Use stats instead of bitly

Signed-off-by: Simon Bennetts <psiinon@gmail.com>

CHANGELOG.md

@@ -5,10 +5,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
-
+### Changed
+- Use stats instead of bitly for telemetry
 
 ## [0.14.0] - 2022-09-22
-
 ### Added
 - Added accessibility fixes for rapid navigation between panels. 
 - Added semantic roles and better labelling for screen reader users.

src/main/java/org/zaproxy/zap/extension/hud/ExtensionHUD.java

@@ -45,11 +45,9 @@
 import org.parosproxy.paros.extension.ExtensionHook;
 import org.parosproxy.paros.extension.OptionsChangedListener;
 import org.parosproxy.paros.extension.history.ProxyListenerLog;
-import org.parosproxy.paros.model.Model;
 import org.parosproxy.paros.model.OptionsParam;
 import org.parosproxy.paros.network.HttpHeader;
 import org.parosproxy.paros.network.HttpMessage;
-import org.parosproxy.paros.network.HttpSender;
 import org.parosproxy.paros.view.View;
 import org.zaproxy.addon.network.ExtensionNetwork;
 import org.zaproxy.zap.ZAP;
@@ -112,8 +110,6 @@ public class ExtensionHUD extends ExtensionAdaptor
     private static final String REPLACE_REQUEST_PARAM = "zapHudReplaceReq=";
     private Map<String, HttpMessage> recordedRequests = new HashMap<>();
 
-    private HttpSender httpSender;
-
     static {
         List<Class<? extends Extension>> dependencies = new ArrayList<>(1);
         dependencies.add(ExtensionNetwork.class);
@@ -144,14 +140,6 @@ public class ExtensionHUD extends ExtensionAdaptor
     private Set<String> upgradedHttpsDomains = new HashSet<>();
     private TutorialProxyServer tutorialServer;
 
-    public enum Telemetry {
-        HUD_START,
-        TUTORIAL_START,
-        TUTORIAL_END
-    };
-
-    private List<Telemetry> telemetryTrack = new ArrayList<>();
-
     public ExtensionHUD() {
         super(NAME);
     }
@@ -612,48 +600,4 @@ protected Set<String> getUpgradedHttpsDomains() {
     public List<String> getSupportedBrowserIds() {
         return Arrays.asList("firefox", "chrome");
     }
-
-    public void telemetryPoint(Telemetry telemetry) {
-        if (this.getHudParam().isEnableTelemetry() && !telemetryTrack.contains(telemetry)) {
-            telemetryTrack.add(telemetry);
-
-            String url;
-            switch (telemetry) {
-                case HUD_START:
-                    url = "https://bit.ly/owaspzap-hud";
-                    break;
-                case TUTORIAL_START:
-                    url = "https://bit.ly/owaspzap-hud-tutorial-start";
-                    break;
-                case TUTORIAL_END:
-                    url = "https://bit.ly/owaspzap-hud-tutorial-end";
-                    break;
-                default:
-                    return;
-            }
-
-            new Thread(
-                            () -> {
-                                try {
-                                    HttpMessage msg = new HttpMessage(new URI(url, true));
-                                    getHttpSender().sendAndReceive(msg, true);
-                                } catch (Exception e) {
-                                    log.debug(e.getMessage(), e);
-                                }
-                            },
-                            "HUD-telemetry")
-                    .start();
-        }
-    }
-
-    private HttpSender getHttpSender() {
-        if (httpSender == null) {
-            httpSender =
-                    new HttpSender(
-                            Model.getSingleton().getOptionsParam().getConnectionParam(),
-                            true,
-                            HttpSender.CHECK_FOR_UPDATES_INITIATOR);
-        }
-        return httpSender;
-    }
 }

src/main/java/org/zaproxy/zap/extension/hud/HudAPI.java

@@ -62,9 +62,9 @@
 import org.zaproxy.zap.extension.api.ApiResponseList;
 import org.zaproxy.zap.extension.api.ApiResponseSet;
 import org.zaproxy.zap.extension.api.ApiView;
-import org.zaproxy.zap.extension.hud.ExtensionHUD.Telemetry;
 import org.zaproxy.zap.extension.script.ScriptWrapper;
 import org.zaproxy.zap.extension.websocket.ExtensionWebSocket;
+import org.zaproxy.zap.utils.Stats;
 
