[BDE-141] Remove Google analytics from base code - Nuxeo Issue Tracker

XML

Word

Printable

Details

Type: Improvement
Status: Resolved
Priority: Critical
Resolution: Fixed
Affects Version/s: 2.1.1
Fix Version/s: 2.2.0
Component/s: Firefox

Release Notes Summary:
Remove Google analytics
Tags:
- nxftest
Sprint:
FTEST - W16
Epic Link:
Mozilla Review

Description

As per Mozilla's request:

3) Google Analytics as Remote Script / CSP
Using a remote script for Google Analytics is not allowed. We don't allow add-ons to use remote scripts because they can create serious security vulnerabilities. Please see https://blog.mozilla.org/addons/2016/05/31/using-google-analytics-in-extensions/ for an approved method and remove Google Analytics from the CSP declaration.

scripts/popup.js line 31, 32, 33

5) We don't allow add-ons to use remote scripts because they can create serious security vulnerabilities. We also need to review all add-on code, and this makes it much more difficult. Please insert those scripts locally from your add-on code. If you are using a custom Content Security Policy that allows remote script execution, please adapt it accordingly.

scripts/popup.js line 31, 32, 33

Attachments

Issue Links

is related to

BDE-142 Update Privacy Policy

Resolved

Activity

People

Assignee:

Karin Touchie

Reporter:

Karin Touchie

Participants:

Jenkins, Karin Touchie

Votes:

0 Vote for this issue

Watchers:

2 Start watching this issue

Dates

Created:

2018-05-07 11:51

Updated:

2018-05-31 11:46

Resolved:

2018-05-14 13:01

Time Tracking

Estimated:

Remaining:

Logged:

10m