How to, among others, block google analytics java script urchin.js from revealing your site usage

Google Analytics is a fairly new service from google for site administrators/webdevelopers to monitor their site usage easily and free of charge. This is done by appanding a script tag in your html file (or so your site script’s add it to the code they produce) right before the end of the </body> (the UA-something is your individual Google Analytics user agent id so I x’ed it out not to vilify the source):

<script src="http://www.google-analytics.com/urchin.js"; type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-xxxxxxxx-1";
urchinTracker();
</script>

However some might not want to reveal such information (or data in the first place). You can direct your browser via a locally installed instance of privoxy and set a roule in user.action saying:

{ +block +handle-as-empty-document }
.google-analytics.com/urchin.js

Daniel even suggests to filter it out in the first place so to not even load the html code needed to get the script of googles’ site:

FILTER: google-analytics Remove Google Analytics JS.
s|<script\s&#91;^>]*?google-analytics.com/urchin.js[^>]*>.*?</script>||gis
s|\burchinTracker\(\);||gis

This would go into the file default.filter.In privoxy’s version 3.0.5-beta-1 this issue is supposed to be included, anyway. But unfortunatelly it seamed not to work for me. At leased the html source code still includes the relevant script section. Maybe privoxy filters out the communication. But on the other hand privoxy doesn’t normally know about communication done via java (and java script also?). I’m uncertain here and would love clarification from readers. If you run privoxy you’ll get more information on your instance by calling config.privoxy.org (which really is filtered out by your local proxy and run locally, since you most likely will have opted to enable bypassing proxy Google Analytics script remotely calledon local traffic in your browser this is somewhat consequent). I’m new to privoxy but this looks like the script should be blocked. But why is it still there? So I tested it and found bypassing the proxy when calling the remote script directly you get the script’s source code displayed — nothing special so far. But when I turned on proxy settings in my browser with only the above user.action lines I only get a blank page. So I guess it means it will only block the content of the script not occurrences in <script>-tags. But the important thing here is the script never makes it into my local memory so it can’t be executed.
Ressources:

4 Comments

  1. anon said,

    Sunday, 4th Sep 2011 at 11:16

    You don’t happen to have some regexp suitable for Privoxy to re-write gravatar image URLs to take out the tracking? I’ve been trying, but my regexp’ing sucks, and I’m not familiar enough with the details of blogs to know exactly what to replace!

  2. Saturday, 18th Jun 2011 at 13:23

    One important thing is that when you find yourself searching for a education loan you may find that you’ll need a co-signer. There are many conditions where this is true because you could find that you do not possess a past history of credit so the loan provider will require that you’ve got someone cosign the financing for you. Thanks for your post.

  3. terry chay said,

    Thursday, 25th Dec 2008 at 00:42

    I think for this to work you have to turn it on in user.action

    { +filter{google-analytics} }
    /

    (the trailing / applies filter to all urls)


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: