1. IT-Security >
  2. Cyber Security Nachrichten >
  3. GoDaddy is Injecting Site-Breaking JavaScript Into Customer Websites


GoDaddy is Injecting Site-Breaking JavaScript Into Customer Websites

IT Security Nachrichten vom 14.01.2019 um 19:25 Uhr | Quelle tech.slashdot.org
Web hosting service GoDaddy is injecting JavaScript into customer websites that could impact the overall performance of the website or even render it inoperable, according to Australian programmer Igor Kromin. From a report: GoDaddy's analytics system is based on W3C Navigation Timing, but the company's practice of unilaterally opting in paying customers to an analytics service -- tracking the visitors to websites hosted on GoDaddy services -- without forewarning is deserving of criticism. GoDaddy claims the technology, which it calls "Real User Metrics" (RUM), "[allows] us to identify internal bottlenecks and optimization opportunities by inserting a small snippet of javascript code into customer websites," that will "measure and track the performance of your website, and collects information such as connection time and page load time," adding that the script does not collect user information. The script name "Real User Metrics" is somewhat at odds with that claim; likewise, GoDaddy provides no definition of "user information." GoDaddy claims "most customers won't experience issues when opted-in to RUM, but the JavaScript used may cause issues including slower site performance, or a broken/inoperable website," particularly for users of Accelerated Mobile Pages (AMP), and websites with pages containing multiple ending tags.

Read more of this story at Slashdot.


Komplette Webseite öffnen


Kommentiere zu GoDaddy is Injecting Site-Breaking JavaScript Into Customer Websites