloadTracker.new
|
||||||
dt.user = user
|
dt.user = user
|
||||||
dt.remote_ip = remote_ip
|
dt.remote_ip = remote_ip
|
||||||
dt.paid = owned
|
dt.paid = owned
|
||||||
if target.is_a?(JamTrackTrack)
|
dt.is_client = is_client
|
||||||
|
dt.fingerprint = fingerprint
|
||||||
|
if target.is_a?(JamTrack)
|
||||||
|
dt.jam_track_id = target.id
|
||||||
|
elsif target.is_a?(JamTrackTrack)
|
||||||
dt.jam_track_id = target.jam_track_id
|
dt.jam_track_id = target.jam_track_id
|
||||||
elsif target.is_a?(JamTrackMixdownPackage)
|
elsif target.is_a?(JamTrackMixdownPackage)
|
||||||
dt.jam_track_id = target.jam_track_mixdown.jam_track_id
|
dt.jam_track_id = target.jam_track_mixdown.jam_track_id
|
||||||
|
|
@ -30,11 +34,12 @@ module JamRuby
|
||||||
dt
|
dt
|
||||||
end
|
end
|
||||||
|
|
||||||
def self.check(user, remote_ip, target, owned)
|
def self.check(user, remote_ip, target, owned, fingerprint, is_client)
|
||||||
|
|
||||||
|
|
||||||
return unless APP_CONFIG.guard_against_browser_fraud
|
return unless APP_CONFIG.guard_against_browser_fraud
|
||||||
|
|
||||||
create(user, remote_ip, target, owned)
|
create(user, remote_ip, target, owned, fingerprint, is_client)
|
||||||
|
|
||||||
# let's check the following
|
# let's check the following
|
||||||
alert_freebies_snarfer(remote_ip)
|
alert_freebies_snarfer(remote_ip)
|
||||||
|
|
|
||||||
|
|
@ -39,6 +39,7 @@
|
||||||
//= require jquery.payment
|
//= require jquery.payment
|
||||||
//= require jquery.visible
|
//= require jquery.visible
|
||||||
//= require jquery.jstarbox
|
//= require jquery.jstarbox
|
||||||
|
//= require fingerprint2.min
|
||||||
//= require classnames
|
//= require classnames
|
||||||
//= require reflux
|
//= require reflux
|
||||||
//= require howler.core.js
|
//= require howler.core.js
|
||||||
|
|
|
||||||
|
|
@ -10,6 +10,7 @@
|
||||||
//= require jquery.easydropdown
|
//= require jquery.easydropdown
|
||||||
//= require jquery.metronomePlaybackMode
|
//= require jquery.metronomePlaybackMode
|
||||||
//= require jquery.cookie
|
//= require jquery.cookie
|
||||||
|
//= require fingerprint2.min
|
||||||
//= require influxdb-latest
|
//= require influxdb-latest
|
||||||
//= require howler.core.js
|
//= require howler.core.js
|
||||||
//= require classnames
|
//= require classnames
|
||||||
|
|
|
||||||
|
|
@ -67,7 +67,9 @@ JamTrackPlayerStore = reactContext.JamTrackPlayerStore
|
||||||
download: (e) ->
|
download: (e) ->
|
||||||
e.preventDefault()
|
e.preventDefault()
|
||||||
|
|
||||||
AppActions.openExternalUrl(window.location.protocol + '//' + window.location.host + "/api/mixdowns/#{@state.mixdown.id}/download.mp3?file_type=mp3&sample_rate=#{@sampleRate}&download=1")
|
new window.Fingerprint2().get((result, components) => (
|
||||||
|
AppActions.openExternalUrl(window.location.protocol + '//' + window.location.host + "/api/mixdowns/#{@state.mixdown.id}/download.mp3?file_type=mp3&sample_rate=#{@sampleRate}&download=1&mark=#{result}")
|
||||||
|
))
|
||||||
|
|
||||||
enqueue: (e) ->
|
enqueue: (e) ->
|
||||||
e.preventDefault()
|
e.preventDefault()
|
||||||
|
|
|
||||||
|
|
@ -481,15 +481,17 @@ mixins.push(Reflux.listenTo(UserStore, 'onUserChanged'))
|
||||||
# fall through
|
# fall through
|
||||||
else
|
else
|
||||||
e.preventDefault()
|
e.preventDefault()
|
||||||
iframe = document.createElement("iframe")
|
new window.Fingerprint2().get((result, components) => (