 public class HudAPI extends ApiImplementor {
 
@@ -195,6 +195,7 @@ public String handleCallBack(HttpMessage msg) throws ApiException {
             logger.debug("callback fileName = {}", fileName);
             if (fileName != null) {
                 if (DOMAIN_FILE_ALLOWLIST.contains(fileName)) {
+                    Stats.incCounter("stats.hud.callback");
                     msg.setResponseBody(
                             this.getFile(msg, ExtensionHUD.TARGET_DIRECTORY + "/" + fileName));
                     // Currently only javascript files are returned
@@ -461,6 +462,7 @@ protected String getFile(HttpMessage msg, String file) {
                 contents = contents.replace("<<ZAP_HUD_WS>>", getWebSocketUrl());
 
                 if (file.equals("serviceworker.js")) {
+                    Stats.incCounter("stats.hud.serviceworker");
                     // Inject the tool filenames
                     StringBuilder sb = new StringBuilder();
                     File toolsDir =
@@ -503,10 +505,9 @@ protected String getFile(HttpMessage msg, String file) {
                                     "<<DEV_MODE>>",
                                     Boolean.toString(
                                             this.extension.getHudParam().isDevelopmentMode()));
-                } else if (file.equals("serviceworker.js")) {
-                    contents = contents.replace("<<ZAP_HUD_WS>>", getWebSocketUrl());
                 } else if (file.equals("management.html")) {
-                    this.extension.telemetryPoint(Telemetry.HUD_START);
+                    // Just record 1 rather than incrementing
+                    Stats.setHighwaterMark("stats.hud.start", 0);
                 } else if (file.equals("management.js")) {
                     contents =
                             contents.replace(

src/main/java/org/zaproxy/zap/extension/hud/HudParam.java

@@ -69,7 +69,6 @@ public class HudParam extends VersionedAbstractParam {
     private static final String PARAM_ENABLE_ON_DOMAIN_MSGS =
             PARAM_BASE_KEY + ".enableOnDomainMsgs";
     private static final String PARAM_UI_OPTION_PREFIX = PARAM_BASE_KEY + ".uiOption.";
-    private static final String PARAM_ENABLE_TELEMETRY = PARAM_BASE_KEY + ".enableTelemetry";
 
     /**
      * The version of the configurations. Used to keep track of configurations changes between
@@ -242,11 +241,6 @@ public boolean isEnableTelemetry() {
         return enableTelemetry;
     }
 
-    public void setEnableTelemetry(boolean enableTelemetry) {
-        this.enableTelemetry = enableTelemetry;
-        getConfig().setProperty(PARAM_ENABLE_TELEMETRY, enableTelemetry);
-    }
-
     @Override
     protected String getConfigVersionKey() {
         return PARAM_BASE_KEY + VERSION_ATTRIBUTE;
@@ -280,8 +274,6 @@ protected void parseImpl() {
         showWelcomeScreen = getBoolean(PARAM_SHOW_WELCOME_SCREEN, true);
         newChangelog = getBoolean(PARAM_NEW_CHANGELOG, false);
         enableOnDomainMsgs = getBoolean(PARAM_ENABLE_ON_DOMAIN_MSGS, true);
-        enableTelemetry =
-                !Constant.isSilent() && getBoolean(PARAM_ENABLE_TELEMETRY, !Constant.isDevMode());
     }
 
     private List<String> convert(List<Object> objs) {

src/main/java/org/zaproxy/zap/extension/hud/OptionsHudPanel.java

@@ -52,7 +52,6 @@ public class OptionsHudPanel extends AbstractParamPanel {
     private JTextField baseDirectory;
     private JCheckBox enabledForDesktop = null;
     private JCheckBox enabledForDaemon = null;
-    private JCheckBox enableTelemetry = null;
     private JCheckBox inScopeOnly = null;
     private JCheckBox enableOnDomainMsgs = null;
     private JCheckBox showWelcomeScreen = null;
@@ -85,7 +84,6 @@ public OptionsHudPanel(ExtensionHUD extension) {
         int i = 0;
         panel.add(getEnabledForDesktop(), LayoutHelper.getGBC(0, ++i, 2, 1.0));
         panel.add(getEnabledForDaemon(), LayoutHelper.getGBC(0, ++i, 2, 1.0));
-        panel.add(getEnableTelemetry(), LayoutHelper.getGBC(0, ++i, 2, 1.0));
         panel.add(getShowWelcomeScreen(), LayoutHelper.getGBC(0, ++i, 2, 1.0));
         panel.add(getInScopeOnly(), LayoutHelper.getGBC(0, ++i, 2, 1.0));
         panel.add(getEnableOnDomainMsgs(), LayoutHelper.getGBC(0, ++i, 2, 1.0));
@@ -126,15 +124,6 @@ private JCheckBox getEnabledForDaemon() {
         return enabledForDaemon;
     }
 
-    private JCheckBox getEnableTelemetry() {
-        if (enableTelemetry == null) {
-            enableTelemetry =
-                    new JCheckBox(
-                            Constant.messages.getString("hud.optionspanel.label.enableTelemetry"));
-        }
-        return enableTelemetry;
-    }
-
     private JCheckBox getInScopeOnly() {
         if (inScopeOnly == null) {
             inScopeOnly =
@@ -214,7 +203,6 @@ public void initParam(Object obj) {
 
         getEnabledForDesktop().setSelected(param.isEnabledForDesktop());
         getEnabledForDaemon().setSelected(param.isEnabledForDaemon());
-        getEnableTelemetry().setSelected(param.isEnableTelemetry());
         getBaseDirectory().setText(param.getBaseDirectory());
         getInScopeOnly().setSelected(param.isInScopeOnly());
         getEnableOnDomainMsgs().setSelected(param.isEnableOnDomainMsgs());
@@ -261,7 +249,6 @@ public void saveParam(Object obj) throws Exception {
 
         param.setEnabledForDesktop(getEnabledForDesktop().isSelected());
         param.setEnabledForDaemon(getEnabledForDaemon().isSelected());
-        param.setEnableTelemetry(getEnableTelemetry().isSelected());
         param.setBaseDirectory(getBaseDirectory().getText());
         param.setInScopeOnly(getInScopeOnly().isSelected());
         param.setEnableOnDomainMsgs(getEnableOnDomainMsgs().isSelected());

src/main/java/org/zaproxy/zap/extension/hud/tutorial/TutorialPage.java

@@ -21,13 +21,15 @@
 
 import java.security.SecureRandom;
 import java.util.HashMap;
+import java.util.Locale;
 import java.util.Map;
 import java.util.UUID;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.parosproxy.paros.Constant;
 import org.parosproxy.paros.network.HttpMessage;
 import org.zaproxy.zap.extension.hud.tutorial.pages.IndexPage;
+import org.zaproxy.zap.utils.Stats;
 
 public abstract class TutorialPage {
 
@@ -120,6 +122,8 @@ public void resetTask() {
     }
 
     public String getHtml() {
+        // Just record the user got to this page, not the number of times they displayed it
+        Stats.setHighwaterMark("stats.hud.tutorial." + this.getName().toLowerCase(Locale.ROOT), 0);
         String html = tutorialProxyServer.getLocallizedTextFile(this.getName() + ".html");
         if (html != null) {
             if (!this.tutorialProxyServer.isSkipTutorialTasks()

