[NOCI] Update bot checking logic (#347)

* Update isBot logic and humanity check tests

* Update failing tests

* Attempt to simplify humanity check code for future understandability

* Update failing tests and remove unnecessary ones

* Update formatting on lint overrides

---------

Co-authored-by: Steve Blaurock <[email protected]>

Author: jjl014

cspell.json

@@ -47,5 +47,6 @@
     "rerank",
     "atcs",
     "testdata",
+    "Bytespider"
   ]
 }

spec/src/utils/humanity-check.js

@@ -1,4 +1,8 @@
-/* eslint-disable import/no-unresolved */
+/* eslint-disable
+  no-underscore-dangle,
+  no-restricted-properties,
+  import/no-unresolved
+*/
 const dotenv = require('dotenv');
 const chai = require('chai');
 const chaiAsPromised = require('chai-as-promised');
@@ -15,7 +19,7 @@ const bundled = process.env.BUNDLED === 'true';
 describe('ConstructorIO - Utils - Humanity Check', () => {
   // Don't run tests in bundle context, as these tests are for library internals
   if (!bundled) {
-    describe('isHuman', () => {
+    describe('constructor', () => {
       const storageKey = '_constructorio_is_human';
       let cleanup;
 
@@ -35,61 +39,90 @@ describe('ConstructorIO - Utils - Humanity Check', () => {
       it('Should not have isHuman flag set on initial instantiation', () => {
         const humanity = new HumanityCheck();
 
-        expect(humanity.isHuman()).to.equal(false);
+        expect(humanity.hasPerformedHumanEvent).to.equal(false);
         expect(store.session.get(storageKey)).to.equal(null);
       });
 
       it('Should have isHuman flag set if human-like actions are detected', () => {
         const humanity = new HumanityCheck();
 
-        expect(humanity.isHuman()).to.equal(false);
+        expect(humanity.hasPerformedHumanEvent).to.equal(false);
         helpers.triggerResize();
-        expect(humanity.isHuman()).to.equal(true);
-        expect(store.session.get(storageKey)).to.equal(true);
-      });
-
-      it('Should have isHuman flag set if session variable is set', () => {
-        const humanity = new HumanityCheck();
-
-        expect(humanity.isHuman()).to.equal(false);
-        store.session.set(storageKey, true);
-        expect(humanity.isHuman()).to.equal(true);
+        expect(humanity.hasPerformedHumanEvent).to.equal(true);
         expect(store.session.get(storageKey)).to.equal(true);
       });
     });
+
     describe('isBot', () => {
       const storageKey = '_constructorio_is_human';
       let cleanup;
+      let defaultAgent;
 
       beforeEach(() => {
         global.CLIENT_VERSION = 'cio-mocha';
-
         cleanup = jsdom();
-        window.navigator.webdriver = true;
+
+        defaultAgent = window.navigator.userAgent;
       });
 
       afterEach(() => {
         delete global.CLIENT_VERSION;
+        delete window.navigator.webdriver;
+        window.navigator.__defineGetter__('userAgent', () => defaultAgent);
         cleanup();
 
         helpers.clearStorage();
       });
 
-      it('Should have isBot flag set on initial instantiation', () => {
+      it('Should return true if it detects a webdriver', () => {
+        window.navigator.webdriver = true;
         const humanity = new HumanityCheck();
 
         expect(humanity.isBot()).to.equal(true);
         expect(store.session.get(storageKey)).to.equal(null);
       });
 
-      it('Should have isBot flag set to false if session variable is set', () => {
+      it('Should return true if it detects a webdriver and the session variable is set via human-like action', () => {
+        window.navigator.webdriver = true;
         const humanity = new HumanityCheck();
 
         expect(humanity.isBot()).to.equal(true);
-        store.session.set(storageKey, true);
-        expect(humanity.isBot()).to.equal(false);
+        helpers.triggerResize();
+        expect(humanity.isBot()).to.equal(true);
+        expect(store.session.get(storageKey)).to.equal(true);
+      });
+
+      it('Should return true if it detects a bot user agent', () => {
+        window.navigator.__defineGetter__('userAgent', () => 'Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected])');
+        const humanity = new HumanityCheck();
+
+        expect(humanity.isBot()).to.equal(true);
+        expect(store.session.get(storageKey)).to.equal(null);
+      });
+
+      it('Should return true if it detects a bot user agent and the session variable is set via human-like action', () => {
+        window.navigator.__defineGetter__('userAgent', () => 'Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; [email protected])');
+        const humanity = new HumanityCheck();
+
+        expect(humanity.isBot()).to.equal(true);
+        helpers.triggerResize();
+        expect(humanity.isBot()).to.equal(true);
         expect(store.session.get(storageKey)).to.equal(true);
       });
+
+      it('Should return true if it does not detect the user is a bot user nor webdriver and the session variable has not been set yet', () => {
+        const humanity = new HumanityCheck();
+
+        expect(humanity.isBot()).to.equal(true);
+      });
+
+      it('Should return false if it does not detect the user is a bot/webdriver and the session variable is set via human-like action', () => {
+        const humanity = new HumanityCheck();
+
+        expect(humanity.isBot()).to.equal(true);
+        helpers.triggerResize();
+        expect(humanity.isBot()).to.equal(false);
+      });
     });
   }
 });

spec/src/utils/request-queue.js

@@ -31,6 +31,7 @@ describe('ConstructorIO - Utils - Request Queue', function utilsRequestQueue() {
     this.timeout(3000);
 
     const storageKey = '_constructorio_requests';
+    const humanityStorageKey = '_constructorio_is_human';
     const waitInterval = 2000;
     let requestQueueOptions = {};
     const piiExamples = [
@@ -179,7 +180,8 @@ describe('ConstructorIO - Utils - Request Queue', function utilsRequestQueue() {
         helpers.clearStorage();
       });
 
-      it('Should add url requests to the queue', () => {
+      it('Should add url requests to the queue if the user is human', async () => {
+        store.session.set(humanityStorageKey, true);
         const requests = new RequestQueue(requestQueueOptions);
 
         requests.queue('https://ac.cnstrc.com/behavior?action=session_start');
@@ -191,7 +193,8 @@ describe('ConstructorIO - Utils - Request Queue', function utilsRequestQueue() {
         expect(store.local.get(storageKey)).to.be.an('array').length(3);
       });
 
-      it('Should add object requests to the queue - POST with body', () => {
+      it('Should add object requests to the queue - POST with body if the user is human', () => {
+        store.session.set(humanityStorageKey, true);
         const requests = new RequestQueue(requestQueueOptions);
 
         requests.queue('https://ac.cnstrc.com/behavior', 'POST', { action: 'session_start' });
@@ -218,6 +221,7 @@ describe('ConstructorIO - Utils - Request Queue', function utilsRequestQueue() {
       });
 
       it('Should obfuscate requests if PII is detected', () => {
+        store.session.set(humanityStorageKey, true); // Enabled for the test to run
         const requests = new RequestQueue(requestQueueOptions);
         const allExamples = [];
 
@@ -252,6 +256,7 @@ describe('ConstructorIO - Utils - Request Queue', function utilsRequestQueue() {
       });
 
       it('Should not obfuscate requests if no PII is detected', () => {
+        store.session.set(humanityStorageKey, true); // Enabled for the test to run
         const requests = new RequestQueue(requestQueueOptions);
 
         notPiiExamples.forEach((query) => {
@@ -343,12 +348,13 @@ describe('ConstructorIO - Utils - Request Queue', function utilsRequestQueue() {
         it('Should send all url tracking requests if queue is populated and user is human', (done) => {
           const requests = new RequestQueue(requestQueueOptions);
 
+          helpers.triggerResize(); // Human-like action
+
           requests.queue('https://ac.cnstrc.com/behavior?action=session_start');
           requests.queue('https://ac.cnstrc.com/behavior?action=focus');
           requests.queue('https://ac.cnstrc.com/behavior?action=magic_number_three');
 
           expect(RequestQueue.get()).to.be.an('array').length(3);
-          helpers.triggerResize();
           requests.send();
 
           setTimeout(() => {
@@ -359,6 +365,7 @@ describe('ConstructorIO - Utils - Request Queue', function utilsRequestQueue() {
         });
 
         it('Should send all object tracking requests if queue is populated and user is human - POST with body', (done) => {
+          store.session.set(humanityStorageKey, true);
           const requests = new RequestQueue(requestQueueOptions);
 
           requests.queue('https://ac.cnstrc.com/behavior', 'POST', { action: 'session_start' });
@@ -376,14 +383,26 @@ describe('ConstructorIO - Utils - Request Queue', function utilsRequestQueue() {
           }, waitInterval);
         });
 
-        it('Should not send tracking requests if queue is populated and user is not human', (done) => {
+        it('Should not send tracking requests if queue was populated and user is not human', (done) => {
           const requests = new RequestQueue(requestQueueOptions);
 
-          requests.queue('https://ac.cnstrc.com/behavior?action=session_start');
-          requests.queue('https://ac.cnstrc.com/behavior?action=focus');
-          requests.queue('https://ac.cnstrc.com/behavior?action=magic_number_three');
+          store.local.set(storageKey, [
+            {
+              url: 'https://ac.cnstrc.com/behavior?action=session_start',
+              method: 'GET',
+            },
+            {
+              url: 'https://ac.cnstrc.com/behavior?action=focus',
+              method: 'GET',
+            },
+            {
+              url: 'https://ac.cnstrc.com/behavior?action=magic_number_three',
+              method: 'GET',
+            },
+          ]);
 
           expect(RequestQueue.get()).to.be.an('array').length(3);
+
           requests.send();
 
           setTimeout(() => {
@@ -395,9 +414,20 @@ describe('ConstructorIO - Utils - Request Queue', function utilsRequestQueue() {
         it('Should not send tracking requests if queue is populated and user is human and page is unloading', (done) => {
           const requests = new RequestQueue(requestQueueOptions);
 
-          requests.queue('https://ac.cnstrc.com/behavior?action=session_start');
-          requests.queue('https://ac.cnstrc.com/behavior?action=focus');
-          requests.queue('https://ac.cnstrc.com/behavior?action=magic_number_three');
+          store.local.set(storageKey, [
+            {
+              url: 'https://ac.cnstrc.com/behavior?action=session_start',
+              method: 'GET',
+            },
+            {
+              url: 'https://ac.cnstrc.com/behavior?action=focus',
+              method: 'GET',
+            },
+            {
+              url: 'https://ac.cnstrc.com/behavior?action=magic_number_three',
+              method: 'GET',
+            },
+          ]);
 
           expect(RequestQueue.get()).to.be.an('array').length(3);
           helpers.triggerResize();
@@ -413,9 +443,20 @@ describe('ConstructorIO - Utils - Request Queue', function utilsRequestQueue() {
         it('Should not send tracking requests if queue is populated and user is human and page is unloading and send was called before unload', (done) => {
           const requests = new RequestQueue(requestQueueOptions);
 
-          requests.queue('https://ac.cnstrc.com/behavior?action=session_start');
-          requests.queue('https://ac.cnstrc.com/behavior?action=focus');
-          requests.queue('https://ac.cnstrc.com/behavior?action=magic_number_three');
+          store.local.set(storageKey, [
+            {
+              url: 'https://ac.cnstrc.com/behavior?action=session_start',
+              method: 'GET',
+            },
+            {
+              url: 'https://ac.cnstrc.com/behavior?action=focus',
+              method: 'GET',
+            },
+            {
+              url: 'https://ac.cnstrc.com/behavior?action=magic_number_three',
+              method: 'GET',
+            },
+          ]);
 
           expect(RequestQueue.get()).to.be.an('array').length(3);
           helpers.triggerResize();
@@ -728,11 +769,28 @@ describe('ConstructorIO - Utils - Request Queue', function utilsRequestQueue() {
           const sendSpy1 = sinon.spy(requests1, 'send');
           const sendSpy2 = sinon.spy(requests2, 'send');
 
-          requests1.queue('https://ac.cnstrc.com/behavior', 'POST', { action: 'number_one' });
-          requests1.queue('https://ac.cnstrc.com/behavior', 'POST', { action: 'number_two' });
-          requests1.queue('https://ac.cnstrc.com/behavior', 'POST', { action: 'number_three' });
-          requests1.queue('https://ac.cnstrc.com/behavior', 'POST', { action: 'number_four' });
-          requests1.queue('https://ac.cnstrc.com/behavior', 'POST', { action: 'number_five' });
+          store.local.set(storageKey, [
+            {
+              url: 'https://ac.cnstrc.com/behavior?action=session_start',
+              method: 'GET',
+            },
+            {
+              url: 'https://ac.cnstrc.com/behavior?action=focus',
+              method: 'GET',
+            },
+            {
+              url: 'https://ac.cnstrc.com/behavior?action=magic_number_three',
+              method: 'GET',
+            },
+            {
+              url: 'https://ac.cnstrc.com/behavior?action=magic_number_four',
+              method: 'GET',
+            },
+            {
+              url: 'https://ac.cnstrc.com/behavior?action=magic_number_five',
+              method: 'GET',
+            },
+          ]);
 
           helpers.triggerResize();
           requests1.send();
@@ -754,11 +812,28 @@ describe('ConstructorIO - Utils - Request Queue', function utilsRequestQueue() {
           const sendSpy1 = sinon.spy(requests1, 'send');
           const sendSpy2 = sinon.spy(requests2, 'send');
 
-          requests1.queue('https://ac.cnstrc.com/behavior', 'POST', { action: 'number_one' });
-          requests2.queue('https://ac.cnstrc.com/behavior', 'POST', { action: 'number_two' });
-          requests1.queue('https://ac.cnstrc.com/behavior', 'POST', { action: 'number_three' });
-          requests2.queue('https://ac.cnstrc.com/behavior', 'POST', { action: 'number_four' });
-          requests1.queue('https://ac.cnstrc.com/behavior', 'POST', { action: 'number_five' });
+          store.local.set(storageKey, [
+            {
+              url: 'https://ac.cnstrc.com/behavior?action=session_start',
+              method: 'GET',
+            },
+            {
+              url: 'https://ac.cnstrc.com/behavior?action=focus',
+              method: 'GET',
+            },
+            {
+              url: 'https://ac.cnstrc.com/behavior?action=magic_number_three',
+              method: 'GET',
+            },
+            {
+              url: 'https://ac.cnstrc.com/behavior?action=magic_number_four',
+              method: 'GET',
+            },
+            {
+              url: 'https://ac.cnstrc.com/behavior?action=magic_number_five',
+              method: 'GET',
+            },
+          ]);
 
           helpers.triggerResize();
           requests1.send();