[lintian] 02/02: Add detection of well known statistic website
This is an automated email from the git hooks/post-receive script.
broucaries-guest pushed a commit to branch master
in repository lintian.
commit 272434336dccc5efde80970728869527cb15481e
Author: Bastien ROUCARIÈS <roucaries.bastien@gmail.com>
Date: Sat Dec 28 22:00:39 2013 +0100
Add detection of well known statistic website
Add detection tag for well known statistic website.
signed-off-by: Bastien ROUCARIÈS <roucaries.bastien+debian@gmail.com>
---
checks/files.desc | 21 ++++++++++++++++++++-
checks/files.pm | 4 ++--
data/files/privacy-breaker-fragments | 7 ++++---
data/files/privacy-breaker-websites | 9 +++++----
debian/changelog | 4 +++-
.../files-privacybreach/debian/src/statcounter.xml | 11 +++++++++++
.../files-privacybreach/debian/src/statcounter2.js | 4 ++++
t/tests/files-privacybreach/desc | 1 +
t/tests/files-privacybreach/tags | 2 ++
9 files changed, 52 insertions(+), 11 deletions(-)
diff --git a/checks/files.desc b/checks/files.desc
index 9e1f4d8..470f737 100644
--- a/checks/files.desc
+++ b/checks/files.desc
@@ -952,7 +952,7 @@ Info: This package creates a privacy breach by using Google Adsense.
distributable in Debian, and thus a serious bug.
Tag: privacy-breach-piwik
-Severity: important
+Severity: serious
Certainty: possible
Info: This package creates a privacy breach by using piwik.
Piwik is a free and open source web analytics application.
@@ -960,6 +960,25 @@ Info: This package creates a privacy breach by using piwik.
Even if piwik is free and respect the "do not track" browser
option, it is nevertheless a breach on our user privacy.
+Tag: privacy-breach-statistics-website
+Severity: important
+Certainty: possible
+Info: This package creates a privacy breach by fetching some
+ data from external website in order to made visitor statistics.
+ .
+ Please remove these scripts from the local copy of the page.
+ .
+ Please ask upstream to use free software piwik that respect
+ "do not track" browser option.
+ .
+ This tag include the following website:
+ - cruel-carlota.pagodabox.com
+ - linkexchange.com (defunct)
+ - nedstatbasic.net
+ - statcounter.com
+ - sitemeter.com
+ - webstats.motigo.com
+
Tag: privacy-breach-w3c-valid-html
Severity: serious
Certainty: possible
diff --git a/checks/files.pm b/checks/files.pm
index 2198896..ee26931 100644
--- a/checks/files.pm
+++ b/checks/files.pm
@@ -42,11 +42,11 @@ my $MULTIARCH_DIRS = Lintian::Data->new('common/multiarch-dirs', qr/\s++/,
my $PRIVACY_BREAKER_WEBSITES
= Lintian::Data->new('files/privacy-breaker-websites',
- qr/\s*\~\~/o,sub { return qr/$_[1]/ism });
+ qr/\s*\~\~/o,sub { return qr/$_[1]/xism });
my $PRIVACY_BREAKER_FRAGMENTS
= Lintian::Data->new('files/privacy-breaker-fragments',
- qr/\s*\~\~/o,sub { return qr/$_[1]/ism });
+ qr/\s*\~\~/o,sub { return qr/$_[1]/xism });
my $COMPRESS_FILE_EXTENSIONS
= Lintian::Data->new('files/compressed-file-extensions',
diff --git a/data/files/privacy-breaker-fragments b/data/files/privacy-breaker-fragments
index c9dc368..7db5dfc 100644
--- a/data/files/privacy-breaker-fragments
+++ b/data/files/privacy-breaker-fragments
@@ -1,10 +1,11 @@
# Manually maintained table of well known privacy breakers html/js fragment
# syntax:
-# key ~~regex
+# key ~~regex (xism)
#
# Note spaces on the right hand side of ~~ are assumed to be a part
# of the regex.
#
# Please keep this sorted by tag.
-privacy-breach-google-adsense ~~(?:google_ad_client\s*=|[\"\']\.?google-analytics.com/ga.js[\"\']|urchinTracker\s*\(\s*\)\s*;)
-privacy-breach-piwik ~~(?:piwik_url\s*=|pkBaseURL\s*=|[\'"]piwik\.js[\'\"]|End\s+Piwik\h+(?:Tag|Code)|[\'\"]setTrackerUrl[\'\"])
+privacy-breach-google-adsense ~~(?:google_ad_client\s*=|[\"\']\.?google-analytics.com/ga.js[\"\']|urchinTracker\s*\(\s*\)\s*;)
+privacy-breach-piwik ~~(?:piwik_url\s*=|pkBaseURL\s*=|[\'"]piwik\.js[\'\"]|End\s+Piwik\h+(?:Tag|Code)|[\'\"]setTrackerUrl[\'\"])
+privacy-breach-statistics-website ~~(?:var\s+sc_project\s*=\s*\d+\s*;)
\ No newline at end of file
diff --git a/data/files/privacy-breaker-websites b/data/files/privacy-breaker-websites
index 0e670e9..f5908bd 100644
--- a/data/files/privacy-breaker-websites
+++ b/data/files/privacy-breaker-websites
@@ -1,11 +1,12 @@
# Manually maintained table of well known privacy breakers site
# syntax:
-# key ~~regex
+# key ~~regex (xism)
#
# Note spaces on the right hand side of ~~ are assumed to be a part
# of the regex.
#
# Please keep this sorted by tag.
-privacy-breach-google-adsense ~~^(?:[^\./]+\.)?(?:googlesyndication\.com/pagead/show_ads\.js|google-analytics\.com/(?:ga|urchin)\.js)
-privacy-breach-piwik ~~/piwik\.php\?