|
||||||
iframe.src = @downloadMixdownUrl(mixdown)
|
iframe = document.createElement("iframe")
|
||||||
iframe.style.display = "none"
|
iframe.src = @downloadMixdownUrl(mixdown, result)
|
||||||
document.body.appendChild(iframe);
|
iframe.style.display = "none"
|
||||||
|
document.body.appendChild(iframe);
|
||||||
|
))
|
||||||
else
|
else
|
||||||
alert("The mix is not yet ready to download")
|
alert("The mix is not yet ready to download")
|
||||||
|
|
||||||
downloadMixdownUrl: (mixdown) ->
|
downloadMixdownUrl: (mixdown, result) ->
|
||||||
window.location.protocol + '//' + window.location.host + "/api/mixdowns/#{mixdown.id}/download.mp3?file_type=mp3&sample_rate=48&download=1"
|
window.location.protocol + '//' + window.location.host + "/api/mixdowns/#{mixdown.id}/download.mp3?file_type=mp3&sample_rate=48&download=1&mark=#{result}"
|
||||||
|
|
||||||
activateStem: (e) ->
|
activateStem: (e) ->
|
||||||
|
|
||||||
|
|
@ -539,13 +541,20 @@ mixins.push(Reflux.listenTo(UserStore, 'onUserChanged'))
|
||||||
else
|
else
|
||||||
e.preventDefault()
|
e.preventDefault()
|
||||||
|
|
||||||
iframe = document.createElement("iframe")
|
try
|
||||||
iframe.src = @createStemUrl(@state.jamTrackState.jamTrack.id, selectedTrackId)
|
new window.Fingerprint2().get((result, components) => (
|
||||||
iframe.style.display = "none"
|
iframe = document.createElement("iframe")
|
||||||
document.body.appendChild(iframe);
|
iframe.src = @createStemUrl(@state.jamTrackState.jamTrack.id, selectedTrackId, result)
|
||||||
|
iframe.style.display = "none"
|
||||||
|
document.body.appendChild(iframe);
|
||||||
|
))
|
||||||
|
catch error
|
||||||
|
logger.error("not working: ", error)
|
||||||
|
alert("Unable to download. Please try a different browser.")
|
||||||
|
|
||||||
createStemUrl: (jamTrackId, stemId) ->
|
|
||||||
window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{jamTrackId}/stems/#{stemId}/download.mp3?file_type=mp3&download=1"
|
createStemUrl: (jamTrackId, stemId, result) ->
|
||||||
|
window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{jamTrackId}/stems/#{stemId}/download.mp3?file_type=mp3&download=1&mark=#{result}"
|
||||||
|
|
||||||
stemChanged: () ->
|
stemChanged: () ->
|
||||||
|
|
||||||
|
|
@ -583,13 +592,15 @@ mixins.push(Reflux.listenTo(UserStore, 'onUserChanged'))
|
||||||
else
|
else
|
||||||
e.preventDefault()
|
e.preventDefault()
|
||||||
|
|
||||||
iframe = document.createElement("iframe")
|
new window.Fingerprint2().get((result, components) => (
|
||||||
iframe.src = @createJamTrackUrl(jamTrack)
|
iframe = document.createElement("iframe")
|
||||||
iframe.style.display = "none"
|
iframe.src = @createJamTrackUrl(jamTrack, result)
|
||||||
document.body.appendChild(iframe);
|
iframe.style.display = "none"
|
||||||
|
document.body.appendChild(iframe);
|
||||||
|
))
|
||||||
|
|
||||||
createJamTrackUrl: (jamTrack) ->
|
createJamTrackUrl: (jamTrack, result) ->
|
||||||
window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{jamTrack.id}/stems/master/download.mp3?file_type=mp3&download=1"
|
window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{jamTrack.id}/stems/master/download.mp3?file_type=mp3&download=1&mark=#{result}"
|
||||||
|
|
||||||
onEditKeydown: (mixdown, e) ->
|
onEditKeydown: (mixdown, e) ->
|
||||||
logger.debug("on edit keydown", e)
|
logger.debug("on edit keydown", e)
|
||||||
|
|
|
||||||
