Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Disable ActiveX browser plugins in Internet Explorer #852

Closed
anonymous-piwik-user opened this Issue · 4 comments

2 participants

Anonymous Piwik user Anthon Pang
Anonymous Piwik user

Hi there,

One of my visitors called and told me, that he is getting strange messages, when browsing my website. I couldn't make heads or tails of it, so i took a look at it myself.

It seems that the Real-Player triggers the Windows Vista UAC-message. I was not yet able to reproduce the error on my own machine, but it started exactly the moment we started using Piwik.

Disabling the Check for real player would be a fix for me, as I do not really care for this particular plugin.

This is a major annoyance, since he gets the window on every single page-view. I'd give it a priority "major", but then again, who has real player installed and uses vista and IE at the same time ;-)

Anthon Pang
Collaborator

Piwik isn't trying to exploit a plugin vulnerability, but unexplained/unexpected security alerts and/or launching of apps can spook visitors. This is undesirable even if impacts a small number of users.

The proposal is to disable ActiveX plugin detection on Internet Explorer. Maybe one day, Microsoft will populate window.navigator.mimeTypes[(or navigator.plugins) instead of leaving these properties empty.

Anthon Pang
Collaborator

An alternate proposal would be to disable ActiveX plugin detection by default, and provide a method to enable it.

Anthon Pang
Collaborator

Note: GA has a _setDetectFlash(bool) method.

Anthon Pang
Collaborator

(In [1312]) fixes #852 - disabled ActiveX plugin detection in IE

Anonymous Piwik user anonymous-piwik-user added this to the Piwik 0.4.2 milestone
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.