All geek questions in one place

How does Google Analytics restrict domains?

My understanding of cross-domain restrictions is that you cannot check which domain loads your content using javascript or iframes. How does Google know what incoming data comes from users accessing the real domain? If someone uses my GA embed code on another site, how does Google know the difference?

+4
source share
3 answers

In its default behavior, Google Analytics does not differentiate or validate the data source.

If someone maliciously posted your GA account identifier on your site, you will receive your data, which will be sent back to your account, as if you posted it on your site yourself.

However, by default, ga.js will add the host name from location.hostname to the tracking data and provide it as a dimension. Thus, any traffic sent from foreign host names can be monitored, managed and segmented.

If this becomes a problem, you can configure the Google Analytics filter to exclude traffic from certain malicious domains or to include traffic in your specific domains.

This is a very rare problem that occurs for people.

+9
source

JavaScript JavaScript (and any other JS that you embed on your page) has access to the location object, which contains the full URL, domain, etc.

+3
source

Cross-domain tracking is required at any time when you want to track GA for one session in several domains that you control. If you are not using it or configured it incorrectly, you will have meaningless data, and there will also be a shortage of tasks for their conversion. Google Analytics uses third-party cookies attached to the visitors browser.

These cookies contain data about the last time a visitor visited the site, what page he was on, and a lot of other data. When a user clicks between pages or returns later, ga.js javascript searches for the existence of this first cookie. If he does not find a cookie, then he considers the visitor as a new visitor (who has NEVER been on your site). Primary cookies are great, but for security reasons they do not pass between domains. The first cookie is directly linked to the domain that set it and will not be accessible to anyone else.

If you want to receive data from a specific domain, you can create a filter host name, insertion type. That is, only receiving data exclusively for this domain

Using the old version of Google Analytics, by clicking on visitors > Network Settings > Hostname , you can see information about the domains that send you the data.

+1
source

Source: https://habr.com/ru/post/1391517/

More articles:


All Articles