email-tracker's Introduction

`email-tracker`

Create trackers that tell you when emails were opened by embedding hidden images

Usage

Using with Docker

You can download the container from docker (armv7 only).

docker pull capevace/email-tracker

You can also build your own docker image by cloning the repo and then building it.

git clone https://github.com/capevace/email-tracker
cd email-tracker
docker build . -t capevace/email-tracker

Using with npm

You can download the package from npm.

npm i -g email-tracker

Environment Variables

PORT (Number): set the port for the HTTP server

Example:
```
PORT=3000 email-tracker
```
DB_PATH (String): set the DB path

Example:
```
DB_PATH=../data/emails.db email-tracker
```

Screenshots

Changelog

2.0.1

🩺 Removed documentation images from NPM release (20MB+ -> 17kb package size)

2.0.0

➕ Added header tracking

When the hidden image is loaded, header information sent along with the request will be saved in the database. This is useful to determine if the tracker was invoked not by a genuine open, but by a proxy caching email resources beforehand (GMail does this for example).
🩺 Fixed mobile layout issues

Migration notice

If you've previously used v1.0.0, you'll need to run the following SQL on your SQLite .db, in order to make it compatible with v2.0.0:

ALTER TABLE events
  ADD headers TEXT;

1.0.0

🚀 Initial release

email-tracker's People

Contributors

Watchers

email-tracker's Issues

同学，您这个项目引入了153个开源组件，存在6个漏洞，辛苦升级一下

检测到 Capevace/email-tracker 一共引入了153个开源组件，存在6个漏洞

漏洞标题：requests 代码注入漏洞
缺陷组件：[email protected]
漏洞编号：CVE-2020-28502
漏洞描述：Dan DeFelippi node-XMLHttpRequest是  （Dan DeFelippi）开源的一个应用软件。用于模拟浏览器XMLHttpRequest对象。
node-XMLHttpRequest before 1.7.0 存在代码注入漏洞，攻击者可利用该漏洞导致任意代码注入并运行。
影响范围：(∞, 1.6.2)
最小修复版本：1.6.2
缺陷组件引入路径：[email protected]>[email protected]>[email protected]>[email protected]>[email protected]>[email protected]

另外还有6个漏洞，详细报告：https://mofeisec.com/jr?p=id56b7

Recommend Projects