Tracker Source Code

This section contains full listing of the current stable version of the client tracker source code

No-Spy Agrement

The script doesn't send any unnecessary information to the event tracker to analyze.

The source code explanations:

  1. Detect Cashcat's traffic:

    1. Line 30. Take utm_term URL paramenter and put it into event.utms.utmTerm

    2. Line 23. Take utm_source URL parameter and put it into event.utms.utmSource

  2. Store marker of a Cashcat lead into browser storage:

    1. Lines 49-52. If the utm_source AND utm_terms contains only needed parameters,

      1. Save action number to the storage Line 50

      2. Save origin=true to the storage Line 51

  3. Send only Cashcat's leads

    1. Get action number from the storage. Line 54

    2. Line 60. If we have a Cashcat lead, we have an action number (that was passed into utm_term parameter, stored to the storage, get from the storage), so the script sends data to the tracker only if event.actionNumber exists.

JavaScript
JavaScript
ccevents.js
/*
Event Tracker GTM Script ver.1.0.2 2019 (c) CASHCAT PHILIPPINES
More information is here: https://developer.cashcat.ph/
Support: support@cashcat.ph, security: security@cashcat.ph
*/
function ccEvent(type) {
"use strict";
// constants section
const debug = false;
const ccUtmMarker = 'cashcatph';
const endpointDomain = 'events.cashcat.ph';
const urlParams = new URLSearchParams(window.location.search);
const endpoint = `//${endpointDomain}/events/${window.cashcatWebsiteId}/receive/`;
// building event object
let event = {};
event.type = type;
event.timestamp = Date.now();
// setup utm tags
event.utms = {};
event.utms.utmSource = urlParams.get('utm_source');
event.utms.utmMedium = urlParams.get('utm_medium');
event.utms.utmCampaign = urlParams.get('utm_campaign');
event.utms.utmContent = urlParams.get('utm_content');
event.utms.utmTerm = urlParams.get('utm_term');
event.referrer = document.referrer;
event.title = document.title;
event.origin = false;
event.firstSeenOn = ccGet('first_seen_on');
if (!event.firstSeenOn) {
event.firstSeenOn = event.timestamp;
ccSet('first_seen_on', event.firstSeenOn)
}
event.uuid = ccGet('uuid');
if (!event.uuid) {
event.uuid = ccUuid();
ccSet('uuid', event.uuid)
}
if ((event.utms.utmSource === ccUtmMarker) && (event.utms.utmTerm)) {
ccSet('action_number', event.utms.utmTerm);
event.origin = true
}
event.actionNumber = ccGet('action_number');
// This script comes with Cashcat No-Spy Agreement.
// ccEvent() doesn't send any unnecessary information
// from the lender's website to the tracker.
if (event.actionNumber) {
// build request object
let xhr = new XMLHttpRequest();
// event will be sent ONLY when variable `event.actionNumber`
// contains Cashcat's identifier
xhr.open("POST", endpoint, true);
xhr.onload = function (e) {
if (xhr.readyState === 4) {
if (debug) {
if (xhr.status === 200) {
console.log(xhr.responseText)
} else {
console.error(xhr.statusText)
}
}
}
};
xhr.onerror = function (e) {
if (debug) {
console.error(xhr.statusText)
}
};
xhr.setRequestHeader("Content-Type", "application/json");
// sending event to tracker
xhr.send(JSON.stringify(event));
} else {
if (debug) {
console.log(`event ${event.uuid} skipped...`)
}
}
}
function ccUuid() {
return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, function(c) {
let r = Math.random() * 16 | 0, v = c === 'x' ? r : (r & 0x3 | 0x8);
return v.toString(16);
});
}
const ccStoragePrefix = '__ccevents_';
function ccSet(key, value) {
window.localStorage.setItem(ccStoragePrefix + key, value);
}
function ccGet(key) {
if (key === 'first_seen_on') {
return parseInt(window.localStorage.getItem(ccStoragePrefix + key))
} else if (key === 'origin') {
return Boolean(window.localStorage.getItem(ccStoragePrefix + key))
} else {
return window.localStorage.getItem(ccStoragePrefix + key)
}
}
window.addEventListener("load", function () {
ccEvent('pageView')
});