src/main/java/org/zaproxy/zap/extension/hud/tutorial/TutorialProxyServer.java

@@ -36,7 +36,6 @@
 import org.zaproxy.addon.network.server.Server;
 import org.zaproxy.zap.extension.api.API;
 import org.zaproxy.zap.extension.hud.ExtensionHUD;
-import org.zaproxy.zap.extension.hud.ExtensionHUD.Telemetry;
 import org.zaproxy.zap.extension.hud.HudParam;
 import org.zaproxy.zap.extension.hud.tutorial.pages.ActiveScanPage;
 import org.zaproxy.zap.extension.hud.tutorial.pages.AjaxSpiderPage;
@@ -349,8 +348,4 @@ public void resetTasks() {
             page.resetTask();
         }
     }
-
-    public void telemetryPoint(Telemetry telemetry) {
-        this.extension.telemetryPoint(telemetry);
-    }
 }

src/main/java/org/zaproxy/zap/extension/hud/tutorial/pages/CompletePage.java

@@ -19,7 +19,6 @@
  */
 package org.zaproxy.zap.extension.hud.tutorial.pages;
 
-import org.zaproxy.zap.extension.hud.ExtensionHUD.Telemetry;
 import org.zaproxy.zap.extension.hud.tutorial.TutorialPage;
 import org.zaproxy.zap.extension.hud.tutorial.TutorialProxyServer;
 
@@ -39,10 +38,4 @@ public CompletePage(TutorialProxyServer tutorialProxyServer, TutorialPage prev)
     public String getName() {
         return NAME;
     }
-
-    @Override
-    public String getHtml() {
-        this.getTutorialProxyServer().telemetryPoint(Telemetry.TUTORIAL_END);
-        return super.getHtml();
-    }
 }

src/main/java/org/zaproxy/zap/extension/hud/tutorial/pages/IntroPage.java

@@ -19,7 +19,6 @@
  */
 package org.zaproxy.zap.extension.hud.tutorial.pages;
 
-import org.zaproxy.zap.extension.hud.ExtensionHUD.Telemetry;
 import org.zaproxy.zap.extension.hud.tutorial.TutorialPage;
 import org.zaproxy.zap.extension.hud.tutorial.TutorialProxyServer;
 
@@ -35,10 +34,4 @@ public IntroPage(TutorialProxyServer tutorialProxyServer) {
     public String getName() {
         return NAME;
     }
-
-    @Override
-    public String getHtml() {
-        this.getTutorialProxyServer().telemetryPoint(Telemetry.TUTORIAL_START);
-        return super.getHtml();
-    }
 }

src/main/javahelp/org/zaproxy/zap/extension/hud/resources/help/contents/options.html

@@ -17,19 +17,6 @@ <h2>Enable when using ZAP in daemon mode</h2>
 	This defaults to false as many people use ZAP for automation, injecting the HUD would not help and could cause
 	existing tests to break.
 
-	<h2>Enable anonymous telemetry</h2>
-
-	When set will send pings to a bit.ly URL when:
-	<UL>
-	<LI>The HUD is used
-	<LI>The HUD tutorial first page is visited
-	<LI>The HUD tutorial last page is visited
-	</UL>
-	Each ping is sent at most once per ZAP run and the only information available to the ZAP team is the number
-	of pings made and the countries they have come from.<br>
-	We get very little feedback and so information like this really helps us understand how ZAP is being used.
-	We have limited time to spend and so want to focus on features that people are actually using.
-
 	<h2>Show the HUD welcome screen when a browser is opened</h2>
 
 	When set the HUD Welcome screen, which includes a link to the tutorial, will be shown whenever a browser that is proxying through ZAP is opened.

src/main/resources/org/zaproxy/zap/extension/hud/resources/Messages.properties

@@ -35,7 +35,6 @@ hud.optionspanel.button.baseDirectory = Change
 hud.optionspanel.label.baseDirectory = Base Directory:
 hud.optionspanel.label.enabledForDesktop = Enable when using the ZAP Desktop
 hud.optionspanel.label.enabledForDaemon = Enable when using ZAP in daemon mode
-hud.optionspanel.label.enableTelemetry = Enable anonymous telemetry
 hud.optionspanel.label.enableOnDomainMsgs = Enable on-domain messages
 hud.optionspanel.label.inScopeOnly = Enable the HUD only for URLs that are in scope
 hud.optionspanel.label.showWelcomeScreen = Show the HUD welcome screen when a browser is opened