New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug 1379607 - Reimplement Google Analytics on bugzilla.mozilla.org #265
Conversation
Could you say more about this part: "Anonymize IP address, rather than respecting Do Not Track" ? |
Anonymizing IP address is a feature of GA itself. GA will still track visitors but it doesn't record their real IP address. I believe that site analytics using 1st party cookies is not subject to Do Not Track, and the previous implementation didn't respect DNT actually. But hmm, Mozilla's Website Privacy Notice says GA needs to be disabled when DNT is used:
Then I'll update the pull request to get it covered. |
extensions/BMO/template/en/default/hook/global/header-additional_header.html.tmpl
Outdated
Show resolved
Hide resolved
Okay, so I've eventually made a separate extension with a new admin panel, making the tracking ID configurable. |
extensions/GoogleAnalytics/template/en/default/hook/global/header-additional_header.html.tmpl
Outdated
Show resolved
Hide resolved
extensions/GoogleAnalytics/template/en/default/hook/global/header-additional_header.html.tmpl
Outdated
Show resolved
Hide resolved
@kyoshino I haven't seen anything beyond what glob noticed. The test failure is not related (just noise). Do you have time to make those changes or do you need me to step in and do it? |
Getting an error:
|
On which page? I don't see any error on my vagrant box 🤔 |
You might have uBlock Origin enabled, like mozilla-services/screenshots#2790 |
(This is how BMO have done it mozilla-bteam/bmo#265 ) Signed-off-by: Hidde de Vries <hidde@hiddedevries.nl>
Fix Bug 1379607 - Reimplement Google Analytics on bugzilla.mozilla.org
Features
Security
unsafe-inline
especially on the home page, since the modified tracking code doesn't rely on any inline scriptlocation
field instead of thepage
field for page view trackingpage
field is used like the previous implementation, thelocation
field is automatically sent to GA with the actual URL containing params, though you may only see thepage
field on GA reports. So thelocation
field should be used to address the security concernPrivacy