Google analytics integrated in to Chrome
Was checking my network request log to see if any new tracking is getting past ublock extension, was surprised to see google analytics is loaded without a network request and ublock can't block it. I had to right click on the request and block it using chrome's internal blocker.
Have I been living under a rock or is this something new?
I use Firefox for all personal stuff, and Chrome for random browsing.
General Request URL: https://www.google-analytics.com/analytics.js Request Method: GET Status Code: 307 Internal Redirect Referrer Policy: no-referrer-when-downgrade
Response Headers Location: chrome-extension://cjpalhdlnbpafiamejdnhcphjbkeiagm/web_accessible_resources/59fb24a2d12455d15bea20980e8a6801.javascript?secret=lef6ooqidsb6 Non-Authoritative-Reason: Delegate Provisional headers are shown
Request Headers Referer: https://www.engadget.com/ User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.162 Safari/537.36
6 comments
[ 2.8 ms ] story [ 31.0 ms ] threadSee here: https://github.com/uBlockOrigin/uAssets/blob/415820d7561a5cb...
chrome-extension://cjpalhdlnbpafiamejdnhcphjbkeiagm/web_accessible_resources/59fb24a2d12455d15bea20980e8a6801.javascript?secret=lef6ooqidsb6
That is uBlock Origin intercepting the request and responding with a no-op version of analytics.jsLooks like it's loading Google Analytics from an extension you have installed.
If you lookup the ID cjpalhdlnbpafiamejdnhcphjbkeiagm in the Chrome web store, you'll see that that's the ID for uBlock Origin.
https://chrome.google.com/webstore/detail/ublock-origin/cjpa...
If you download the CRX file, extract it, and check the file ./web_accessible_resources/59fb24a2d12455d15bea20980e8a6801.javascript (the one being loaded) you'll see that it's just a stub; probably designed as a substitute for Google Analytics that doesn't actually send any analytics data but still defines a few necessary functions to avoid breaking sites which rely on them.
Often web pages break because they were created as if network requests to google-analytics.com can never fail, and using a neutered script to expose a dummy API prevents such breakage most of the time.
End result: no need to whitelist google-analytics.com to un-break a page.