-privacy-breach-w3c-valid-html ~~^(?:[^\./]+\.)?w3.org/Icons/valid-(?:[^/]+)?$
+privacy-breach-google-adsense ~~^(?:[^\./]+\.)?(?:googlesyndication\.com/pagead/show_ads\.js|google-analytics\.com/(?:ga|urchin)\.js)
+privacy-breach-piwik ~~/piwik\.php\?
+privacy-breach-w3c-valid-html ~~^(?:[^\./]+\.)?w3.org/Icons/valid-(?:[^/]+)?$
+privacy-breach-statistics-website ~~^(?:[^\./]+\.)?(?:cruel-carlota.pagodabox.com|linkexchange.com|nedstatbasic.net|statcounter.com|sitemeter.com|webstats.motigo.com)(?:/|$)
diff --git a/debian/changelog b/debian/changelog
index c6efaef..14de117 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -53,9 +53,11 @@ lintian (2.5.21) UNRELEASED; urgency=medium
* data/files/obsolete-paths:
+ [BR] Add /etc/X11/fonts/X11R7 as obsolete path (Closes: #646872).
- * data/files/privacy-breaker-website
+ * data/files/privacy-breaker-{fragments,websites}
+ [BR] Add w3c website valid x?html icons.
+ [BR] Add piwik detection.
+ + [BR] Add detection of well known statistics websites.
+
* data/rules/rules-should-not-use:
+ [BR] Detect use of $(_) variable in debian/rules (Closes: #585495).
diff --git a/t/tests/files-privacybreach/debian/src/statcounter.xml b/t/tests/files-privacybreach/debian/src/statcounter.xml
new file mode 100644
index 0000000..49b9736
--- /dev/null
+++ b/t/tests/files-privacybreach/debian/src/statcounter.xml
@@ -0,0 +1,11 @@
+<!-- Start of StatCounter Code -->
+<script type="text/javascript" language="javascript">
+ <!--
+ var sc_project=895001;
+ var sc_invisible=1;
+ var sc_partition=7;
+ var sc_security="5ea85181";
+//-->
+</script>
+<script type="text/javascript" language="javascript" src="http://www.statcounter.com/counter/counter.js"></script><noscript><a href="http://www.statcounter.com/" target="_blank"><img src="http://c8.statcounter.com/counter.php?sc_project=895001&java=0&security=5ea85181&invisible=1" alt="counter stats" border="0"></a> </noscript>
+<!-- End of StatCounter Code -->
\ No newline at end of file
diff --git a/t/tests/files-privacybreach/debian/src/statcounter2.js b/t/tests/files-privacybreach/debian/src/statcounter2.js
new file mode 100644
index 0000000..c0533cb
--- /dev/null
+++ b/t/tests/files-privacybreach/debian/src/statcounter2.js
@@ -0,0 +1,4 @@
+var sc_project=895001;
+var sc_invisible=1;
+var sc_partition=7;
+var sc_security="5ea85181";
\ No newline at end of file
diff --git a/t/tests/files-privacybreach/desc b/t/tests/files-privacybreach/desc
index 754cd93..111b302 100644
--- a/t/tests/files-privacybreach/desc
+++ b/t/tests/files-privacybreach/desc
@@ -6,4 +6,5 @@ Test-For:
privacy-breach-generic
privacy-breach-google-adsense
privacy-breach-piwik
+ privacy-breach-statistics-website
privacy-breach-w3c-valid-html
diff --git a/t/tests/files-privacybreach/tags b/t/tests/files-privacybreach/tags
index 547b9e4..dd756c1 100644
--- a/t/tests/files-privacybreach/tags
+++ b/t/tests/files-privacybreach/tags
@@ -7,6 +7,8 @@ E: files-privacybreach: privacy-breach-google-adsense usr/share/javascript/urchi
E: files-privacybreach: privacy-breach-google-adsense usr/share/javascript/urchinloader.js
E: files-privacybreach: privacy-breach-piwik usr/share/files-privacybreach/html/piwik.html
E: files-privacybreach: privacy-breach-piwik usr/share/files-privacybreach/html/piwikvariant.html
+E: files-privacybreach: privacy-breach-statistics-website usr/share/htmlfragment/statcounter.xml
+E: files-privacybreach: privacy-breach-statistics-website usr/share/javascript/statcounter2.js
E: files-privacybreach: privacy-breach-w3c-valid-html usr/share/files-privacybreach/html/htmlvalid.html
X: files-privacybreach: privacy-breach-generic usr/share/files-privacybreach/html/applet.html 1984.os/trackme
X: files-privacybreach: privacy-breach-generic usr/share/files-privacybreach/html/div.html trackme.1984/index-2.html
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git
Reply to: