From c6953eaebec96446ae2d334777233ba65a3d09dc Mon Sep 17 00:00:00 2001 From: Keagan Jarvis Date: Thu, 21 Sep 2023 10:42:27 -0400 Subject: [PATCH] Migrate app off glitch.me onto own hosted infra --- README.md | 6 +++--- helpers/runMenu.js | 2 +- privacy-protections/click-to-load/index.html | 14 +++++++------- .../storage-partitioning/helpers/common.js | 2 +- privacy-protections/storage-partitioning/main.js | 4 ++-- .../storage-partitioning/server/routes.js | 2 +- server.js | 2 +- 7 files changed, 16 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 40b6aff..8c0c232 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ 🛡 Collection of pages for testing various privacy and security features of browsers and browser extensions. ## How to use it? -The site with all tests is live [here](https://privacy-test-pages.glitch.me/). All tests run either on page load or provide instructions on how to run them. +The site with all tests is live [here](https://privacy-test-pages.site/). All tests run either on page load or provide instructions on how to run them. ### Privacy Protections Tests @@ -21,14 +21,14 @@ Please note that we are not taking external contributions for new test pages, bu ### Test domains -We have couple of test domains, that all resolve to `privacy-test-pages.glitch.me`, which help us simulate various scenarios: +We have couple of test domains, that all resolve to `privacy-test-pages.site`, which help us simulate various scenarios: - `www.first-party.site` - an alternative first-party domain used for tests that require first-party resources on other subdomains (e.g., `hsts.first-party.site`) - `good.third-party.site` - non-tracking third party, it's not on our blocklist and will not be blocked by our clients - `broken.third-party.site` - tracking third party that we can't block (e.g. due to brekage), it's on our blocklist, but it will not be blocked by our clients - `bad.third-party.site` - tracking third party that's on our blocklist and our clients will block -We also have additional test domains that resolve to `ad-attribution-test-pages.glitch.me`, specifically for the Ad Attribution tests hosted [here](https://www.search-company.site): +We also have additional test domains that resolve to `ad-attribution-test-pages.site`, specifically for the Ad Attribution tests hosted [here](https://www.search-company.site): - `www.search-company.site` - Simulated search provider - `convert.ad-company.site` - Simulated ad provider conversion ping diff --git a/helpers/runMenu.js b/helpers/runMenu.js index d11502b..9715f56 100644 --- a/helpers/runMenu.js +++ b/helpers/runMenu.js @@ -42,7 +42,7 @@ function initMenu () { 'bad.third-party.site', 'good.third-party.site', 'broken.third-party.site', - 'privacy-test-pages.glitch.me' + 'privacy-test-pages.site' ].forEach((hostname) => { const li = document.createElement('li'); const a = document.createElement('a'); diff --git a/privacy-protections/click-to-load/index.html b/privacy-protections/click-to-load/index.html index 6acb96e..3209ec5 100644 --- a/privacy-protections/click-to-load/index.html +++ b/privacy-protections/click-to-load/index.html @@ -29,15 +29,15 @@

Metrics

All the social buttons from the SDK

-
-
-
Share
- +
+
+
Share
+

All the social buttons in iFrames

- -
-
+ +
+

Login buttons (SDK & custom)

⚠ Login buttons only work with a valid Facebook developer account. This page is not configured with a real account, so is unlikely to show a proper login button, and the login flow may create errors. For true login testing, use a real FB account and actual pages with login.

diff --git a/privacy-protections/storage-partitioning/helpers/common.js b/privacy-protections/storage-partitioning/helpers/common.js index 9f99361..13ba8a8 100644 --- a/privacy-protections/storage-partitioning/helpers/common.js +++ b/privacy-protections/storage-partitioning/helpers/common.js @@ -9,7 +9,7 @@ const FIRST_PARTY_HOSTNAME = isLocalTest ? 'first-party.example' : 'www.first-pa const FIRST_PARTY_HTTP = isLocalTest ? `http://${FIRST_PARTY_HOSTNAME}:3000` : `http://${THIRD_PARTY_HOSTNAME}`; const FIRST_PARTY_HTTPS = `https://${FIRST_PARTY_HOSTNAME}`; -const HSTS_HOSTNAME = isLocalTest ? 'hsts.first-party.example' : 'privacy-test-pages.glitch.me'; +const HSTS_HOSTNAME = isLocalTest ? 'hsts.first-party.example' : 'privacy-test-pages.site'; // Inject an iframe to retrieve values from test APIs function accessStorageInIframe (frameOrigin, sessionId, mode, apiTypes = [], frameId) { diff --git a/privacy-protections/storage-partitioning/main.js b/privacy-protections/storage-partitioning/main.js index 48ab075..de9c695 100644 --- a/privacy-protections/storage-partitioning/main.js +++ b/privacy-protections/storage-partitioning/main.js @@ -252,8 +252,8 @@ if (window.location.hostname === 'localhost') { runButton.setAttribute('disabled', ''); } -// warn the user if loaded over privacy-test-pages.glitch.me -if (window.location.hostname === 'privacy-test-pages.glitch.me') { +// warn the user if loaded over privacy-test-pages.site +if (window.location.hostname === 'privacy-test-pages.site') { const warning = document.getElementById('warning'); warning.innerHTML = `âš  Test must be accessed via ${FIRST_PARTY_HTTPS}. Redirecting you... âš `; runButton.setAttribute('disabled', ''); diff --git a/privacy-protections/storage-partitioning/server/routes.js b/privacy-protections/storage-partitioning/server/routes.js index e9faad6..16cde13 100644 --- a/privacy-protections/storage-partitioning/server/routes.js +++ b/privacy-protections/storage-partitioning/server/routes.js @@ -93,7 +93,7 @@ router.get('/get_hsts.png', (req, res) => { // The X-Forwarded-Proto header is added by Glitch's proxy // and reveals the original protocol used during the connection // This header will always show HTTPS for all custom domains, - // it's only correct for privacy-test-pages.glitch.me. + // it's only correct for privacy-test-pages.site. if (req.headers['x-forwarded-proto']) { isHTTPS = req.headers['x-forwarded-proto'].split(',', 1)[0] === 'https'; } diff --git a/server.js b/server.js index 16afcfd..b081daa 100644 --- a/server.js +++ b/server.js @@ -232,7 +232,7 @@ app.get('/come-back', (req, res) => { const jsReferrer = document.referrer; document.body.innerHTML += '

header: ${req.headers.referer || ''}

js: ' + jsReferrer + '

'; setTimeout(() => { - location.href = 'https://privacy-test-pages.glitch.me/privacy-protections/referrer-trimming/?run&header=${req.headers.referer || ''}&js=' + jsReferrer + '&testid=${req.query.testid || ''}'; + location.href = 'https://privacy-test-pages.site/privacy-protections/referrer-trimming/?run&header=${req.headers.referer || ''}&js=' + jsReferrer + '&testid=${req.query.testid || ''}'; }, 1000);