wp-stats serves http tracking gif when page is https (regression)

  • Author
  • #536425


    Looks like for the past day or so the wp-stats plugin now injects a quantserve tracking gif.

    Besides for the obvious privacy implications (I bet most wordpress.org blog owners don’t know quantserve is being served to their visitors), this has implications for SSL users.

    Pages using SSL are now broken since the wp-stats JS doesn’t check to see what protocol is being used. http is always used for quantcast (quantcast does support SSL).

    document.write(unescape("%3Cscript src='http://edge.quantserve.com/quant.js...

    should be something like:
    document.write(unescape("%3Cscript src=') + document.location.protocol+unescape("//edge.quantserve.com/quant.js...

    The blog I need help with is robert.accettura.com.



    The blog you specified at robert.accettura.com does not appear to be hosted at WordPress.com.

    This support forum is for blogs hosted at WordPress.com. If your question is about a self-hosted WordPress blog then you’ll find help at the WordPress.org forums.

    If you don’t understand the difference between WordPress.com and WordPress.org, you may find this information helpful.

    If you forgot to include a link to your blog, you can reply and include it below. It’ll help people to answer your question.

    This is an automated message.

The topic ‘wp-stats serves http tracking gif when page is https (regression)’ is closed to new replies.