TOSBack Hackathon: How to Make a Rule Contribution
This is a re-posting of a guide by TOSBack developer Jimm Stout
TOSBack is an open-source project that aims to assist users around the world by tracking the changes to Terms of Service (TOS) and other policies on the web, but we need some help to bring it back to life! We are hosting a hackathon at Campus Party Brazil later this week to give the project a healthy revamp. The project uses Rails and we'd love people to contribute code. But if you aren't a Rails developer, you can still contribute by submitting rules and letting us know which policies are important to you. This is a developers' guide for submitting new policies for TOSBack to crawl. If you want to get started as quickly as possible, you can scroll down to the "Putting it all together" section below.
The code is hosted on Github. Here is the most up to date version: https://github.com/JimmStout/tosback2
What you will need
* A browser (Chrome, Firefox, Safari)
* A text editor to like TextEdit/TextMate (Mac), Notepad (Windows), or Emacs (all platforms) to modify the XML files.
* Make sure you have these installed in order to test your rules:
* Git and a Github account.
* Ruby 1.9.3 - the version is important
* The proper gems:
gem install nokogiri mechanize sanitize
Note that you may need to install dependencies before installing these gems.
* (Optional) If you use Firefox, the Firebug extension adds functionality to the browser's developer tools.
Take a look at TOSBack's XML structure
The app scans a set of XML files that define attributes for sites and policies. Then, it uses those attributes to find the policy, look for changes, and store new versions. Here's an example from the current rules:
<docname name="Terms of Service">
<url name="http://500px.com/terms" xpath="//div[@id='terms']" lang="EN">
<url name="http://www.500px.com/privacy" xpath="//div[@id='terms']" lang="EN">
Curious about the content? (The elements and attributes)
* Each site has its own XML file ("500px.com.xml") in the rules directory, and a "sitename" element.
* name: The name attribute shouldn't include "http://" and is just used to organize the policies.
* Nested beneath the "sitename" element should be one or more "docname" elements
* name: Make sure your docname's name is present and doesn't have any strange characters.
* Nested beneath that is the "url" element and its attributes:
* name: Encode your ampersands and use the *full* URL! This is the location that TOSBack's scraper will visit to find the policy and if the site is owned by another company, it may not match the "sitename". "http://fullyQualifiedDomainName.com/includes?request=true&lang=EN"
* xpath: Use single quotes inside the brackets, and check the section below.
* lang: Find the *two character* language code.
Still confused about the XPath?
XPath defines where the policy is nested on the page, and allows us to strip away unrelated content from the policy (ads, related articles, and etc.) In this example, the policy at http://www.500px.com/terms has an XPath of "//div[@id='terms']". Here's a snippet from their source to give you an idea:
Since the policy exists only in elements nested below the div tag with the id of "terms", we can extract it with XPath and ignore the headers, footers, and etc.
Putting it all together
1. Clone the current git repo to your local machine:
git clone https://github.com/JimmStout/tosback2.git
2. Identify the website for which you want to add a rule. Search through the "rules" directory to make sure the website is not already present.
3. Visit the site and find its terms of service and privacy policies. The footer of the site is a great place to find the link, but you may have to really dig!
4. Finding the XPath is a complicated subject, and if you aren't familiar with the syntax, it might be pretty confusing at first. Take a moment on W3Schools and look at the XPath section above.
5. Save your new XML file and add it to your project: git add example.co.uk.xml
6. Switch to the rubycode directory and test your new rule by passing it
as an argument to tosback.rb:
rubycode$ ruby tosback.rb ../rules/500px.com.xml
practices towards handling any personal information that you may provide
Before using any of the 500px services, you are required to
read, understand and agree to these terms.
You may only create an account after reading and accepting these
7. Make sure you run "git pull" often to ensure your code is up to date.
8. Commit often, descriptively, and in the present tense:
git commit -m "Add new rule for example.co.uk"
9. Pull once more and merge if needed, and recommit. Then push to a github repository to which you have access, and submit a pull request to the master repo with your additions.
10. Add some more rules!
If you need some help...
It may seem very difficult if you're just starting out, but if your policy requires a tricky XPath attribute or if you just need help remembering which git command to use next, get on our IRC channel #tosback on irc.oftc.net and we'll be happy to help you!
Recent DeepLinks Posts
Jul 22, 2016
Jul 21, 2016
Jul 21, 2016
Jul 21, 2016
Jul 21, 2016
- Abortion Reporting
- Analog Hole
- Anti-Counterfeiting Trade Agreement
- Bloggers' Rights
- Broadcast Flag
- Broadcasting Treaty
- Cell Tracking
- Coders' Rights Project
- Computer Fraud And Abuse Act Reform
- Content Blocking
- Copyright Trolls
- Council of Europe
- Cyber Security Legislation
- Defend Your Right to Repair!
- Development Agenda
- Digital Books
- Digital Radio
- Digital Video
- DMCA Rulemaking
- Do Not Track
- E-Voting Rights
- EFF Europe
- Electronic Frontier Alliance
- Encrypting the Web
- Export Controls
- Fair Use and Intellectual Property: Defending the Balance
- FAQs for Lodsys Targets
- File Sharing
- Fixing Copyright? The 2013-2016 Copyright Review Process
- Free Speech
- Genetic Information Privacy
- Government Sabotage of Digital Security
- Hollywood v. DVD
- How Patents Hinder Innovation (Graphic)
- International Privacy Standards
- Internet Governance Forum
- Know Your Rights
- Law Enforcement Access
- Legislative Solutions for Patent Reform
- Locational Privacy
- Mandatory Data Retention
- Mandatory National IDs and Biometric Databases
- Mass Surveillance Technologies
- Medical Privacy
- Mobile devices
- National Security and Medical Information
- National Security Letters
- Net Neutrality
- No Downtime for Free Speech
- NSA Spying
- Offline : Imprisoned Bloggers and Technologists
- Online Behavioral Tracking
- Open Access
- Open Wireless
- Patent Busting Project
- Patent Trolls
- PATRIOT Act
- Pen Trap
- Policy Analysis
- Public Health Reporting and Hospital Discharge Data
- Reading Accessibility
- Real ID
- Search Engines
- Search Incident to Arrest
- Section 230 of the Communications Decency Act
- Social Networks
- SOPA/PIPA: Internet Blacklist Legislation
- State-Sponsored Malware
- Student Privacy
- Stupid Patent of the Month
- Surveillance and Human Rights
- Surveillance Drones
- Terms Of (Ab)Use
- Test Your ISP
- The "Six Strikes" Copyright Surveillance Machine
- The Global Network Initiative
- The Law and Medical Privacy
- TPP's Copyright Trap
- Trade Agreements and Digital Rights
- Trans-Pacific Partnership Agreement
- Travel Screening
- Trusted Computing
- UK Investigatory Powers Bill
- Video Games