Don't load http tracker on an https page?

Forum Moderators: phranque

Message Too Old, No Replies

Don't load http tracker on an https page?

Tonearm

6:47 pm on Feb 28, 2012 (gmt 0)

I've just set up Piwik on my server and I see that the Javascript snippet loads a PHP tracker via http in a noscript block in case the client doesn't execute Javascript. Should that tracker be requested via https if the main page request is via https in order to avoid browser warnings?

I also wonder if loading the tracker is slowing my site down at all. I'm wary of loading trackers which call out to other websites because of the possible slowdown, but if my website is www.example.com and the tracker is www.example.com/tracker.php, there shouldn't be the same potential for slowdown, right?

Tonearm

9:50 pm on Feb 28, 2012 (gmt 0)

How about changing the noscript link to be relative instead of absolute so it's served via http or https depending on how the page is served? Would that work?

Tonearm

3:24 pm on Feb 29, 2012 (gmt 0)

Does this even matter? Don't some browsers display a warning if an https page loads http content?

enigma1

10:44 am on Mar 1, 2012 (gmt 0)

Yes if your are on a secure page then side resources should be loaded with the secure protocol.

With PHP you can detect the secure port for instance getenv('SERVER_PORT') == '443' and include the http or https accordingly.
With js could check the window.location.protocol if it's https

For loading times depends what the tracker does. You can use client side triggering so js can do an ajax request to track something which can happen after the whole page is loaded. Or you can use the server script when the request is made and then customize the piwik to process it that way directly from your php. But by default the piwik triggers with client scripts.

Tonearm

5:57 pm on Mar 1, 2012 (gmt 0)

Yes if your are on a secure page then side resources should be loaded with the secure protocol.

Should relative links do the trick?

You can use client side triggering so js can do an ajax request to track something which can happen after the whole page is loaded. Or you can use the server script when the request is made and then customize the piwik to process it that way directly from your php.

I've read that the Piwik client script provides more information than the server-side APIs.

enigma1

6:41 pm on Mar 1, 2012 (gmt 0)

yes relative paths work alright.

For the piwik with js its easier but you feed data for clients with js enabled. With the server side you can feed it with all the requests including bots and since its open source unlike ga you can customize it and get better info.

Tonearm

11:21 pm on Mar 1, 2012 (gmt 0)

Thanks enigma1. In addition to being easier to implement, I've read in the Piwik forums that the Javascript snippet provides more data than the server-side APIs. As you pointed out, it does require that the client executes Javascript.

Alex_TJ

6:38 pm on Mar 10, 2012 (gmt 0)

Might be worth flagging up as a bug or feature request over on the Piwik site. I hadn't noticed this before on my install.

Tonearm

4:51 pm on Mar 12, 2012 (gmt 0)

Might be worth flagging up as a bug or feature request over on the Piwik site. I hadn't noticed this before on my install.

Well, their Javascript snippet uses absolute paths in case the user wants to install Piwik on a different system than the one running the website. I do think they should provide two versions of the snippet, one with absolute paths and one with relative, but they would probably reject that idea for simplicity reasons.