wp-stats serves http tracking gif when page is https (regression)

  • Author
    Posts
  • #536425

    raccettura
    Member

    Looks like for the past day or so the wp-stats plugin now injects a quantserve tracking gif.

    Besides for the obvious privacy implications (I bet most wordpress.org blog owners don’t know quantserve is being served to their visitors), this has implications for SSL users.

    Pages using SSL are now broken since the wp-stats JS doesn’t check to see what protocol is being used. http is always used for quantcast (quantcast does support SSL).

    This:
    document.write(unescape("%3Cscript src='http://edge.quantserve.com/quant.js...

    should be something like:
    document.write(unescape("%3Cscript src=') + document.location.protocol+unescape("//edge.quantserve.com/quant.js...

    The blog I need help with is robert.accettura.com.

    #536531

    supportbot
    Member

    The blog you specified at robert.accettura.com does not appear to be hosted at WordPress.com.

    This support forum is for blogs hosted at WordPress.com. If your question is about a self-hosted WordPress blog then you’ll find help at the WordPress.org forums.

    If you don’t understand the difference between WordPress.com and WordPress.org, you may find this information helpful.

    If you forgot to include a link to your blog, you can reply and include it below. It’ll help people to answer your question.

    This is an automated message.

The topic ‘wp-stats serves http tracking gif when page is https (regression)’ is closed to new replies.