|
|
@ -499,7 +499,9 @@ mixins.push(Reflux.listenTo(UserStore, 'onUserChanged'))
|
||||||
|
|
||||||
return if @verificationCheck()
|
return if @verificationCheck()
|
||||||
|
|
||||||
AppActions.openExternalUrl(window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{jamTrack.id}/stems/master/download.mp3?file_type=mp3&download=1")
|
new window.Fingerprint2().get((result, components) => (
|
||||||
|
AppActions.openExternalUrl(window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{jamTrack.id}/stems/master/download.mp3?file_type=mp3&download=1&mark=#{result}")
|
||||||
|
))
|
||||||
|
|
||||||
stemChanged:() ->
|
stemChanged:() ->
|
||||||
stemDownload: (e) ->
|
stemDownload: (e) ->
|
||||||
|
|
@ -516,7 +518,9 @@ mixins.push(Reflux.listenTo(UserStore, 'onUserChanged'))
|
||||||
else
|
else
|
||||||
e.preventDefault()
|
e.preventDefault()
|
||||||
|
|
||||||
AppActions.openExternalUrl(window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{@state.jamTrackState.jamTrack.id}/stems/#{selectedTrackId}/download.mp3?file_type=mp3&download=1")
|
new window.Fingerprint2().get((result, components) => (
|
||||||
|
AppActions.openExternalUrl(window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{@state.jamTrackState.jamTrack.id}/stems/#{selectedTrackId}/download.mp3?file_type=mp3&download=1&mark=#{result}")
|
||||||
|
))
|
||||||
|
|
||||||
|
|
||||||
onEditKeydown: (mixdown, e) ->
|
onEditKeydown: (mixdown, e) ->
|
||||||
|
|
@ -557,7 +561,9 @@ mixins.push(Reflux.listenTo(UserStore, 'onUserChanged'))
|
||||||
break
|
break
|
||||||
|
|
||||||
if browserPackage?.signing_state == 'SIGNED'
|
if browserPackage?.signing_state == 'SIGNED'
|
||||||
AppActions.openExternalUrl(window.location.protocol + '//' + window.location.host + "/api/mixdowns/#{mixdown.id}/download.mp3?file_type=mp3&sample_rate=48&download=1")
|
new window.Fingerprint2().get((result, components) => (
|
||||||
|
AppActions.openExternalUrl(window.location.protocol + '//' + window.location.host + "/api/mixdowns/#{mixdown.id}/download.mp3?file_type=mp3&sample_rate=48&download=1&mark=#{result}")
|
||||||
|
))
|
||||||
else
|
else
|
||||||
JamTrackMixdownActions.openDownloader(mixdown)
|
JamTrackMixdownActions.openDownloader(mixdown)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -170,7 +170,9 @@ BrowserMediaActions = @BrowserMediaActions
|
||||||
if @jamTrack?.activeStem
|
if @jamTrack?.activeStem
|
||||||
|
|
||||||
if @browserMediaState?.id != @jamTrack.activeStem.id
|
if @browserMediaState?.id != @jamTrack.activeStem.id
|
||||||
BrowserMediaActions.load(@jamTrack.activeStem.id, [window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{@jamTrack.id}/stems/#{@jamTrack.activeStem.id}/download.mp3?file_type=mp3"], 'jamtrack_web_player')
|
new window.Fingerprint2().get((result, components) => (
|
||||||
|
BrowserMediaActions.load(@jamTrack.activeStem.id, [window.location.protocol + '//' + window.location.host + "/api/jamtracks/#{@jamTrack.id}/stems/#{@jamTrack.activeStem.id}/download.mp3?file_type=mp3&mark=#{result}"], 'jamtrack_web_player')
|
||||||
|
))
|
||||||
@jamTrack.activeStem.client_state = 'downloading'
|
@jamTrack.activeStem.client_state = 'downloading'
|
||||||
else
|
else
|
||||||
if @browserMediaState.loaded
|
if @browserMediaState.loaded
|
||||||
|
|
@ -190,7 +192,9 @@ BrowserMediaActions = @BrowserMediaActions
|
||||||
|
|
||||||
if activePackage?
|
if activePackage?
|
||||||
if @browserMediaState?.id != activePackage.id
|
if @browserMediaState?.id != activePackage.id
|
||||||
BrowserMediaActions.load(activePackage.id, [window.location.protocol + '//' + window.location.host + "/api/mixdowns/#{@jamTrack.activeMixdown.id}/download.mp3?file_type=mp3&sample_rate=48"], 'jamtrack_web_player')
|
new window.Fingerprint2().get((result, components) => (
|
||||||
|
BrowserMediaActions.load(activePackage.id, [window.location.protocol + '//' + window.location.host + "/api/mixdowns/#{@jamTrack.activeMixdown.id}/download.mp3?file_type=mp3&sample_rate=48&mark=#{result}"], 'jamtrack_web_player')
|
||||||
|
))
|
||||||
@jamTrack.activeMixdown.client_state = 'downloading'
|
@jamTrack.activeMixdown.client_state = 'downloading'
|
||||||
else
|
else
|
||||||
if @browserMediaState.loaded
|
if @browserMediaState.loaded
|
||||||
|
|
|
||||||
|
|
@ -71,6 +71,7 @@ class ApiJamTrackMixdownsController < ApiController
|
||||||
|
|
||||||
begin
|
begin
|
||||||
@package = JamTrackMixdownPackage.where('jam_track_mixdown_id = ?', @jam_track_mixdown.id).where(file_type: params[:file_type]).where(encrypt_type: params[:encrypt_type]).where(sample_rate: params[:sample_rate]).first
|
@package = JamTrackMixdownPackage.where('jam_track_mixdown_id = ?', @jam_track_mixdown.id).where(file_type: params[:file_type]).where(encrypt_type: params[:encrypt_type]).where(sample_rate: params[:sample_rate]).first
|
||||||
|
|
||||||
rescue Exception => e
|
rescue Exception => e
|
||||||
log.error("failed to find mixdown package", e)
|
log.error("failed to find mixdown package", e)
|
||||||
render :json => {:message => "unable to locate mixdown package due to error; check arguments"}, :status => 404
|
render :json => {:message => "unable to locate mixdown package due to error; check arguments"}, :status => 404
|
||||||
|
|
@ -79,13 +80,18 @@ class ApiJamTrackMixdownsController < ApiController
|
||||||
|
|
||||||
@package = JamTrackMixdownPackage.create(@jam_track_mixdown, params[:file_type], params[:sample_rate], params[:encrypt_type]) unless @package
|
@package = JamTrackMixdownPackage.create(@jam_track_mixdown, params[:file_type], params[:sample_rate], params[:encrypt_type]) unless @package
|
||||||
|
|
||||||
|
fingerprint = params[:mark]
|
||||||
|
DownloadTracker.check(current_user, request.remote_ip, @package, !@jam_track_right.redeemed, fingerprint, jkclient_agent?)
|
||||||
|
|
||||||
if @package.errors.any?
|
if @package.errors.any?
|
||||||
respond_with_model(@package)
|
respond_with_model(@package)
|
||||||
return
|
return
|
||||||
end
|
end
|
||||||
|
|
||||||
if @package.ready?
|
if @package.ready?
|
||||||
DownloadTracker.check(current_user, request.remote_ip, @package, !@jam_track_right.redeemed)
|
|
||||||
|
fingerprint = params[:mark]
|
||||||
|
DownloadTracker.check(current_user, request.remote_ip, @package, !@jam_track_right.redeemed, fingerprint, jkclient_agent?)
|
||||||
@package.update_download_count
|
@package.update_download_count
|
||||||
now = Time.now
|
now = Time.now
|
||||||
@package.last_downloaded_at = now
|
@package.last_downloaded_at = now
|
||||||
|
|
|
||||||
|
|
@ -166,7 +166,9 @@ class ApiJamTracksController < ApiController
|
||||||
jam_track_track = JamTrackTrack.find(params[:stem_id])
|
jam_track_track = JamTrackTrack.find(params[:stem_id])
|
||||||
end
|
end
|
||||||
|
|
||||||
DownloadTracker.check(current_user, request.remote_ip, @jam_track_track, !@jam_track_right.redeemed)
|
fingerprint = params[:mark]
|
||||||
|
|
||||||
|
DownloadTracker.check(current_user, request.remote_ip, jam_track_track, !@jam_track_right.redeemed, fingerprint, jkclient_agent?)
|
||||||
|
|
||||||
if params[:download]
|
if params[:download]
|
||||||
redirect_to jam_track_track.web_download_sign_url(120, params[:file_type], 'application/octet-stream', "attachment; filename=\"#{@jam_track_right.jam_track.name + '-' + jam_track_track.display_name}.mp3\"")
|
redirect_to jam_track_track.web_download_sign_url(120, params[:file_type], 'application/octet-stream', "attachment; filename=\"#{@jam_track_right.jam_track.name + '-' + jam_track_track.display_name}.mp3\"")
|
||||||
|
|
@ -187,6 +189,10 @@ class ApiJamTracksController < ApiController
|
||||||
|
|
||||||
if @jam_track_right.valid?
|
if @jam_track_right.valid?
|
||||||
|
|
||||||
|
fingerprint = params[:mark]
|
||||||
|
|
||||||
|
DownloadTracker.check(current_user, request.remote_ip, @jam_track_right.jam_track, !@jam_track_right.redeemed, fingerprint, jkclient_agent?)
|
||||||
|
|
||||||
all_fingerprint = params[:all_fp]
|
all_fingerprint = params[:all_fp]
|
||||||
running_fingerprint = params[:running_fp]
|
running_fingerprint = params[:running_fp]
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -186,7 +186,7 @@ module SessionsHelper
|
||||||
end
|
end
|
||||||
|
|
||||||
def jkclient_agent?
|
def jkclient_agent?
|
||||||
request.env['HTTP_USER_AGENT'] =~ /JamKazam/
|
!!(request.env['HTTP_USER_AGENT'] =~ /JamKazam/)
|
||||||
end
|
end
|
||||||
|
|
||||||
# used to help GA tracking. should result in one of Visitor, Registered User, or Paying Subscriber
|
# used to help GA tracking. should result in one of Visitor, Registered User, or Paying Subscriber
|
||||||
|
|
|
||||||
|
|
@ -98,7 +98,7 @@ SampleApp::Application.configure do
|
||||||
config.email_crashes_alias = ENV['ALERT_EMAIL'] || 'clientcrash-dev@jamkazam.com'
|
config.email_crashes_alias = ENV['ALERT_EMAIL'] || 'clientcrash-dev@jamkazam.com'
|
||||||
config.email_social_alias = ENV['ALERT_EMAIL'] || 'social-dev@jamkazam.com'
|
config.email_social_alias = ENV['ALERT_EMAIL'] || 'social-dev@jamkazam.com'
|
||||||
config.guard_against_fraud = true
|
config.guard_against_fraud = true
|
||||||
config.guard_against_browser_fraud = false
|
config.guard_against_browser_fraud = true
|
||||||
|
|
||||||
config.react.variant = :development
|
config.react.variant = :development
|
||||||
|
|
||||||
|
|
|
||||||
File diff suppressed because one or more lines are too long
Loading…
Reference in New Issue